{"id":326,"name":"zx","ecosystem":"npm","repository_url":"https://github.com/google/zx","issues_count":778,"created_at":"2025-06-06T15:01:33.774Z","updated_at":"2025-06-06T15:01:33.774Z","purl":"pkg:npm/zx","metadata":{"id":2626829,"name":"zx","ecosystem":"npm","description":"A tool for writing better scripts","homepage":"https://google.github.io/zx/","licenses":"Apache-2.0","normalized_licenses":["Apache-2.0"],"repository_url":"https://github.com/google/zx","keywords_array":["shell","script","bash","bin","binary","child","process","exec","execute","invoke","call","spawn"],"namespace":null,"versions_count":218,"first_release_published_at":"2015-08-30T22:25:40.800Z","latest_release_published_at":"2025-06-04T09:13:45.181Z","latest_release_number":"8.5.5","last_synced_at":"2025-06-06T00:05:32.381Z","created_at":"2022-04-10T04:28:11.278Z","updated_at":"2025-06-06T00:27:07.947Z","registry_url":"https://www.npmjs.com/package/zx","install_command":"npm install zx","documentation_url":null,"metadata":{"funding":null,"dist-tags":{"dev":"8.5.3-lite-dev.bb36df5-lite","lite":"8.5.5-lite","latest":"8.5.5"}},"repo_metadata":{"id":37025867,"uuid":"364474335","full_name":"google/zx","owner":"google","description":"A tool for writing better scripts","archived":false,"fork":false,"pushed_at":"2025-06-04T11:03:00.000Z","size":3242,"stargazers_count":44198,"open_issues_count":14,"forks_count":1137,"subscribers_count":159,"default_branch":"main","last_synced_at":"2025-06-05T00:52:42.929Z","etag":null,"topics":["bash","cli","javascript","nodejs","shell"],"latest_commit_sha":null,"homepage":"https://google.github.io/zx/","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/google.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"antonmedv"}},"created_at":"2021-05-05T05:50:01.000Z","updated_at":"2025-06-04T23:38:13.000Z","dependencies_parsed_at":"2024-01-13T15:36:38.856Z","dependency_job_id":"444854d2-7edf-44df-a1f6-9fcd53485d6d","html_url":"https://github.com/google/zx","commit_stats":{"total_commits":655,"total_committers":54,"mean_commits":12.12962962962963,"dds":"0.43053435114503813","last_synced_commit":"0705aa1d1651c3b84a014fb7f64d08fe7a6ae0ee"},"previous_names":[],"tags_count":90,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/google","download_url":"https://codeload.github.com/google/zx/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":258316157,"owners_count":22682071,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"google","name":"Google","uuid":"1342004","kind":"organization","description":"Google ❤️ Open Source","email":"opensource@google.com","website":"https://opensource.google/","location":"United States of America","twitter":"GoogleOSS","company":null,"icon_url":"https://avatars.githubusercontent.com/u/1342004?v=4","repositories_count":2754,"last_synced_at":"2025-04-19T22:26:37.811Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/google","funding_links":[],"total_stars":1930002,"followers":53188,"following":0,"created_at":"2022-11-02T16:20:58.973Z","updated_at":"2025-04-19T22:26:37.812Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/google","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/google/repositories"},"tags":[{"name":"8.5.4","sha":"b6dc220339d05320456dddb0b71b77f774ed4ffd","kind":"commit","published_at":"2025-05-06T18:42:10.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.5.4","html_url":"https://github.com/google/zx/releases/tag/8.5.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.5.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.5.4/manifests"},{"name":"8.5.3","sha":"ba7139f552a861133847e2e96c53281e365b3914","kind":"commit","published_at":"2025-04-16T08:12:03.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.5.3","html_url":"https://github.com/google/zx/releases/tag/8.5.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.5.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.5.3/manifests"},{"name":"8.5.2","sha":"52f5c729f88761e2e66c7b89c6474739efbd6af3","kind":"commit","published_at":"2025-04-09T07:51:25.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.5.2","html_url":"https://github.com/google/zx/releases/tag/8.5.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.5.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.5.2/manifests"},{"name":"8.5.0","sha":"9511ba3291b47392de5383a14a38cade0e6651ec","kind":"commit","published_at":"2025-04-01T08:03:03.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.5.0","html_url":"https://github.com/google/zx/releases/tag/8.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.5.0/manifests"},{"name":"8.4.1","sha":"cb6f205d24bf4dd4bb17bee8386f1c7faf5e7bd8","kind":"commit","published_at":"2025-03-12T09:21:55.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.4.1","html_url":"https://github.com/google/zx/releases/tag/8.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.4.1/manifests"},{"name":"8.4.0","sha":"3efc9eb23e2cdbff6a20950c0296c54b2e2e8ab9","kind":"commit","published_at":"2025-03-04T10:02:02.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.4.0","html_url":"https://github.com/google/zx/releases/tag/8.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.4.0/manifests"},{"name":"8.3.2","sha":"5ba714d14ecf0555a74d4db96622840ac19839c5","kind":"commit","published_at":"2025-02-01T10:18:12.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.3.2","html_url":"https://github.com/google/zx/releases/tag/8.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.3.2/manifests"},{"name":"8.3.1","sha":"3419ab655c47419972dff11639659f40e66b73d4","kind":"commit","published_at":"2025-01-29T08:48:32.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.3.1","html_url":"https://github.com/google/zx/releases/tag/8.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.3.1/manifests"},{"name":"8.3.0","sha":"759dcf6f16cc517b5ef3fb41f92374aba5d6f60a","kind":"commit","published_at":"2024-12-24T08:49:07.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.3.0","html_url":"https://github.com/google/zx/releases/tag/8.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.3.0/manifests"},{"name":"8.2.4","sha":"0705aa1d1651c3b84a014fb7f64d08fe7a6ae0ee","kind":"commit","published_at":"2024-11-28T20:31:16.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.2.4","html_url":"https://github.com/google/zx/releases/tag/8.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.2.4/manifests"},{"name":"8.2.3","sha":"b15179f8049eabe958a2f5f5cdf57d3399bb3069","kind":"commit","published_at":"2024-11-27T07:42:56.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.2.3","html_url":"https://github.com/google/zx/releases/tag/8.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.2.3/manifests"},{"name":"8.2.2","sha":"3b6c1206f87127baedef8fe200eccbd658830d4a","kind":"commit","published_at":"2024-11-10T22:46:41.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.2.2","html_url":"https://github.com/google/zx/releases/tag/8.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.2.2/manifests"},{"name":"8.2.1","sha":"880c4f4c651b3a4fbd3ce58c8cdad5f2890614d8","kind":"commit","published_at":"2024-11-08T13:33:26.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.2.1","html_url":"https://github.com/google/zx/releases/tag/8.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.2.1/manifests"},{"name":"8.2.0","sha":"6eb540f2a044074aee4e32f8c3035728a1db2532","kind":"commit","published_at":"2024-10-31T13:22:44.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.2.0","html_url":"https://github.com/google/zx/releases/tag/8.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.2.0/manifests"},{"name":"8.1.9","sha":"c3061ab1333a3b7b25cc8095489357e332fd4b94","kind":"commit","published_at":"2024-10-06T19:04:05.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.1.9","html_url":"https://github.com/google/zx/releases/tag/8.1.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.9/manifests"},{"name":"8.1.8","sha":"9354a39d7f8af63c9c5903040974d62ded6a64f3","kind":"commit","published_at":"2024-09-19T14:49:10.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.1.8","html_url":"https://github.com/google/zx/releases/tag/8.1.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.8/manifests"},{"name":"8.1.7","sha":"5038ec5e277cc8b61cb8fe92427b4a4e963553b0","kind":"commit","published_at":"2024-09-17T11:54:34.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.1.7","html_url":"https://github.com/google/zx/releases/tag/8.1.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.7/manifests"},{"name":"8.1.6","sha":"ac2567f5aef4375ac441b8236f5e7b1f59f5d5e5","kind":"commit","published_at":"2024-09-11T06:24:36.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.1.6","html_url":"https://github.com/google/zx/releases/tag/8.1.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.6/manifests"},{"name":"8.1.5","sha":"8c3730e0ddbeab79e87ad0e5d3f382078affceec","kind":"commit","published_at":"2024-08-28T13:43:48.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.1.5","html_url":"https://github.com/google/zx/releases/tag/8.1.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.5/manifests"},{"name":"8.1.4","sha":"d7d074d5945b33d85c8e68085839d16b2c55b943","kind":"commit","published_at":"2024-07-04T08:40:40.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.1.4","html_url":"https://github.com/google/zx/releases/tag/8.1.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.4/manifests"},{"name":"8.1.3","sha":"a3b7316ee6bf5bd954573c1a69770652b82d837d","kind":"commit","published_at":"2024-06-19T20:53:13.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.1.3","html_url":"https://github.com/google/zx/releases/tag/8.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.3/manifests"},{"name":"8.1.2","sha":"73f05586c68c7fbcd91541e007a24a7765c38841","kind":"commit","published_at":"2024-05-27T16:29:13.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.1.2","html_url":"https://github.com/google/zx/releases/tag/8.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.2/manifests"},{"name":"8.1.1","sha":"73c829cb3b766bad22097de31054a34417dc0d39","kind":"commit","published_at":"2024-05-23T10:50:29.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.1.1","html_url":"https://github.com/google/zx/releases/tag/8.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.1/manifests"},{"name":"8.1.0","sha":"3d24076d8f25dcbd6805a01304ed03c57e81d545","kind":"commit","published_at":"2024-05-13T21:00:05.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.1.0","html_url":"https://github.com/google/zx/releases/tag/8.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.1.0/manifests"},{"name":"8.0.2","sha":"5fd3d8a8f126565248f16cc810a889a95bdd88d9","kind":"commit","published_at":"2024-04-18T15:26:16.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.0.2","html_url":"https://github.com/google/zx/releases/tag/8.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.0.2/manifests"},{"name":"8.0.1","sha":"00d1b74ec9f4d4c14d7600e59017826e3eb12313","kind":"commit","published_at":"2024-04-08T06:37:20.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.0.1","html_url":"https://github.com/google/zx/releases/tag/8.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.0.1/manifests"},{"name":"8.0.0","sha":"7fa9bfc93c29436a250a28ed102f62e34fb95423","kind":"commit","published_at":"2024-04-05T23:26:13.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/8.0.0","html_url":"https://github.com/google/zx/releases/tag/8.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/8.0.0/manifests"},{"name":"7.2.3","sha":"483cc88041feed8df4224860fdca1f76753eebf8","kind":"commit","published_at":"2023-07-06T10:18:51.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/7.2.3","html_url":"https://github.com/google/zx/releases/tag/7.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.2.3/manifests"},{"name":"7.2.2","sha":"d1cd1aa02e3fab7ca4f048d9571b77b6ce25d559","kind":"commit","published_at":"2023-05-01T15:29:53.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/7.2.2","html_url":"https://github.com/google/zx/releases/tag/7.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.2.2/manifests"},{"name":"7.2.1","sha":"74409aff50147a165fa005fc73cb75d87c2a8c0e","kind":"commit","published_at":"2023-03-17T08:44:55.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/7.2.1","html_url":"https://github.com/google/zx/releases/tag/7.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.2.1/manifests"},{"name":"7.2.0","sha":"5bbb6353b1c9e4dce48df7d07c62edf8dfb206b2","kind":"commit","published_at":"2023-02-27T13:27:53.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/7.2.0","html_url":"https://github.com/google/zx/releases/tag/7.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.2.0/manifests"},{"name":"7.1.1","sha":"79222d7ee227534509e6158e5dd58cb3d1f1e1fa","kind":"commit","published_at":"2022-10-07T20:24:53.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/7.1.1","html_url":"https://github.com/google/zx/releases/tag/7.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.1.1/manifests"},{"name":"7.1.0","sha":"691e6cb01cae7c046bad2fdf5535c2a9ba6e87f3","kind":"commit","published_at":"2022-10-05T19:38:03.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/7.1.0","html_url":"https://github.com/google/zx/releases/tag/7.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.1.0/manifests"},{"name":"7.0.8","sha":"53fd6dbf521ad0a41c1e7b1ae20f06bfa48a3697","kind":"commit","published_at":"2022-08-01T20:35:14.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/7.0.8","html_url":"https://github.com/google/zx/releases/tag/7.0.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.0.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.0.8/manifests"},{"name":"7.0.7","sha":"c73ccb468cfd2340fb296e17a543eb2399b449ec","kind":"commit","published_at":"2022-07-02T21:13:35.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/7.0.7","html_url":"https://github.com/google/zx/releases/tag/7.0.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.0.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.0.7/manifests"},{"name":"7.0.6","sha":"68c7a0efc6df2b40a1ad3296b6cdf40bff75b9a8","kind":"commit","published_at":"2022-07-01T19:56:47.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/7.0.6","html_url":"https://github.com/google/zx/releases/tag/7.0.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.0.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.0.6/manifests"},{"name":"7.0.5","sha":"8e81938a0da46eceaf60ad792a0be018e64827b9","kind":"commit","published_at":"2022-06-30T18:39:48.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/7.0.5","html_url":"https://github.com/google/zx/releases/tag/7.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.0.5/manifests"},{"name":"7.0.4","sha":"e6bed573d20666fe3d90e12035cfbd2c381389b3","kind":"commit","published_at":"2022-06-29T20:56:05.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/7.0.4","html_url":"https://github.com/google/zx/releases/tag/7.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.0.4/manifests"},{"name":"7.0.3","sha":"a0c9ed76119e7c99005233b261a78d29cfc99d36","kind":"commit","published_at":"2022-06-27T22:06:53.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/7.0.3","html_url":"https://github.com/google/zx/releases/tag/7.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.0.3/manifests"},{"name":"7.0.2","sha":"42b7ab0e392681cd3860b51c0c7d0cc8f81319d1","kind":"commit","published_at":"2022-06-22T19:31:57.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/7.0.2","html_url":"https://github.com/google/zx/releases/tag/7.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.0.2/manifests"},{"name":"7.0.1","sha":"cc9be7f09486d2dde8c8796ef6c03865b0224a7b","kind":"commit","published_at":"2022-06-20T23:23:01.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/7.0.1","html_url":"https://github.com/google/zx/releases/tag/7.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.0.1/manifests"},{"name":"7.0.0","sha":"295be2a85b1ee1455df468ab177560e308c8c1ae","kind":"commit","published_at":"2022-06-14T16:17:35.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/7.0.0","html_url":"https://github.com/google/zx/releases/tag/7.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/7.0.0/manifests"},{"name":"6.2.5","sha":"0964e8642c7aa22fb50e4f1ccec393ed7113defa","kind":"commit","published_at":"2022-06-13T14:57:49.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/6.2.5","html_url":"https://github.com/google/zx/releases/tag/6.2.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.2.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.2.5/manifests"},{"name":"6.2.4","sha":"c488737dbbb19a1a0a172224f5b5dbe1fd8f7273","kind":"commit","published_at":"2022-06-08T12:57:16.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/6.2.4","html_url":"https://github.com/google/zx/releases/tag/6.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.2.4/manifests"},{"name":"6.2.3","sha":"3b6f856474ad0a74f1ec52645581bc6ccf595db2","kind":"commit","published_at":"2022-06-05T09:24:35.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/6.2.3","html_url":"https://github.com/google/zx/releases/tag/6.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.2.3/manifests"},{"name":"6.2.2","sha":"3a66988f44fafd6b0038227200d16cae3d6d7bdf","kind":"commit","published_at":"2022-06-04T08:21:37.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/6.2.2","html_url":"https://github.com/google/zx/releases/tag/6.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.2.2/manifests"},{"name":"6.2.1","sha":"38e95cfa309a928997669e719ddc5ddaa6dc02eb","kind":"commit","published_at":"2022-06-03T05:40:06.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/6.2.1","html_url":"https://github.com/google/zx/releases/tag/6.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.2.1/manifests"},{"name":"6.2.0","sha":"50e5f7072cd220b715d322792d5e8283ed5dbc98","kind":"commit","published_at":"2022-06-01T21:23:00.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/6.2.0","html_url":"https://github.com/google/zx/releases/tag/6.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.2.0/manifests"},{"name":"6.1.0","sha":"eceff7944a54ea94a9b8b18556a41a20af1836a0","kind":"commit","published_at":"2022-04-15T11:58:47.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/6.1.0","html_url":"https://github.com/google/zx/releases/tag/6.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.1.0/manifests"},{"name":"6.0.7","sha":"9589f194e65799be2e3c296c94134bb6a25e02d0","kind":"commit","published_at":"2022-03-21T19:50:11.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/6.0.7","html_url":"https://github.com/google/zx/releases/tag/6.0.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.0.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.0.7/manifests"},{"name":"6.0.6","sha":"d7ed8c7a20ffdce3348fb7622c568531cc1c5353","kind":"commit","published_at":"2022-03-18T16:28:21.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/6.0.6","html_url":"https://github.com/google/zx/releases/tag/6.0.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.0.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.0.6/manifests"},{"name":"6.0.5","sha":"f0c4e651303707976aabaca8835e5b00ac29cc3d","kind":"commit","published_at":"2022-03-18T16:22:15.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/6.0.5","html_url":"https://github.com/google/zx/releases/tag/6.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.0.5/manifests"},{"name":"6.0.4","sha":"09509bcf4859d8762efeb2d642f3931fca786bbf","kind":"commit","published_at":"2022-03-18T15:59:28.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/6.0.4","html_url":"https://github.com/google/zx/releases/tag/6.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.0.4/manifests"},{"name":"6.0.3","sha":"20ea6218c8e71b441985d0d6d5e9d21bb40ab33c","kind":"commit","published_at":"2022-03-17T17:53:56.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/6.0.3","html_url":"https://github.com/google/zx/releases/tag/6.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.0.3/manifests"},{"name":"6.0.2","sha":"cf369ce5aa0b6a1f753d519e96429a1241d6e23e","kind":"commit","published_at":"2022-03-17T17:11:59.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/6.0.2","html_url":"https://github.com/google/zx/releases/tag/6.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.0.2/manifests"},{"name":"6.0.1","sha":"ccf73d45a3b2f3a59d72f2a4179fcb78d9a090ea","kind":"commit","published_at":"2022-03-15T22:51:52.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/6.0.1","html_url":"https://github.com/google/zx/releases/tag/6.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.0.1/manifests"},{"name":"6.0.0","sha":"c205dc28cfd84b24bbbd8f3976319bdf3a3dbe40","kind":"commit","published_at":"2022-03-15T21:26:52.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/6.0.0","html_url":"https://github.com/google/zx/releases/tag/6.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/6.0.0/manifests"},{"name":"5.3.0","sha":"023ac68e83ea38d8f72c5c90d01ba81e257fff9c","kind":"commit","published_at":"2022-03-14T20:19:58.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/5.3.0","html_url":"https://github.com/google/zx/releases/tag/5.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/5.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/5.3.0/manifests"},{"name":"5.2.0","sha":"2adfc7eec7fc1582e44b5a697c3834165ff7df43","kind":"commit","published_at":"2022-02-27T14:40:30.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/5.2.0","html_url":"https://github.com/google/zx/releases/tag/5.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/5.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/5.2.0/manifests"},{"name":"5.1.0","sha":"59e9121daa5b5803a3d23a03216e9e525f728c97","kind":"commit","published_at":"2022-02-16T19:27:07.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/5.1.0","html_url":"https://github.com/google/zx/releases/tag/5.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/5.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/5.1.0/manifests"},{"name":"5.0.0","sha":"7977cb5adb9545082b8edb8bfe647dedfcb98b42","kind":"commit","published_at":"2022-02-09T16:36:46.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/5.0.0","html_url":"https://github.com/google/zx/releases/tag/5.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/5.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/5.0.0/manifests"},{"name":"4.3.0","sha":"65476119705164e242998d3cefe327ee18c4a65c","kind":"commit","published_at":"2022-01-16T20:55:33.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/4.3.0","html_url":"https://github.com/google/zx/releases/tag/4.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/4.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/4.3.0/manifests"},{"name":"4.2.0","sha":"80101c87f1ed7869b795b9e7d441abdacab38f33","kind":"commit","published_at":"2021-09-07T21:45:09.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/4.2.0","html_url":"https://github.com/google/zx/releases/tag/4.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/4.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/4.2.0/manifests"},{"name":"4.1.1","sha":"3f7e8fe37b3e400c018fc1d8a88968ba4db1d325","kind":"commit","published_at":"2021-08-31T21:44:12.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/4.1.1","html_url":"https://github.com/google/zx/releases/tag/4.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/4.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/4.1.1/manifests"},{"name":"4.1.0","sha":"db233d52b14307a771f881c3186b589ec4ee0dde","kind":"commit","published_at":"2021-08-31T21:34:42.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/4.1.0","html_url":"https://github.com/google/zx/releases/tag/4.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/4.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/4.1.0/manifests"},{"name":"4.0.0","sha":"f0b6c21a43d3ddeeb434763b6c1f3d487761e439","kind":"commit","published_at":"2021-08-27T21:57:13.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/4.0.0","html_url":"https://github.com/google/zx/releases/tag/4.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/4.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/4.0.0/manifests"},{"name":"3.1.0","sha":"79be5c2555d0d8dc51c7a7ef9933c68c6a8bb90f","kind":"commit","published_at":"2021-08-20T07:32:12.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/3.1.0","html_url":"https://github.com/google/zx/releases/tag/3.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/3.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/3.1.0/manifests"},{"name":"3.0.0","sha":"81637384f5241e79d4f8bd50461ec59cc6b1ec20","kind":"commit","published_at":"2021-08-16T06:31:56.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/3.0.0","html_url":"https://github.com/google/zx/releases/tag/3.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/3.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/3.0.0/manifests"},{"name":"2.1.0","sha":"ef80b844c74525219536071bab0fd5a6d19bb345","kind":"commit","published_at":"2021-08-10T10:53:55.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/2.1.0","html_url":"https://github.com/google/zx/releases/tag/2.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/2.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/2.1.0/manifests"},{"name":"2.0.0","sha":"cf31d2e03960a9e6a0a89bac181253a8803113d2","kind":"commit","published_at":"2021-07-05T12:56:04.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/2.0.0","html_url":"https://github.com/google/zx/releases/tag/2.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/2.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/2.0.0/manifests"},{"name":"1.15.2","sha":"9f0d0bce9936bda1b543871dd53bed197d87b871","kind":"commit","published_at":"2021-07-03T21:24:31.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.15.2","html_url":"https://github.com/google/zx/releases/tag/1.15.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.15.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.15.2/manifests"},{"name":"1.15.1","sha":"06722d7d314d3cb44133b06e0ce7b5dad9eac72a","kind":"commit","published_at":"2021-07-03T21:11:17.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.15.1","html_url":"https://github.com/google/zx/releases/tag/1.15.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.15.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.15.1/manifests"},{"name":"1.15.0","sha":"ddb598b4ae6a64a61c7138b095a9e6725a1d46e5","kind":"commit","published_at":"2021-07-03T21:02:48.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.15.0","html_url":"https://github.com/google/zx/releases/tag/1.15.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.15.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.15.0/manifests"},{"name":"1.14.2","sha":"1dbe8bd48ffe4be4d11f46799f291619512522fc","kind":"commit","published_at":"2021-06-20T07:32:05.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.14.2","html_url":"https://github.com/google/zx/releases/tag/1.14.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.14.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.14.2/manifests"},{"name":"1.14.1","sha":"ea6a800d52ffb128f546252fbba8977369343397","kind":"commit","published_at":"2021-05-27T21:36:11.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.14.1","html_url":"https://github.com/google/zx/releases/tag/1.14.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.14.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.14.1/manifests"},{"name":"1.14.0","sha":"891bab8e5e78b6f1741f87aa637b8d3a113ecd0d","kind":"commit","published_at":"2021-05-26T21:54:39.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.14.0","html_url":"https://github.com/google/zx/releases/tag/1.14.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.14.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.14.0/manifests"},{"name":"1.13.0","sha":"5d5aead64078d2ad24bd0bce3202f08a8ed28034","kind":"commit","published_at":"2021-05-26T19:13:06.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.13.0","html_url":"https://github.com/google/zx/releases/tag/1.13.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.13.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.13.0/manifests"},{"name":"1.12.0","sha":"dd5cac4dc517dd65c22e24ce71749e5f6df0408a","kind":"commit","published_at":"2021-05-24T19:26:23.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.12.0","html_url":"https://github.com/google/zx/releases/tag/1.12.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.12.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.12.0/manifests"},{"name":"1.11.0","sha":"1ab8c399aa0ac0627c8740601c5025b7593da759","kind":"commit","published_at":"2021-05-23T16:55:55.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.11.0","html_url":"https://github.com/google/zx/releases/tag/1.11.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.11.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.11.0/manifests"},{"name":"1.10.1","sha":"513b968954675f31fd5b3f42cfe2e75aead92d21","kind":"commit","published_at":"2021-05-23T13:08:56.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.10.1","html_url":"https://github.com/google/zx/releases/tag/1.10.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.10.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.10.1/manifests"},{"name":"1.10.0","sha":"78c04fac4b2395307d7d568da439e234428fb931","kind":"commit","published_at":"2021-05-22T21:07:18.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.10.0","html_url":"https://github.com/google/zx/releases/tag/1.10.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.10.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.10.0/manifests"},{"name":"1.9.0","sha":"5e10a115bdb424c93e6f8e92d8e37b11c92399da","kind":"commit","published_at":"2021-05-22T15:11:43.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.9.0","html_url":"https://github.com/google/zx/releases/tag/1.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.9.0/manifests"},{"name":"1.8.0","sha":"7bc83c20ef058583e3e73f7a460fc2232f04d6cf","kind":"commit","published_at":"2021-05-19T19:59:02.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.8.0","html_url":"https://github.com/google/zx/releases/tag/1.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.8.0/manifests"},{"name":"1.7.6","sha":"22ae215d949dac20d59b99f3291f872a62ef9463","kind":"commit","published_at":"2021-05-19T07:24:20.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.7.6","html_url":"https://github.com/google/zx/releases/tag/1.7.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.7.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.7.6/manifests"},{"name":"1.7.5","sha":"a151394da67288aad247321ab94a4c4fa643d6ac","kind":"commit","published_at":"2021-05-19T07:21:53.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.7.5","html_url":"https://github.com/google/zx/releases/tag/1.7.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.7.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.7.5/manifests"},{"name":"1.7.4","sha":"3b75b47f3b21edecfb11ca90c46411a65a5a9a55","kind":"commit","published_at":"2021-05-19T07:18:08.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.7.4","html_url":"https://github.com/google/zx/releases/tag/1.7.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.7.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.7.4/manifests"},{"name":"1.7.3","sha":"660bfb5fd32662df637fa313af19ede5db6be88f","kind":"commit","published_at":"2021-05-19T07:16:22.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.7.3","html_url":"https://github.com/google/zx/releases/tag/1.7.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.7.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.7.3/manifests"},{"name":"1.7.2","sha":"506b0d5384e2adf712de5519796d2c26150b33b2","kind":"commit","published_at":"2021-05-19T07:04:56.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.7.2","html_url":"https://github.com/google/zx/releases/tag/1.7.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.7.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.7.2/manifests"},{"name":"1.7.0","sha":"56c9f917bfea9da1b4968d28bc13483dc80fc3f6","kind":"commit","published_at":"2021-05-19T06:54:41.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.7.0","html_url":"https://github.com/google/zx/releases/tag/1.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.7.0/manifests"},{"name":"1.7.1","sha":"56c9f917bfea9da1b4968d28bc13483dc80fc3f6","kind":"commit","published_at":"2021-05-19T06:54:41.000Z","download_url":"https://codeload.github.com/google/zx/tar.gz/1.7.1","html_url":"https://github.com/google/zx/releases/tag/1.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fzx/tags/1.7.1/manifests"}]},"repo_metadata_updated_at":"2025-06-06T00:27:07.946Z","dependent_packages_count":1354,"downloads":4195296,"downloads_period":"last-month","dependent_repos_count":2228,"rankings":{"downloads":0.24356763647480303,"dependent_repos_count":0.47117906659903597,"dependent_packages_count":0.06642234736632681,"stargazers_count":0.472863174246055,"forks_count":1.2402739215359975,"docker_downloads_count":0.15176949761356237,"average":0.4410126073059635},"purl":"pkg:npm/zx","advisories":[{"uuid":"GSA_kwCzR0hTQS1xd3A4LXg0ZmYtNWg4N84ABEHK","url":"https://github.com/advisories/GHSA-qwp8-x4ff-5h87","title":"ZX Allows Environment Variable Injection for dotenv API","description":"### Impact\nThis vulnerability is an **Environment Variable Injection** issue in `dotenv.stringify`, affecting `google/zx`  version **8.3.1**.\n\nAn attacker with control over environment variable values can inject unintended environment variables into `process.env`. This can lead to **arbitrary command execution** or **unexpected behavior** in applications that rely on environment variables for security-sensitive operations. Applications that process untrusted input and pass it through `dotenv.stringify` are particularly vulnerable.\n\n### Patches\nThis issue has been **patched** in version **8.3.2**. Users should **immediately upgrade** to this version to mitigate the vulnerability.\n\n### Workarounds\nIf upgrading is not feasible, users can mitigate the vulnerability by **sanitizing user-controlled environment variable values** before passing them to `dotenv.stringify`. Specifically, avoid using `\"`, `'`, and backticks in values, or enforce strict validation of environment variables before usage.\n\n### References\n- [Issue Report](https://github.com/google/zx/issues/)\n- [Security Policy](https://github.com/google/zx/security/policy)\n- [Google Vulnerability Disclosure](https://g.co/vulnz)\n- [Patch](https://github.com/google/zx/pull/1094)","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2025-02-03T22:34:08.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":5.2,"cvss_vector":"CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H","references":["https://github.com/google/zx/security/advisories/GHSA-qwp8-x4ff-5h87","https://nvd.nist.gov/vuln/detail/CVE-2025-24959","https://github.com/google/zx/pull/1094","https://github.com/google/zx/commit/5ba714d14ecf0555a74d4db96622840ac19839c5","https://github.com/webpod/envapi/blob/v0.2.1/src/main/ts/envapi.ts#L74-L77","https://github.com/advisories/GHSA-qwp8-x4ff-5h87"],"source_kind":"github","identifiers":["GHSA-qwp8-x4ff-5h87","CVE-2025-24959"],"repository_url":"https://github.com/google/zx","blast_radius":17.409158969808797,"packages":[{"versions":[{"first_patched_version":"8.3.2","vulnerable_version_range":"= 8.3.1"}],"ecosystem":"npm","package_name":"zx"}],"created_at":"2025-02-03T23:08:03.992Z","updated_at":"2025-02-04T17:29:13.000Z","epss_percentage":0.00043,"epss_percentile":0.11479}],"docker_usage_url":"https://docker.ecosyste.ms/usage/npm/zx","docker_dependents_count":34,"docker_downloads_count":165739855,"usage_url":"https://repos.ecosyste.ms/usage/npm/zx","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/npm/zx/dependencies","status":null,"funding_links":["https://github.com/sponsors/antonmedv"],"critical":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/zx/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/zx/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/zx/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/zx/related_packages","maintainers":[{"uuid":"google-wombot","login":"google-wombot","name":null,"email":"node-team-npm+wombot@google.com","url":null,"packages_count":1317,"html_url":"https://www.npmjs.com/~google-wombot","role":null,"created_at":"2022-11-10T11:38:04.800Z","updated_at":"2022-11-10T11:38:04.800Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/google-wombot/packages"},{"uuid":"medv","login":"medv","name":null,"email":"anton@medv.io","url":null,"packages_count":118,"html_url":"https://www.npmjs.com/~medv","role":null,"created_at":"2022-11-10T11:38:04.793Z","updated_at":"2022-11-10T11:38:04.793Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/medv/packages"}],"registry":{"name":"npmjs.org","url":"https://registry.npmjs.org","ecosystem":"npm","default":true,"packages_count":5005318,"maintainers_count":1012639,"namespaces_count":295318,"keywords_count":699769,"github":"npm","metadata":{"funded_packages_count":150180},"icon_url":"https://github.com/npm.png","created_at":"2022-04-04T15:19:23.081Z","updated_at":"2025-06-05T05:52:15.849Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/namespaces"}},"unique_repositories_count":200,"unique_repositories_count_past_30_days":2,"recent_issues":[{"uuid":"4506893089","node_id":"PR_kwDOQds0Gs7ejrhm","number":1,"state":"closed","title":"Bump zx from 8.1.4 to 8.8.5 in /tokens/transfer-tokens/anchor","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-29T23:49:14.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-23T05:00:27.000Z","updated_at":"2026-05-29T23:49:16.000Z","time_to_close":586127,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"zx","old_version":"8.1.4","new_version":"8.8.5","repository_url":"https://github.com/google/zx"}],"path":"/tokens/transfer-tokens/anchor","ecosystem":"npm"},"body":"Bumps [zx](https://github.com/google/zx) from 8.1.4 to 8.8.5.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.1.4...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zx\u0026package-manager=npm_and_yarn\u0026previous-version=8.1.4\u0026new-version=8.8.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Dct555/program-examples/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Dct555/program-examples/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Dct555%2Fprogram-examples/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4498497890","node_id":"PR_kwDORDqexM7eItDc","number":20,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-21T23:13:47.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-21T23:11:05.000Z","updated_at":"2026-05-21T23:13:49.000Z","time_to_close":162,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":4,"packages":[{"name":"zx","old_version":"8.1.9","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"js-yaml","old_version":"3.14.1","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"qs","old_version":"6.13.0","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 4 updates in the / directory: [zx](https://github.com/google/zx), [js-yaml](https://github.com/nodeca/js-yaml), [qs](https://github.com/ljharb/qs) and [tmp](https://github.com/raszi/node-tmp).\n\nUpdates `zx` from 8.1.9 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.1.9...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ereplacer\u003c/code\u003e option (similar to option in JSON.stringify), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/339\"\u003e#339\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom \u003ccode\u003eTag\u003c/code\u003e can now handle all tags or multiple tags with the same prefix, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/385\"\u003e#385\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2cef47bebf60da141b78b085f3dea3b5733dcc12\"\u003e\u003ccode\u003e2cef47b\u003c/code\u003e\u003c/a\u003e 4.1.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/810b149ce2d475109722474d91118f0671b15e20\"\u003e\u003ccode\u003e810b149\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2b5620ed8f03ba0df319fe7710f6d7fd44811742\"\u003e\u003ccode\u003e2b5620e\u003c/code\u003e\u003c/a\u003e Export built-in types, type override now preserves order\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.13.0 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.13.0...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `tmp`\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Dnysus/serverless-plugin-split-stacks/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Dnysus/serverless-plugin-split-stacks/pull/20","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Dnysus%2Fserverless-plugin-split-stacks/issues/20","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/20/packages"},{"uuid":"4266474399","node_id":"PR_kwDOMWsmts7ShgIq","number":37,"state":"open","title":"chore: bump the npm_and_yarn group across 2 directories with 6 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-15T05:26:14.000Z","updated_at":"2026-04-15T05:26:42.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore: bump","group_name":"npm_and_yarn","update_count":6,"packages":[{"name":"tsup","old_version":"8.2.3","new_version":"8.3.5","repository_url":"https://github.com/egoist/tsup"},{"name":"vite","old_version":"5.3.5","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"undici","old_version":"6.19.4","new_version":"6.24.0","repository_url":"https://github.com/nodejs/undici"},{"name":"zx","old_version":"8.1.4","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"nanoid","old_version":"3.3.7","new_version":"3.3.11"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2"},{"name":"vite","old_version":"5.3.5","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 4 updates in the / directory: [tsup](https://github.com/egoist/tsup), [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite), [undici](https://github.com/nodejs/undici) and [zx](https://github.com/google/zx).\nBumps the npm_and_yarn group with 1 update in the /examples/react-app directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).\n\nUpdates `tsup` from 8.2.3 to 8.3.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/egoist/tsup/releases\"\u003etsup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.3.5\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRun \u003ccode\u003eexperimentalDts\u003c/code\u003e only once  -  by \u003ca href=\"https://github.com/aryaemami59\"\u003e\u003ccode\u003e@​aryaemami59\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1236\"\u003eegoist/tsup#1236\u003c/a\u003e \u003ca href=\"https://github.com/egoist/tsup/commit/fddd451\"\u003e\u003c!-- raw HTML omitted --\u003e(fddd4)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/egoist/tsup/compare/v8.3.4...v8.3.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev8.3.4\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003eNo significant changes\u003c/em\u003e\u003c/p\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/egoist/tsup/compare/v8.3.3...v8.3.4\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev8.3.3\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003eNo significant changes\u003c/em\u003e\u003c/p\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/egoist/tsup/compare/v8.3.2...v8.3.3\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev8.3.1\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003ees2024\u003c/code\u003e target  -  by \u003ca href=\"https://github.com/sxzz\"\u003e\u003ccode\u003e@​sxzz\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/egoist/tsup/commit/4c8cd7f\"\u003e\u003c!-- raw HTML omitted --\u003e(4c8cd)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport TS 5.6 for svelte  -  by \u003ca href=\"https://github.com/sxzz\"\u003e\u003ccode\u003e@​sxzz\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/egoist/tsup/commit/28b9ce9\"\u003e\u003c!-- raw HTML omitted --\u003e(28b9c)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eneutral\u003c/code\u003e value to platform options in \u003ccode\u003eschema.json\u003c/code\u003e  -  by \u003ca href=\"https://github.com/venables\"\u003e\u003ccode\u003e@​venables\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/egoist/tsup/issues/982\"\u003eegoist/tsup#982\u003c/a\u003e \u003ca href=\"https://github.com/egoist/tsup/commit/a03db4c\"\u003e\u003c!-- raw HTML omitted --\u003e(a03db)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWider restriction for \u003ccode\u003etarget\u003c/code\u003e option  -  by \u003ca href=\"https://github.com/odanado\"\u003e\u003ccode\u003e@​odanado\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1118\"\u003eegoist/tsup#1118\u003c/a\u003e \u003ca href=\"https://github.com/egoist/tsup/commit/1979b06\"\u003e\u003c!-- raw HTML omitted --\u003e(1979b)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eterser\u003c/code\u003e value to \u003ccode\u003eminify\u003c/code\u003e option in \u003ccode\u003eschema.json\u003c/code\u003e  -  by \u003ca href=\"https://github.com/damienbutt\"\u003e\u003ccode\u003e@​damienbutt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/egoist/tsup/issues/991\"\u003eegoist/tsup#991\u003c/a\u003e \u003ca href=\"https://github.com/egoist/tsup/commit/34951bf\"\u003e\u003c!-- raw HTML omitted --\u003e(34951)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange \u003ccode\u003enewlineKind\u003c/code\u003e to \u003ccode\u003elf\u003c/code\u003e for \u003ccode\u003eexperimentalDts\u003c/code\u003e  -  by \u003ca href=\"https://github.com/aryaemami59\"\u003e\u003ccode\u003e@​aryaemami59\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1234\"\u003eegoist/tsup#1234\u003c/a\u003e \u003ca href=\"https://github.com/egoist/tsup/commit/4584b89\"\u003e\u003c!-- raw HTML omitted --\u003e(4584b)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnable rollup \u003ccode\u003eoutput.compact\u003c/code\u003e when minify is enabled  -  by \u003ca href=\"https://github.com/hyrious\"\u003e\u003ccode\u003e@​hyrious\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1232\"\u003eegoist/tsup#1232\u003c/a\u003e \u003ca href=\"https://github.com/egoist/tsup/commit/9cc86d6\"\u003e\u003c!-- raw HTML omitted --\u003e(9cc86)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNode16\u003c/code\u003e and \u003ccode\u003eNodeNext\u003c/code\u003e module resolution in \u003ccode\u003eexperimentalDts\u003c/code\u003e  -  by \u003ca href=\"https://github.com/aryaemami59\"\u003e\u003ccode\u003e@​aryaemami59\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1225\"\u003eegoist/tsup#1225\u003c/a\u003e \u003ca href=\"https://github.com/egoist/tsup/commit/41c98ff\"\u003e\u003c!-- raw HTML omitted --\u003e(41c98)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/egoist/tsup/compare/v8.3.0...v8.3.1\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev8.3.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/egoist/tsup/compare/v8.2.4...v8.3.0\"\u003e8.3.0\u003c/a\u003e (2024-09-17)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix \u003ccode\u003eexperimentalDts\u003c/code\u003e file cleaning and watching (\u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1199\"\u003e#1199\u003c/a\u003e) (\u003ca href=\"https://github.com/egoist/tsup/commit/76dc18b7036c408e6fc5254e3eeb3430f65c7866\"\u003e76dc18b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for \u003ccode\u003ects\u003c/code\u003e and \u003ccode\u003emts\u003c/code\u003e config files (\u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1178\"\u003e#1178\u003c/a\u003e) (\u003ca href=\"https://github.com/egoist/tsup/commit/ec811b3b7d22479c230292a024f1dee5d171b0ea\"\u003eec811b3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd support for async \u003ccode\u003einjectStyle\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1193\"\u003e#1193\u003c/a\u003e) (\u003ca href=\"https://github.com/egoist/tsup/commit/f25a9db77d22c91ea8f6bd1ed31ea8415d0a7d5d\"\u003ef25a9db\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.2.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/egoist/tsup/compare/v8.2.3...v8.2.4\"\u003e8.2.4\u003c/a\u003e (2024-08-02)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/cd03e1e00ec2bd6676ae1837cbc7e618ab6a2362\"\u003e\u003ccode\u003ecd03e1e\u003c/code\u003e\u003c/a\u003e chore: release v8.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/fddd451c3d63cd5f851a0e7ab091c0550e24f213\"\u003e\u003ccode\u003efddd451\u003c/code\u003e\u003c/a\u003e fix: run \u003ccode\u003eexperimentalDts\u003c/code\u003e only once (\u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1236\"\u003e#1236\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/21b119374880e9d9109c5d8658429678a1de8f45\"\u003e\u003ccode\u003e21b1193\u003c/code\u003e\u003c/a\u003e chore: release v8.3.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/580e03dc996107c4790c64df5b9ca6cebb4b7de9\"\u003e\u003ccode\u003e580e03d\u003c/code\u003e\u003c/a\u003e ci: fix release workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/01b38f295f6e1fa240676213817a9d315fdffd60\"\u003e\u003ccode\u003e01b38f2\u003c/code\u003e\u003c/a\u003e chore: release v8.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/4f5b71e42887a5147ee6d95d2d7f89f789887f0d\"\u003e\u003ccode\u003e4f5b71e\u003c/code\u003e\u003c/a\u003e ci: fix release workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/e80dad6889366941e015faadce05cbe2eeca3c17\"\u003e\u003ccode\u003ee80dad6\u003c/code\u003e\u003c/a\u003e chore: release v8.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/f4af79a1b890307a28d0d986a0c06dc92192c222\"\u003e\u003ccode\u003ef4af79a\u003c/code\u003e\u003c/a\u003e ci: fix release workflow (\u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1241\"\u003e#1241\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/4b72d61a8e7a2e450e71ffe8806739f2e1122f54\"\u003e\u003ccode\u003e4b72d61\u003c/code\u003e\u003c/a\u003e chore: release v8.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/41c98ff07aa03ef0e9d65407b20c9465acbf0d83\"\u003e\u003ccode\u003e41c98ff\u003c/code\u003e\u003c/a\u003e fix: support \u003ccode\u003eNode16\u003c/code\u003e and \u003ccode\u003eNodeNext\u003c/code\u003e module resolution in \u003ccode\u003eexperimentalDts\u003c/code\u003e (...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/egoist/tsup/compare/v8.2.3...v8.3.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 5.3.5 to 6.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.4.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.1/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.0/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.3.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.3.7/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.3.6\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.3.6/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.21\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.20\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/ca88ed7398288ce0c60176ac9a6392f10654c67c/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.2 (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003efe28e47\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22163\"\u003e#22163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003eca4da5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.1 (2025-10-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e1114b5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20968\"\u003e#20968\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20969\"\u003e#20969\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.4.0 (2025-10-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003eca6455e\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20932\"\u003e#20932\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.7 (2025-10-14)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003ec59a222\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20940\"\u003e#20940\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.6 (2025-09-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/0ab19ea9fcb66f544328f442cf6e70f7c0528d5f\"\u003e0ab19ea\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20736\"\u003e#20736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: upgrade sirv to 3.0.2 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20735\"\u003e#20735\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e11d24008b97d4ca731ecc1a3b95260a6d12e7e0\"\u003ee11d240\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20735\"\u003e#20735\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: detect ts support via \u003ccode\u003eprocess.features\u003c/code\u003e (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20544\"\u003e#20544\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/7d9922972b62329d37a71d4da5a4a382d0bf8a79\"\u003e7d99229\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20544\"\u003e#20544\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.5 (2025-05-05)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(ssr): handle uninitialized export access as undefined (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19959\"\u003e#19959\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fd38d076fe2455aac1e00a7b15cd51159bf12bb5\"\u003efd38d07\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19959\"\u003e#19959\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.4 (2025-04-30)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c22c43de612eebb6c182dd67850c24e4fab8cacb\"\u003ec22c43d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19965\"\u003e#19965\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(optimizer): return plain object when using \u003ccode\u003erequire\u003c/code\u003e to import externals in optimized dependenci (\u003ca href=\"https://github.com/vitejs/vite/commit/efc5eab253419fde0a6a48b8d2f233063d6a9643\"\u003eefc5eab\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19940\"\u003e#19940\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: remove duplicate plugin context type (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19935\"\u003e#19935\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/d6d01c2292fa4f9603e05b95d81c8724314c20e0\"\u003ed6d01c2\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19935\"\u003e#19935\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.3 (2025-04-24)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: ignore malformed uris in tranform middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19853\"\u003e#19853\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e4d520141bcd83ad61f16767348b4a813bf9340a\"\u003ee4d5201\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19853\"\u003e#19853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/6b3fad02abd550bd7b79934ff92c58dbd7f33045\"\u003e\u003ccode\u003e6b3fad0\u003c/code\u003e\u003c/a\u003e release: v6.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003e\u003ccode\u003eca4da5d\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003e\u003ccode\u003efe28e47\u003c/code\u003e\u003c/a\u003e fix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/5487f4f641f70c47ea05fd101a4319897df048b3\"\u003e\u003ccode\u003e5487f4f\u003c/code\u003e\u003c/a\u003e release: v6.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e\u003ccode\u003e1114b5d\u003c/code\u003e\u003c/a\u003e fix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f12697c0f64b9a37196b9ab218a0911829d5b103\"\u003e\u003ccode\u003ef12697c\u003c/code\u003e\u003c/a\u003e release: v6.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003e\u003ccode\u003eca6455e\u003c/code\u003e\u003c/a\u003e feat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/0e173d83681daa31be10fa8a62d56b1ec84690af\"\u003e\u003ccode\u003e0e173d8\u003c/code\u003e\u003c/a\u003e release: v6.3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003e\u003ccode\u003ec59a222\u003c/code\u003e\u003c/a\u003e fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/3f337c5e24504e51188d29c970de1416ee523dbb\"\u003e\u003ccode\u003e3f337c5\u003c/code\u003e\u003c/a\u003e release: v6.3.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v6.4.2/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for vite since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `undici` from 6.19.4 to 6.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodejs/undici/releases\"\u003eundici's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.24.0\u003c/h2\u003e\n\u003ch1\u003eUndici v6.24.0 Security Release Notes (LTS)\u003c/h1\u003e\n\u003cp\u003eThis release backports fixes for security vulnerabilities affecting the v6 line.\u003c/p\u003e\n\u003ch2\u003eUpgrade guidance\u003c/h2\u003e\n\u003cp\u003eAll users on v6 should upgrade to \u003cstrong\u003ev6.24.0\u003c/strong\u003e or later.\u003c/p\u003e\n\u003ch2\u003eFixed advisories\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm\"\u003eGHSA-2mjp-6q6p-2qxm\u003c/a\u003e / CVE-2026-1525 (Medium)\u003cbr /\u003e\nInconsistent interpretation of HTTP requests (request/response smuggling class issue).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj\"\u003eGHSA-f269-vfmq-vjvj\u003c/a\u003e / CVE-2026-1528 (High)\u003cbr /\u003e\nMalicious WebSocket 64-bit frame length handling could crash the client.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq\"\u003eGHSA-4992-7rv2-5pvq\u003c/a\u003e / CVE-2026-1527 (Medium)\u003cbr /\u003e\nCRLF injection via the \u003ccode\u003eupgrade\u003c/code\u003e option.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8\"\u003eGHSA-v9p9-hfj2-hcw8\u003c/a\u003e / CVE-2026-2229 (High)\u003cbr /\u003e\nUnhandled exception from invalid \u003ccode\u003eserver_max_window_bits\u003c/code\u003e in WebSocket permessage-deflate negotiation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q\"\u003eGHSA-vrm6-8vpv-qv8q\u003c/a\u003e / CVE-2026-1526 (High)\u003cbr /\u003e\nUnbounded memory consumption in WebSocket permessage-deflate decompression.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNot applicable to v6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h\"\u003eGHSA-phc3-fgpg-7m6h\u003c/a\u003e / CVE-2026-2581 affects \u003ccode\u003e\u0026gt;= 7.17.0 \u0026lt; 7.24.0\u003c/code\u003e only.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAffected and patched ranges (v6)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-1525: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1528: affected \u003ccode\u003e\u0026gt;= 6.0.0 \u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1527: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-2229: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1526: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eReferences\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub Security Advisories: \u003ca href=\"https://github.com/nodejs/undici/security/advisories\"\u003ehttps://github.com/nodejs/undici/security/advisories\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1525: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1525\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1528: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1528\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1527: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1527\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-2229: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-2229\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-2229\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1526: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1526\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1526\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.23.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/8873c947271faf1ebc455bdc6158ecbc022ecfa9\"\u003e\u003ccode\u003e8873c94\u003c/code\u003e\u003c/a\u003e Bumped v6.24.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/411bd01a42e7917009bbf686f7628b99d67bbce9\"\u003e\u003ccode\u003e411bd01\u003c/code\u003e\u003c/a\u003e test(websocket): use node:assert for Node 18 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/844bf59699d778944f78a24ae819c0e8f295766e\"\u003e\u003ccode\u003e844bf59\u003c/code\u003e\u003c/a\u003e test: fix http2 lint regressions in backport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/a444e4f13e8958b4e1ac42bc0d53ace7fba0a9c1\"\u003e\u003ccode\u003ea444e4f\u003c/code\u003e\u003c/a\u003e test: stabilize h2 and tls-cert-leak under current test runner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/dc032a1050d5489b8ce9b4c22aafba98a942f87b\"\u003e\u003ccode\u003edc032a1\u003c/code\u003e\u003c/a\u003e fix: h2 CI (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4395\"\u003e#4395\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/4cd3f4b3a2ef910ba728c47ae78294d956410450\"\u003e\u003ccode\u003e4cd3f4b\u003c/code\u003e\u003c/a\u003e test: increase bitness in \u003ccode\u003etest/fixtures/*.pem\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/3659\"\u003e#3659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/7df6442194b7a54e9ac734335e6e0a56a9bc6666\"\u003e\u003ccode\u003e7df6442\u003c/code\u003e\u003c/a\u003e fix: adapt websocket frame-limit handling for v6 parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/4e0179ae643e6f4380f24cc3683c1b1ca2afb094\"\u003e\u003ccode\u003e4e0179a\u003c/code\u003e\u003c/a\u003e fix: reject duplicate content-length and host headers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/5a97f0893b53ba7d1d5549d3df7e55d9c2673f89\"\u003e\u003ccode\u003e5a97f08\u003c/code\u003e\u003c/a\u003e Fix websocket 64-bit length overflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/e43e898603dd5e0c14a75b08b83257598d664a39\"\u003e\u003ccode\u003ee43e898\u003c/code\u003e\u003c/a\u003e fix: validate upgrade header to prevent CRLF injection\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodejs/undici/compare/v6.19.4...v6.24.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for undici since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 8.1.4 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.1.4...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nanoid` from 3.3.7 to 3.3.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ai/nanoid/releases\"\u003enanoid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.3.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed React Native support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed React Native support (by \u003ca href=\"https://github.com/steida\"\u003e\u003ccode\u003e@​steida\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced npm package size.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ai/nanoid/blob/main/CHANGELOG.md\"\u003enanoid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.3.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed React Native support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed React Native support (by \u003ca href=\"https://github.com/steida\"\u003e\u003ccode\u003e@​steida\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced npm package size.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a way to break Nano ID by passing non-integer size (by \u003ca href=\"https://github.com/myndzi\"\u003e\u003ccode\u003e@​myndzi\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/37289ceee51a3194a1f121a1e5d2bbb864076b74\"\u003e\u003ccode\u003e37289ce\u003c/code\u003e\u003c/a\u003e Release 3.3.11 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/23690b77719ec8043c2509d28c1d74b0e2295b75\"\u003e\u003ccode\u003e23690b7\u003c/code\u003e\u003c/a\u003e Fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/c147962de7f5da3311a0e731030a28f49c5266a3\"\u003e\u003ccode\u003ec147962\u003c/code\u003e\u003c/a\u003e Fix RN support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/a83734e28fa071f51fe3614a5fb891f08a4b91b2\"\u003e\u003ccode\u003ea83734e\u003c/code\u003e\u003c/a\u003e Move to manually ESM/CJS dual package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/bb12e8a6f9c37ebe0b5ff2c697b8f9dcf34c8948\"\u003e\u003ccode\u003ebb12e8a\u003c/code\u003e\u003c/a\u003e Release 3.3.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/8f44264cd724080447f40620974163f1daca4612\"\u003e\u003ccode\u003e8f44264\u003c/code\u003e\u003c/a\u003e Fix Expo support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/adf9b0c05eeeebbbf391c16bbd93da2fc275e235\"\u003e\u003ccode\u003eadf9b0c\u003c/code\u003e\u003c/a\u003e Release 3.3.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/1c6f08825b4f17c4462bd1c19dbc3f1c5626b76f\"\u003e\u003ccode\u003e1c6f088\u003c/code\u003e\u003c/a\u003e Remove dev file from npm package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/3044cd5e73f4cf31795f61f6e6b961c8c0a5c744\"\u003e\u003ccode\u003e3044cd5\u003c/code\u003e\u003c/a\u003e Release 3.3.8 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/4fe34959c34e5b3573889ed4f24fe91d1d3e7231\"\u003e\u003ccode\u003e4fe3495\u003c/code\u003e\u003c/a\u003e Update size limit\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ai/nanoid/compare/3.3.7...3.3.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 5.3.5 to 6.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.4.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.1/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.0/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.3.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.3.7/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.3.6\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.3.6/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.21\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.20\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/ca88ed7398288ce0c60176ac9a6392f10654c67c/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.2 (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003efe28e47\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22163\"\u003e#22163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003eca4da5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.1 (2025-10-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e1114b5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20968\"\u003e#20968\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20969\"\u003e#20969\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.4.0 (2025-10-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003eca6455e\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20932\"\u003e#20932\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.7 (2025-10-14)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003ec59a222\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20940\"\u003e#20940\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.6 (2025-09-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/0ab19ea9fcb66f544328f442cf6e70f7c0528d5f\"\u003e0ab19ea\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20736\"\u003e#20736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: upgrade sirv to 3.0.2 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20735\"\u003e#20735\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e11d24008b97d4ca731ecc1a3b95260a6d12e7e0\"\u003ee11d240\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20735\"\u003e#20735\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: detect ts support via \u003ccode\u003eprocess.features\u003c/code\u003e (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20544\"\u003e#20544\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/7d9922972b62329d37a71d4da5a4a382d0bf8a79\"\u003e7d99229\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20544\"\u003e#20544\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.5 (2025-05-05)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(ssr): handle uninitialized export access as undefined (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19959\"\u003e#19959\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fd38d076fe2455aac1e00a7b15cd51159bf12bb5\"\u003efd38d07\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19959\"\u003e#19959\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.4 (2025-04-30)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c22c43de612eebb6c182dd67850c24e4fab8cacb\"\u003ec22c43d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19965\"\u003e#19965\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(optimizer): return plain object when using \u003ccode\u003erequire\u003c/code\u003e to import externals in optimized dependenci (\u003ca href=\"https://github.com/vitejs/vite/commit/efc5eab253419fde0a6a48b8d2f233063d6a9643\"\u003eefc5eab\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19940\"\u003e#19940\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: remove duplicate plugin context type (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19935\"\u003e#19935\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/d6d01c2292fa4f9603e05b95d81c8724314c20e0\"\u003ed6d01c2\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19935\"\u003e#19935\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.3 (2025-04-24)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: ignore malformed uris in tranform middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19853\"\u003e#19853\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e4d520141bcd83ad61f16767348b4a813bf9340a\"\u003ee4d5201\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19853\"\u003e#19853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/6b3fad02abd550bd7b79934ff92c58dbd7f33045\"\u003e\u003ccode\u003e6b3fad0\u003c/code\u003e\u003c/a\u003e release: v6.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003e\u003ccode\u003eca4da5d\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003e\u003ccode\u003efe28e47\u003c/code\u003e\u003c/a\u003e fix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/5487f4f641f70c47ea05fd101a4319897df048b3\"\u003e\u003ccode\u003e5487f4f\u003c/code\u003e\u003c/a\u003e release: v6.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e\u003ccode\u003e1114b5d\u003c/code\u003e\u003c/a\u003e fix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f12697c0f64b9a37196b9ab218a0911829d5b103\"\u003e\u003ccode\u003ef12697c\u003c/code\u003e\u003c/a\u003e release: v6.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003e\u003ccode\u003eca6455e\u003c/code\u003e\u003c/a\u003e feat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/0e173d83681daa31be10fa8a62d56b1ec84690af\"\u003e\u003ccode\u003e0e173d8\u003c/code\u003e\u003c/a\u003e release: v6.3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003e\u003ccode\u003ec59a222\u003c/code\u003e\u003c/a\u003e fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/3f337c5e24504e51188d29c970de1416ee523dbb\"\u003e\u003ccode\u003e3f337c5\u003c/code\u003e\u003c/a\u003e release: v6.3.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v6.4.2/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for vite since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/AKJUS/solana-web3.js/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/AKJUS/solana-web3.js/pull/37","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/AKJUS%2Fsolana-web3.js/issues/37","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/37/packages"},{"uuid":"4256250952","node_id":"PR_kwDOPtqpys7SCdJ8","number":4,"state":"closed","title":"Bump the npm_and_yarn group across 3 directories with 26 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-16T23:55:57.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-13T16:03:58.000Z","updated_at":"2026-04-16T23:55:59.000Z","time_to_close":287519,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":26,"packages":[{"name":"ai","old_version":"5.0.28","new_version":"5.0.52","repository_url":"https://github.com/vercel/ai"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"next","old_version":"15.3.3","new_version":"15.5.15","repository_url":"https://github.com/vercel/next.js"},{"name":"glob","old_version":"11.0.2","new_version":"12.0.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"validator","old_version":"13.15.15","new_version":"13.15.22","repository_url":"https://github.com/validatorjs/validator.js"},{"name":"@modelcontextprotocol/sdk","old_version":"1.12.1","new_version":"1.29.0","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.2.2","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"bn.js","old_version":"4.12.2","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"brace-expansion","old_version":"1.1.12","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"4.0.3","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"immutable","old_version":"5.1.2","new_version":"5.1.5","repository_url":"https://github.com/immutable-js/immutable-js"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"mdast-util-to-hast","old_version":"13.2.0","new_version":"13.2.1","repository_url":"https://github.com/syntax-tree/mdast-util-to-hast"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"qs","old_version":"6.14.0","new_version":"6.15.1","repository_url":"https://github.com/ljharb/qs"},{"name":"rollup","old_version":"4.43.0","new_version":"4.60.1","repository_url":"https://github.com/rollup/rollup"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"3.0.9","new_version":"3.1.2","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.13","repository_url":"https://github.com/isaacs/node-tar"},{"name":"undici","old_version":"7.10.0","new_version":"7.25.0","repository_url":"https://github.com/nodejs/undici"},{"name":"zx","old_version":"7.2.3","new_version":"7.2.4","repository_url":"https://github.com/google/zx"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 25 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ai](https://github.com/vercel/ai) | `5.0.28` | `5.0.52` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [next](https://github.com/vercel/next.js) | `15.3.3` | `15.5.15` |\n| [glob](https://github.com/isaacs/node-glob) | `11.0.2` | `12.0.0` |\n| [validator](https://github.com/validatorjs/validator.js) | `13.15.15` | `13.15.22` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.12.1` | `1.29.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.2.2` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.2` | `4.12.3` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.14` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.3` | `4.0.5` |\n| [immutable](https://github.com/immutable-js/immutable-js) | `5.1.2` | `5.1.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) | `13.2.0` | `13.2.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.1` |\n| [rollup](https://github.com/rollup/rollup) | `4.43.0` | `4.60.1` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `3.0.9` | `3.1.2` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.13` |\n| [undici](https://github.com/nodejs/undici) | `7.10.0` | `7.25.0` |\n| [zx](https://github.com/google/zx) | `7.2.3` | `7.2.4` |\n\nBumps the npm_and_yarn group with 4 updates in the /apps/www directory: [ai](https://github.com/vercel/ai), [lodash](https://github.com/lodash/lodash), [next](https://github.com/vercel/next.js) and [glob](https://github.com/isaacs/node-glob).\nBumps the npm_and_yarn group with 8 updates in the /templates/plate-template directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [next](https://github.com/vercel/next.js) | `15.4.6` | `15.5.15` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.14` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.13` |\n\n\nUpdates `ai` from 5.0.28 to 5.0.52\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63d5f669098343a49173d788fe1490127e882bd1\"\u003e\u003ccode\u003e63d5f66\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8895\"\u003e#8895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/930399bb9839a8baf3d349614106d78268775eed\"\u003e\u003ccode\u003e930399b\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): download files when intermediate file cannot be downloaded...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7ca78f19a51859de09171daa3b0cefcc9df90a16\"\u003e\u003ccode\u003e7ca78f1\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/gateway): Add new Qwen models to Gateway model string...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1cfc209a5f9f281565538f2880f9c6278ca6bf04\"\u003e\u003ccode\u003e1cfc209\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): \u003ccode\u003eOpenAILanguageModelOptions\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8858\"\u003e#8858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/347b7ecce9953ae427e7fcf5b0441a63a3d44431\"\u003e\u003ccode\u003e347b7ec\u003c/code\u003e\u003c/a\u003e ci: rename \u003ccode\u003ev5.0\u003c/code\u003e branch to \u003ccode\u003erelease-v*\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/85909a9f6448c7e6eb52d780abcca4f96679e719\"\u003e\u003ccode\u003e85909a9\u003c/code\u003e\u003c/a\u003e Backport: chore(ai): update test message (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8875\"\u003e#8875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c56822dd81d5d70bcd5ef230a875f96a224849a4\"\u003e\u003ccode\u003ec56822d\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the `UIMessageChu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1461adf5841cc3f164482fdff72b66b4b22bf866\"\u003e\u003ccode\u003e1461adf\u003c/code\u003e\u003c/a\u003e Backport: chore(examples): remove redundant OpenAI reasoning examples (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8871\"\u003e#8871\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6bd07df02d9f954b389e44da128fc6d1358462d9\"\u003e\u003ccode\u003e6bd07df\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8853\"\u003e#8853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a45d61aa32f2f319254c5e660731085bcd30f273\"\u003e\u003ccode\u003ea45d61a\u003c/code\u003e\u003c/a\u003e ci(release): remove incorrect changeset bump for \u003ccode\u003e@ai-sdk/baseten\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/compare/ai@5.0.28...ai@5.0.52\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 15.3.3 to 15.5.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.15\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(next/image): add lru disk cache and images.maximumDiskCacheSize (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91660\"\u003e#91660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix(pages-router): restore Content-Length and ETag for /_next/data/ JSON responses (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/90304\"\u003e#90304\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/lllomh\"\u003e\u003ccode\u003e@​lllomh\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003ev15.5.13\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: patch http-proxy to prevent request smuggling in rewrites (See: \u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ggv3-7p47-pfv8\"\u003eCVE-2026-29057\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/ztanner\"\u003e\u003ccode\u003e@​ztanner\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/412eb90b6587ec02e8361c92efa9091487e7348f\"\u003e\u003ccode\u003e412eb90\u003c/code\u003e\u003c/a\u003e v15.5.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/cb90de98be409653f39ec602072740b38689a4e5\"\u003e\u003ccode\u003ecb90de9\u003c/code\u003e\u003c/a\u003e [15.x] Avoid consuming cyclic models multiple times (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/74\"\u003e#74\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fffef9ef3059a4883def5b847315fb6017668846\"\u003e\u003ccode\u003efffef9e\u003c/code\u003e\u003c/a\u003e Fix CI for glibc linux builds\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d7b012d787c01e0435f8cdf2a47211891668d13b\"\u003e\u003ccode\u003ed7b012d\u003c/code\u003e\u003c/a\u003e v15.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/2b0525123245da5b1b9d1abedc636c5fd3ee1d07\"\u003e\u003ccode\u003e2b05251\u003c/code\u003e\u003c/a\u003e [backport] feat(next/image): add lru disk cache and `images.maximumDiskCacheS...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/f88cee9604f0ec8ab869a2f94ced984194277b9e\"\u003e\u003ccode\u003ef88cee9\u003c/code\u003e\u003c/a\u003e Backport: Fix(pages-router): restore Content-Length and ETag for /_next/data/...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/cfd5f533b08df3038476dcd54f1d6d660d85f069\"\u003e\u003ccode\u003ecfd5f53\u003c/code\u003e\u003c/a\u003e v15.5.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/15f28911fd272041707dbf6b7c07d62642593be8\"\u003e\u003ccode\u003e15f2891\u003c/code\u003e\u003c/a\u003e [backport]: fix: patch http-proxy to prevent request smuggling in rewrites (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d23f41c42506005fe6978e076a1ccbf8979e4925\"\u003e\u003ccode\u003ed23f41c\u003c/code\u003e\u003c/a\u003e v15.5.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/8e75765a6544dc0e6b20aefeade7d33190ffcb7c\"\u003e\u003ccode\u003e8e75765\u003c/code\u003e\u003c/a\u003e fix unlock in publish-native\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v15.3.3...v15.5.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.2 to 12.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2b03ccaf9fc397b6054d639cd5fbe97104d36221\"\u003e\u003ccode\u003e2b03cca\u003c/code\u003e\u003c/a\u003e 12.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d56203dc19a4af5c8f8177a3b67e63a14a246458\"\u003e\u003ccode\u003ed56203d\u003c/code\u003e\u003c/a\u003e prettier config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bb521e5d188a8cbbe86d5cef3bf57a49fdee7c59\"\u003e\u003ccode\u003ebb521e5\u003c/code\u003e\u003c/a\u003e Remove --shell option where unsafe to use\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2551fb51440d402fa2120457bf460e546ee9964d\"\u003e\u003ccode\u003e2551fb5\u003c/code\u003e\u003c/a\u003e 11.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146\"\u003e\u003ccode\u003e47473c0\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bc33fe1c6a47abd497703d79ad96036e7891ff62\"\u003e\u003ccode\u003ebc33fe1\u003c/code\u003e\u003c/a\u003e skip tilde test on systems that lack tilde expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/59bf9ca211bda5636c4fe9e32d41530c90a4f30d\"\u003e\u003ccode\u003e59bf9ca\u003c/code\u003e\u003c/a\u003e fix notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/dde4fa66c87e24b37bb5be28ed10c6e12019edac\"\u003e\u003ccode\u003edde4fa6\u003c/code\u003e\u003c/a\u003e docs(README): add #anchor and improve \u003ccode\u003enote\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/0559b0ed13c0f8147cd2ac9d48bb49684caaf20e\"\u003e\u003ccode\u003e0559b0e\u003c/code\u003e\u003c/a\u003e docs: add better links to path-scurry docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c9773c249b4b9ed6b2447222c226f9d20c6ce916\"\u003e\u003ccode\u003ec9773c2\u003c/code\u003e\u003c/a\u003e fix: correct typos in \u003ccode\u003eREADME.md\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v11.0.2...v12.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `validator` from 13.15.15 to 13.15.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/releases\"\u003evalidator's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e13.15.22\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003evalidatorjs/validator.js#2622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e-- made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003evalidatorjs/validator.js#2616\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e13.15.20\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003evalidatorjs/validator.js#2563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003evalidatorjs/validator.js#2556\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003evalidatorjs/validator.js#2576\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003evalidatorjs/validator.js#2574\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003evalidatorjs/validator.js#2584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003evalidatorjs/validator.js#2581\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003evalidatorjs/validator.js#2608\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md\"\u003evalidator's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e13.15.22\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e13.15.20\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2b5c17dbe03f2ca9ad9122c597f81e86ce1a9a1\"\u003e\u003ccode\u003ef2b5c17\u003c/code\u003e\u003c/a\u003e maintenance: 2511 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2627\"\u003e#2627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/d457ecaf55b0f3d8bd379d82757425d0d13dd382\"\u003e\u003ccode\u003ed457eca\u003c/code\u003e\u003c/a\u003e fix(isLength): correctly handle Unicode variation selectors (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2616\"\u003e#2616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2e3633f22fd3016656789d100bc451d857e7488\"\u003e\u003ccode\u003ef2e3633\u003c/code\u003e\u003c/a\u003e docs: add install instructions to contibution guide (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2621\"\u003e#2621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cf401458b8733d981a3724d634c795a9d612b516\"\u003e\u003ccode\u003ecf40145\u003c/code\u003e\u003c/a\u003e fix: URL validation for hostnames with ports (no protocol) (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2622\"\u003e#2622\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/4af61243ba0ae93f29e7689040e188b5849ff1b0\"\u003e\u003ccode\u003e4af6124\u003c/code\u003e\u003c/a\u003e maintenance: 2510 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2585\"\u003e#2585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/30d4fe02c16d36ed471f12da658c4b5d843781e0\"\u003e\u003ccode\u003e30d4fe0\u003c/code\u003e\u003c/a\u003e 13.15.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cbef5088f02d36caf978f378bb845fe49bdc0809\"\u003e\u003ccode\u003ecbef508\u003c/code\u003e\u003c/a\u003e fix(isURL): improve protocol detection. Resolves CVE-2025-56200 (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2608\"\u003e#2608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/6f436be36945e460ee624bf72a935a06daded859\"\u003e\u003ccode\u003e6f436be\u003c/code\u003e\u003c/a\u003e Fix typo in validators.test.js (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2581\"\u003e#2581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/3c857088d58197453957a2b924dfedea328003b6\"\u003e\u003ccode\u003e3c85708\u003c/code\u003e\u003c/a\u003e Fix: correct French VAT (FR) validation regex and add tests (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2584\"\u003e#2584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/eee525cd117d24ac905b9432f3f5a27e96aa9719\"\u003e\u003ccode\u003eeee525c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2491\"\u003e#2491\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2573\"\u003e#2573\u003c/a\u003e Simplify isBase64 to prevent stack overflow (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2574\"\u003e#2574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~wikirik\"\u003ewikirik\u003c/a\u003e, a new releaser for validator since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.12.1 to 1.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e\u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.29.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: treat v1.x as primary branch for npm latest tag (backport \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1577\"\u003e#1577\u003c/a\u003e) by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1749\"\u003emodelcontextprotocol/typescript-sdk#1749\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] fix: disallow null (infinite) requested TTL by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1339\"\u003emodelcontextprotocol/typescript-sdk#1339\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] fix: add missing size field to ResourceSchema by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1575\"\u003emodelcontextprotocol/typescript-sdk#1575\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd typings exports by \u003ca href=\"https://github.com/tdraier\"\u003e\u003ccode\u003e@​tdraier\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1623\"\u003emodelcontextprotocol/typescript-sdk#1623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev1.x npm audit fix by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1780\"\u003emodelcontextprotocol/typescript-sdk#1780\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev1.x \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e follow up -add missing types to package.json by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1773\"\u003emodelcontextprotocol/typescript-sdk#1773\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x backport] Allow servers / clients to advertise extensions in the capability object by \u003ca href=\"https://github.com/localden\"\u003e\u003ccode\u003e@​localden\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1811\"\u003emodelcontextprotocol/typescript-sdk#1811\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(stdio): always set windowsHide on Windows, not just in Electron by \u003ca href=\"https://github.com/jnMetaCode\"\u003e\u003ccode\u003e@​jnMetaCode\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1640\"\u003emodelcontextprotocol/typescript-sdk#1640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.29.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1820\"\u003emodelcontextprotocol/typescript-sdk#1820\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tdraier\"\u003e\u003ccode\u003e@​tdraier\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1623\"\u003emodelcontextprotocol/typescript-sdk#1623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnMetaCode\"\u003e\u003ccode\u003e@​jnMetaCode\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1640\"\u003emodelcontextprotocol/typescript-sdk#1640\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.28.0...v1.29.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.28.0...v1.29.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.28.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: use scopes_supported from resource metadata by default (fixes \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/580\"\u003e#580\u003c/a\u003e) by \u003ca href=\"https://github.com/antogyn\"\u003e\u003ccode\u003e@​antogyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/757\"\u003emodelcontextprotocol/typescript-sdk#757\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x backport] Default to client_secret_basic when server omits token_endpoint_auth_methods_supported by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1611\"\u003emodelcontextprotocol/typescript-sdk#1611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: reject plain JSON Schema objects passed as inputSchema by \u003ca href=\"https://github.com/tiluckdave\"\u003e\u003ccode\u003e@​tiluckdave\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1596\"\u003emodelcontextprotocol/typescript-sdk#1596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: clear _timeoutInfo in _onclose() and scope .finally() abort controller cleanup by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1462\"\u003emodelcontextprotocol/typescript-sdk#1462\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server/auth): RFC 8252 loopback port relaxation by \u003ca href=\"https://github.com/poteat\"\u003e\u003ccode\u003e@​poteat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1738\"\u003emodelcontextprotocol/typescript-sdk#1738\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.28.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1746\"\u003emodelcontextprotocol/typescript-sdk#1746\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/antogyn\"\u003e\u003ccode\u003e@​antogyn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/757\"\u003emodelcontextprotocol/typescript-sdk#757\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tiluckdave\"\u003e\u003ccode\u003e@​tiluckdave\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1596\"\u003emodelcontextprotocol/typescript-sdk#1596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/poteat\"\u003e\u003ccode\u003e@​poteat\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1738\"\u003emodelcontextprotocol/typescript-sdk#1738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.1...v1.28.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.1...v1.28.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: implement auth/pre-registration conformance scenario by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1545\"\u003emodelcontextprotocol/typescript-sdk#1545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add governance documentation for SEP-1730 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1547\"\u003emodelcontextprotocol/typescript-sdk#1547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: comprehensive feature documentation for SEP-1730 Tier 1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1548\"\u003emodelcontextprotocol/typescript-sdk#1548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent command injection in example URL opening (v1.x backport) by \u003ca href=\"https://github.com/maxisbey\"\u003e\u003ccode\u003e@​maxisbey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1579\"\u003emodelcontextprotocol/typescript-sdk#1579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: call onerror for silently swallowed transport errors by \u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.27.1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1581\"\u003emodelcontextprotocol/typescript-sdk#1581\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/e12cbd7078db388152f6e839abdbe09ba01f3f32\"\u003e\u003ccode\u003ee12cbd7\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.29.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1820\"\u003e#1820\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/3913fd4443a86536155e3ebef9edd2045c372c1e\"\u003e\u003ccode\u003e3913fd4\u003c/code\u003e\u003c/a\u003e fix(stdio): always set windowsHide on Windows, not just in Electron (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1640\"\u003e#1640\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/5608e78dd0d4ca6cd7dd03278419578f1780365a\"\u003e\u003ccode\u003e5608e78\u003c/code\u003e\u003c/a\u003e [v1.x backport] Allow servers / clients to advertise extensions in the capabi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/7213816788e634ffb9d09affe50f0295093bfb73\"\u003e\u003ccode\u003e7213816\u003c/code\u003e\u003c/a\u003e v1.x \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e follow up -add missing types to package.json (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1773\"\u003e#1773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/364f38ca2d8895aed7c37b7a0a1031bb7ae4841c\"\u003e\u003ccode\u003e364f38c\u003c/code\u003e\u003c/a\u003e v1.x npm audit fix (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1780\"\u003e#1780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/c95cc0943b045517e4cc414baf1f168b216c3142\"\u003e\u003ccode\u003ec95cc09\u003c/code\u003e\u003c/a\u003e Add typings exports (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/ddadaa6cc633fb5db0c094bf031b15b68a357820\"\u003e\u003ccode\u003eddadaa6\u003c/code\u003e\u003c/a\u003e [v1.x] fix: add missing size field to ResourceSchema (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1575\"\u003e#1575\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/2a158513028d9f862c4188b6957e78cd5663f26b\"\u003e\u003ccode\u003e2a15851\u003c/code\u003e\u003c/a\u003e [v1.x] fix: disallow null (infinite) requested TTL (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1339\"\u003e#1339\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/13e30f1d36de8442417fec695983bdb155c00768\"\u003e\u003ccode\u003e13e30f1\u003c/code\u003e\u003c/a\u003e fix: treat v1.x as primary branch for npm latest tag (backport \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1577\"\u003e#1577\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1749\"\u003e#1749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/a0565695218544fc53e99bf5b544a887d373cefa\"\u003e\u003ccode\u003ea056569\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.28.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1746\"\u003e#1746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.12.1...v1.29.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~pcarleton\"\u003epcarleton\u003c/a\u003e, a new releaser for \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/e9d09d6815b300b73e1297cdcf91786a979ef212\"\u003e\u003ccode\u003ee9d09d6\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/20327d35126e57e5fdbaae79a4b65222fbadc53c\"\u003e\u003ccode\u003e20327d3\u003c/code\u003e\u003c/a\u003e Move prevention of control character injection to more central place\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/ba40f9d60e1ff7b63de5d5bb272ae317e5382689\"\u003e\u003ccode\u003eba40f9d\u003c/code\u003e\u003c/a\u003e Update dev dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/6b0008b7cf5ca0b81d31604d15a9ff0bcbf1a5db\"\u003e\u003ccode\u003e6b0008b\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/2ecc8e2c500c5234115f06fd1dbde1aa03d70f4b\"\u003e\u003ccode\u003e2ecc8e2\u003c/code\u003e\u003c/a\u003e Reject control character injection attempts using paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/515d21fee0b05be5ab934af5acb79d1d977e8026\"\u003e\u003ccode\u003e515d21f\u003c/code\u003e\u003c/a\u003e Update security policy and reporting instructions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9744254b56061159751aee1b86ddd0f2ecef32ce\"\u003e\u003ccode\u003e9744254\u003c/code\u003e\u003c/a\u003e Link to security advisory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5d41e45073ed1a8a3b5e5a1bbfcd131e61295bf8\"\u003e\u003ccode\u003e5d41e45\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/49c2e73ed1cae4962ae38b33ab93a3548c2f5622\"\u003e\u003ccode\u003e49c2e73\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/2a2a0e6514357b9eda07c2f8afbd3f04727a7cd9\"\u003e\u003ccode\u003e2a2a0e6\u003c/code\u003e\u003c/a\u003e Skip invalid filenames\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.2 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.2...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 2.2.0 to 2.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README links by \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: release notes for the v1.20.4 release by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/674\"\u003eexpressjs/body-parser#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update URL-encoded parser description to include ISO-8859-1 encoding support by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/679\"\u003eexpressjs/body-parser#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use standard jsdoc tags everywhere by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/677\"\u003eexpressjs/body-parser#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/689\"\u003eexpressjs/body-parser#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/693\"\u003eexpressjs/body-parser#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.2.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/691\"\u003eexpressjs/body-parser#691\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\"\u003ehttps://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-13466\"\u003eCVE-2025-13466\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/593\"\u003eexpressjs/body-parser#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/594\"\u003eexpressjs/body-parser#594\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: type-is@^2.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/599\"\u003eexpressjs/body-parser#599\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/609\"\u003eexpressjs/body-parser#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/610\"\u003eexpressjs/body-parser#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/611\"\u003eexpressjs/body-parser#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/613\"\u003eexpressjs/body-parser#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/612\"\u003eexpressjs/body-parser#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add codeql github workflows scanning by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/614\"\u003eexpressjs/body-parser#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update CodeQL config to ignore the test directory by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/615\"\u003eexpressjs/body-parser#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/620\"\u003eexpressjs/body-parser#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/619\"\u003eexpressjs/body-parser#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): unpin devDependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/616\"\u003eexpressjs/body-parser#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/621\"\u003eexpressjs/body-parser#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/623\"\u003eexpressjs/body-parser#623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/624\"\u003eexpressjs/body-parser#624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/617\"\u003eexpressjs/body-parser#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/625\"\u003eexpressjs/body-parser#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/630\"\u003eexpressjs/body-parser#630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: move common request validation to read function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/600\"\u003eexpressjs/body-parser#600\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump iconv-lite by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/631\"\u003eexpressjs/body-parser#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: pull beta changelog forward into 2.0.0 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/629\"\u003eexpressjs/body-parser#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: optimize raw and text parsers with shared passthrough function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/634\"\u003eexpressjs/body-parser#634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/640\"\u003eexpressjs/body-parser#640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/639\"\u003eexpressjs/body-parser#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/636\"\u003eexpressjs/body-parser#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/637\"\u003eexpressjs/body-parser#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/638\"\u003eexpressjs/body-parser#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: raw-body@^3.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/641\"\u003eexpressjs/body-parser#641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.2.2 / 2026-01-07\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@^6.14.1\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.1 / 2025-11-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.1\u003c/li\u003e\n\u003cli\u003eiconv-lite@^0.7.0\n\u003cul\u003e\n\u003cli\u003eHandle split surrogate pairs when encoding UTF-8\u003c/li\u003e\n\u003cli\u003eAvoid false positives in \u003ccode\u003eencodingExists\u003c/code\u003e by using prototype-less objects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eraw-body@^3.0.1\u003c/li\u003e\n\u003cli\u003edebug@^4.4.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/3d248660b2e8b66732b232d7c758517fbf2420a6\"\u003e\u003ccode\u003e3d24866\u003c/code\u003e\u003c/a\u003e 2.2.2 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/8474a984c3ba36a1b4328ce019833b99caa0f08f\"\u003e\u003ccode\u003e8474a98\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/693\"\u003e#693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/03f17c2538552a57e6be537afca8c7587bd40aaa\"\u003e\u003ccode\u003e03f17c2\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/689\"\u003e#689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ea1f25e503c1b2f7ba6f8562724ae0fcd247fb75\"\u003e\u003ccode\u003eea1f25e\u003c/code\u003e\u003c/a\u003e docs: use standard jsdoc tags everywhere (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d7deef8ec61307fa28c22bc443cf8ed2f267945a\"\u003e\u003ccode\u003ed7deef8\u003c/code\u003e\u003c/a\u003e docs: update URL-encoded parser description to include ISO-8859-1 encoding su...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b6f52aabc65137c5227c8a462bddb761daeb96e7\"\u003e\u003ccode\u003eb6f52aa\u003c/code\u003e\u003c/a\u003e docs: release notes for the v1.20.4 release (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2965ca4af4883109cb2f651f4ce12da310902a0c\"\u003e\u003ccode\u003e2965ca4\u003c/code\u003e\u003c/a\u003e docs: update links (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d96b63da8d7445de317736471633bac83ec76cbb\"\u003e\u003ccode\u003ed96b63d\u003c/code\u003e\u003c/a\u003e 2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/659\"\u003e#659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63\"\u003e\u003ccode\u003eb204886\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2025-13466\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/e20e3512e085c1162e8ffe36ac65c705a8017251\"\u003e\u003ccode\u003ee20e351\u003c/code\u003e\u003c/a\u003e feat: remove \u003ccode\u003ehistory.md\u003c/code\u003e from being packaged on publish (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.0...v2.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.12 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 4.0.2 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 4.0.2 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev4.0.3 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5\"\u003e\u003ccode\u003ef06f3e4\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75\"\u003e\u003ccode\u003e0179a48\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683\"\u003e\u003ccode\u003e4568cae\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a\"\u003e\u003ccode\u003e4de0ffa\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/u...\n\n_Description has been truncated_","html_url":"https://github.com/dporkka/plate/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dporkka%2Fplate/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"},{"uuid":"4198704259","node_id":"PR_kwDOMB-e7s7PvLp-","number":49,"state":"open","title":"Bump the npm_and_yarn group across 17 directories with 22 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-03T06:31:57.000Z","updated_at":"2026-04-03T06:32:10.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":22,"packages":[{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"9.0.5","new_version":"9.0.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"9.0.3","new_version":"9.0.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"7.4.6","new_version":"7.4.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"5.1.6","new_version":"5.1.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"10.0.1","new_version":"10.2.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"webpack","old_version":"5.100.0","new_version":"5.105.4","repository_url":"https://github.com/webpack/webpack"},{"name":"zx","old_version":"8.7.0","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"@tootallnate/once","old_version":"3.0.0","new_version":"3.0.1","repository_url":"https://github.com/TooTallNate/once"},{"name":"brace-expansion","old_version":"1.1.12","new_version":"1.1.13","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"flatted","old_version":"3.3.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"playwright","old_version":"1.53.2","new_version":"1.59.1","repository_url":"https://github.com/microsoft/playwright"},{"name":"tar-fs","old_version":"2.1.3","new_version":"2.1.4","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tar-fs","old_version":"3.0.10","new_version":"3.1.2","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"svgo","old_version":"2.8.0","new_version":"2.8.2","repository_url":"https://github.com/svg/svgo"},{"name":"undici","old_version":"7.9.0","new_version":"7.24.7","repository_url":"https://github.com/nodejs/undici"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.3` | `9.0.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `7.4.6` | `7.4.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `10.0.1` | `10.2.5` |\n| [webpack](https://github.com/webpack/webpack) | `5.100.0` | `5.105.4` |\n| [zx](https://github.com/google/zx) | `8.7.0` | `8.8.5` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `3.0.0` | `3.0.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.13` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.1` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [playwright](https://github.com/microsoft/playwright) | `1.53.2` | `1.59.1` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.1.3` | `2.1.4` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `3.0.10` | `3.1.2` |\n| [svgo](https://github.com/svg/svgo) | `2.8.0` | `2.8.2` |\n| [undici](https://github.com/nodejs/undici) | `7.9.0` | `7.24.7` |\n\nBumps the npm_and_yarn group with 9 updates in the /build directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.13` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.2` | `2.0.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.0` | `2.3.2` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.1.3` | `2.1.4` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [jws](https://github.com/brianloveswords/node-jws) | `4.0.0` | `4.0.1` |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.8.10` | `0.8.12` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.0` | `5.5.10` |\n| [qs](https://github.com/ljharb/qs) | `6.13.0` | `6.15.0` |\n\nBumps the npm_and_yarn group with 4 updates in the /build/npm/gyp directory: [glob](https://github.com/isaacs/node-glob), [minimatch](https://github.com/isaacs/minimatch), [tar](https://github.com/isaacs/node-tar) and [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 1 update in the /extensions/css-language-features directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 2 updates in the /extensions/git directory: [picomatch](https://github.com/micromatch/picomatch) and [file-type](https://github.com/sindresorhus/file-type).\nBumps the npm_and_yarn group with 1 update in the /extensions/html-language-features directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 1 update in the /extensions/json-language-features directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 4 updates in the /extensions/markdown-language-features directory: [minimatch](https://github.com/isaacs/minimatch), [brace-expansion](https://github.com/juliangruber/brace-expansion), [picomatch](https://github.com/micromatch/picomatch) and [dompurify](https://github.com/cure53/DOMPurify).\nBumps the npm_and_yarn group with 1 update in the /extensions/microsoft-authentication directory: [jws](https://github.com/brianloveswords/node-jws).\nBumps the npm_and_yarn group with 1 update in the /extensions/notebook-renderers directory: [@tootallnate/once](https://github.com/TooTallNate/once).\nBumps the npm_and_yarn group with 4 updates in the /extensions/npm directory: [minimatch](https://github.com/isaacs/minimatch), [brace-expansion](https://github.com/juliangruber/brace-expansion), [js-yaml](https://github.com/nodeca/js-yaml) and [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 1 update in the /extensions/vscode-api-tests directory: [node-forge](https://github.com/digitalbazaar/forge).\nBumps the npm_and_yarn group with 4 updates in the /remote directory: [@tootallnate/once](https://github.com/TooTallNate/once), [picomatch](https://github.com/micromatch/picomatch), [tar-fs](https://github.com/mafintosh/tar-fs) and [undici](https://github.com/nodejs/undici).\nBumps the npm_and_yarn group with 3 updates in the /test/automation directory: [minimatch](https://github.com/isaacs/minimatch), [brace-expansion](https://github.com/juliangruber/brace-expansion) and [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 2 updates in the /test/integration/browser directory: [minimatch](https://github.com/isaacs/minimatch) and [brace-expansion](https://github.com/juliangruber/brace-expansion).\nBumps the npm_and_yarn group with 1 update in the /test/monaco directory: [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 2 updates in the /test/smoke directory: [minimatch](https://github.com/isaacs/minimatch) and [brace-expansion](https://github.com/juliangruber/brace-expansion).\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 9.0.5 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 9.0.3 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 7.4.6 to 7.4.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 5.1.6 to 5.1.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 10.0.1 to 10.2.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack` from 5.100.0 to 5.105.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/releases\"\u003ewebpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.105.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eModule.getSourceBasicTypes\u003c/code\u003e to distinguish basic source types and clarify how modules with non-basic source types like \u003ccode\u003eremote\u003c/code\u003e still produce JavaScript output. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20546\"\u003e#20546\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003ecreateRequire\u003c/code\u003e in expressions. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20549\"\u003e#20549\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed types for multi stats. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20556\"\u003e#20556\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove empty needless js output for normal css module. (by \u003ca href=\"https://github.com/JSerFeng\"\u003e\u003ccode\u003e@​JSerFeng\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20162\"\u003e#20162\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate \u003ccode\u003eenhanced-resolve\u003c/code\u003e to support new features for \u003ccode\u003etsconfig.json\u003c/code\u003e. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20555\"\u003e#20555\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNarrows export presence guard detection to explicit existence checks on namespace imports only, i.e. patterns like \u0026quot;x\u0026quot; in ns. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20561\"\u003e#20561\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.105.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eContext modules now handle rejections correctly. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20455\"\u003e#20455\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnly mark asset modules as side-effect-free when \u003ccode\u003eexperimental.futureDefaults\u003c/code\u003e is set to true, so asset-copying use cases (e.g. \u003ccode\u003eimport \u0026quot;./x.png\u0026quot;\u003c/code\u003e) won’t break unless the option is enabled. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20535\"\u003e#20535\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd the missing \u003cstrong\u003ewebpack_exports\u003c/strong\u003e declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20463\"\u003e#20463\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed HMR failure for CSS modules with \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e when exportType !== \u0026quot;link\u0026quot;. When exportType is not \u0026quot;link\u0026quot;, CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e CSS to work correctly during hot module replacement. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20514\"\u003e#20514\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20454\"\u003e#20454\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDo not crash when a referenced chunk is not a runtime chunk. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20461\"\u003e#20461\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some types. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20412\"\u003e#20412\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20510\"\u003e#20510\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded \u003ccode\u003ecreateRequire\u003c/code\u003e support for ECMA modules. (by \u003ca href=\"https://github.com/stefanbinoj\"\u003e\u003ccode\u003e@​stefanbinoj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20497\"\u003e#20497\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded category for CJS reexport dependency to fix issues with ECMA modules. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20444\"\u003e#20444\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImplement immutable bytes for \u003ccode\u003ebytes\u003c/code\u003e import attribute to match tc39 spec. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20481\"\u003e#20481\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed deterministic search for graph roots regardless of edge order. (by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20452\"\u003e#20452\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.105.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eWebpackPluginInstance\u003c/code\u003e type regression. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20440\"\u003e#20440\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.105.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/blob/main/CHANGELOG.md\"\u003ewebpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.105.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eModule.getSourceBasicTypes\u003c/code\u003e to distinguish basic source types and clarify how modules with non-basic source types like \u003ccode\u003eremote\u003c/code\u003e still produce JavaScript output. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20546\"\u003e#20546\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003ecreateRequire\u003c/code\u003e in expressions. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20549\"\u003e#20549\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed types for multi stats. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20556\"\u003e#20556\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove empty needless js output for normal css module. (by \u003ca href=\"https://github.com/JSerFeng\"\u003e\u003ccode\u003e@​JSerFeng\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20162\"\u003e#20162\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate \u003ccode\u003eenhanced-resolve\u003c/code\u003e to support new features for \u003ccode\u003etsconfig.json\u003c/code\u003e. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20555\"\u003e#20555\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNarrows export presence guard detection to explicit existence checks on namespace imports only, i.e. patterns like \u0026quot;x\u0026quot; in ns. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20561\"\u003e#20561\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.105.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eContext modules now handle rejections correctly. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20455\"\u003e#20455\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnly mark asset modules as side-effect-free when \u003ccode\u003eexperimental.futureDefaults\u003c/code\u003e is set to true, so asset-copying use cases (e.g. \u003ccode\u003eimport \u0026quot;./x.png\u0026quot;\u003c/code\u003e) won’t break unless the option is enabled. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20535\"\u003e#20535\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd the missing \u003cstrong\u003ewebpack_exports\u003c/strong\u003e declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20463\"\u003e#20463\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed HMR failure for CSS modules with \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e when exportType !== \u0026quot;link\u0026quot;. When exportType is not \u0026quot;link\u0026quot;, CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e CSS to work correctly during hot module replacement. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20514\"\u003e#20514\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20454\"\u003e#20454\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDo not crash when a referenced chunk is not a runtime chunk. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20461\"\u003e#20461\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some types. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20412\"\u003e#20412\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20510\"\u003e#20510\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded \u003ccode\u003ecreateRequire\u003c/code\u003e support for ECMA modules. (by \u003ca href=\"https://github.com/stefanbinoj\"\u003e\u003ccode\u003e@​stefanbinoj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20497\"\u003e#20497\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded category for CJS reexport dependency to fix issues with ECMA modules. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20444\"\u003e#20444\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImplement immutable bytes for \u003ccode\u003ebytes\u003c/code\u003e import attribute to match tc39 spec. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20481\"\u003e#20481\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed deterministic search for graph roots regardless of edge order. (by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20452\"\u003e#20452\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.105.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eWebpackPluginInstance\u003c/code\u003e type regression. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20440\"\u003e#20440\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/27c13b44c861908793f160f9f7413b32543c0522\"\u003e\u003ccode\u003e27c13b4\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20550\"\u003e#20550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/9b2f41ee98e01a9265c430d2c52fa6a9db0e177a\"\u003e\u003ccode\u003e9b2f41e\u003c/code\u003e\u003c/a\u003e chore: bump terser plugin (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20569\"\u003e#20569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/eafe0605b018dd4e19a46d45fb5d72442772aff1\"\u003e\u003ccode\u003eeafe060\u003c/code\u003e\u003c/a\u003e fix: narrow the export presence guard detection (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20561\"\u003e#20561\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/75d605cb57b23257ee88f99ada7938273ea3a1ff\"\u003e\u003ccode\u003e75d605c\u003c/code\u003e\u003c/a\u003e refactor: add AppendOnlyStackedSet iteration support and tests (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20560\"\u003e#20560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/afa607d0967f6b0259bfe9f62d99ef97db64bdac\"\u003e\u003ccode\u003eafa607d\u003c/code\u003e\u003c/a\u003e refactor: remove unused code (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20562\"\u003e#20562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/40989026fa542ceffa2821e5d25ae0d87c0bd09b\"\u003e\u003ccode\u003e4098902\u003c/code\u003e\u003c/a\u003e test: add source files for web-webworker and web-webworker-auto-public-path (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/f97be67fdd3c59acff2c0da7dd9f04835b037e4c\"\u003e\u003ccode\u003ef97be67\u003c/code\u003e\u003c/a\u003e refactor: fix duplicated word in Compilation JSDoc (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20547\"\u003e#20547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/9d76fff9f645d194c293f12dadf029173e9ed1d1\"\u003e\u003ccode\u003e9d76fff\u003c/code\u003e\u003c/a\u003e refactor: add Module.getSourceBasicTypes for basic JS type detection (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20546\"\u003e#20546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/a3d7839376784b2e44987b77f7d6bcc2ed3a0bdc\"\u003e\u003ccode\u003ea3d7839\u003c/code\u003e\u003c/a\u003e fix: types for multi stats (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20556\"\u003e#20556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/b8e9b057bebccf6268d9b348bc23b056c66a067b\"\u003e\u003ccode\u003eb8e9b05\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003eenhanced-resolve\u003c/code\u003e to support new features for \u003ccode\u003etsconfig.json\u003c/code\u003e (#...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpack/webpack/compare/v5.100.0...v5.105.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for webpack since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 8.7.0 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.7.0...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tootallnate/once` from 3.0.0 to 3.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/releases\"\u003e\u003ccode\u003e@​tootallnate/once\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e28dbc5d: Fix promise hang when \u003ccode\u003eAbortSignal\u003c/code\u003e is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/blob/master/CHANGELOG.md\"\u003e\u003ccode\u003e@​tootallnate/once\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e28dbc5d: Fix promise hang when \u003ccode\u003eAbortSignal\u003c/code\u003e is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b31c7623e18b128325a05da02aa0832ee289b893\"\u003e\u003ccode\u003eb31c762\u003c/code\u003e\u003c/a\u003e Fix publish?\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/d2f7407721c023426c1af0712dbd71a3ca91d899\"\u003e\u003ccode\u003ed2f7407\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/TooTallNate/once/issues/9\"\u003e#9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/081645cb260aa86a55e5bffad2f1b52155cee8ea\"\u003e\u003ccode\u003e081645c\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/f01fa45d958113c60f54bf7f83e460741d811a47\"\u003e\u003ccode\u003ef01fa45\u003c/code\u003e\u003c/a\u003e Fix Release job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/28dbc5d7f9342ddfb6014ca5f3dc4206048db9cb\"\u003e\u003ccode\u003e28dbc5d\u003c/code\u003e\u003c/a\u003e Add Changesets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/e66503b7f028a9fe7d22e2547d17cea71be05937\"\u003e\u003ccode\u003ee66503b\u003c/code\u003e\u003c/a\u003e Use pnpm in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/6ec8b43f617a6feeb78ab98a4eb999123b664d2b\"\u003e\u003ccode\u003e6ec8b43\u003c/code\u003e\u003c/a\u003e Fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b9f43cc5259bee2952d91ad3cdbd201a82df448a\"\u003e\u003ccode\u003eb9f43cc\u003c/code\u003e\u003c/a\u003e Fix promise hang when \u003ccode\u003eAbortSignal\u003c/code\u003e is aborted\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/a8c9dc3b7a241f992ebcde5b6b76ad5f97ce99af\"\u003e\u003ccode\u003ea8c9dc3\u003c/code\u003e\u003c/a\u003e Add pnpm-lock.yaml file\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/TooTallNate/once/compare/3.0.0...v3.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​tootallnate/once\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.12 to 1.1.13\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v1.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.1...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `playwright` from 1.53.2 to 1.59.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/playwright/releases\"\u003eplaywright's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.59.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e[Windows]\u003c/strong\u003e Reverted hiding console window when spawning browser processes, which caused regressions including broken \u003ccode\u003ecodegen\u003c/code\u003e, \u003ccode\u003e--ui\u003c/code\u003e and \u003ccode\u003eshow\u003c/code\u003e commands (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39990\"\u003e#39990\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.59.0\u003c/h2\u003e\n\u003ch2\u003e🎬 Screencast\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-page#page-screencast\"\u003epage.screencast\u003c/a\u003e API provides a unified interface for capturing page content with:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eScreencast recordings\u003c/li\u003e\n\u003cli\u003eAction annotations\u003c/li\u003e\n\u003cli\u003eVisual overlays\u003c/li\u003e\n\u003cli\u003eReal-time frame capture\u003c/li\u003e\n\u003cli\u003eAgentic video receipts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003cstrong\u003eScreencast recording\u003c/strong\u003e — record video with precise start/stop control, as an alternative to the \u003ca href=\"https://playwright.dev/docs/api/class-browser#browser-new-context-option-record-video\"\u003e\u003ccode\u003erecordVideo\u003c/code\u003e\u003c/a\u003e option:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait page.screencast.start({ path: 'video.webm' });\r\n// ... perform actions ...\r\nawait page.screencast.stop();\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cstrong\u003eAction annotations\u003c/strong\u003e — enable built-in visual annotations that highlight interacted elements and display action titles during recording:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait page.screencast.showActions({ position: 'top-right' });\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003ca href=\"https://playwright.dev/docs/api/class-screencast#screencast-show-actions\"\u003escreencast.showActions()\u003c/a\u003e accepts \u003ccode\u003eposition\u003c/code\u003e (\u003ccode\u003e'top-left'\u003c/code\u003e, \u003ccode\u003e'top'\u003c/code\u003e, \u003ccode\u003e'top-right'\u003c/code\u003e, \u003ccode\u003e'bottom-left'\u003c/code\u003e, \u003ccode\u003e'bottom'\u003c/code\u003e, \u003ccode\u003e'bottom-right'\u003c/code\u003e), \u003ccode\u003eduration\u003c/code\u003e (ms per annotation), and \u003ccode\u003efontSize\u003c/code\u003e (px). Returns a disposable to stop showing actions.\u003c/p\u003e\n\u003cp\u003eAction annotations can also be enabled in test fixtures via the \u003ccode\u003evideo\u003c/code\u003e option:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// playwright.config.ts\r\nexport default defineConfig({\r\n  use: {\r\n    video: {\r\n      mode: 'on',\r\n      show: {\r\n        actions: { position: 'top-left' },\r\n        test: { position: 'top-right' },\r\n      },\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/d466ac5358cae058cdc75d2ae3ab3ad220042730\"\u003e\u003ccode\u003ed466ac5\u003c/code\u003e\u003c/a\u003e chore: mark v1.59.1 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40005\"\u003e#40005\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/530e7e5f0021730948605a5788790d353d9cf444\"\u003e\u003ccode\u003e530e7e5\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/4004\"\u003e#4004\u003c/a\u003e): fix(cli): kill-all should kill dashboard\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9aa216c8d7f866e8a8fa94ca55d86e81a8f4decb\"\u003e\u003ccode\u003e9aa216c\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39994\"\u003e#39994\u003c/a\u003e): Revert \u0026quot;fix(windows): hide console window when spawning ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/01b2b1533e0bfa1c582117e3ec109fcb57657747\"\u003e\u003ccode\u003e01b2b15\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39980\"\u003e#39980\u003c/a\u003e): chore: more release notes fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/a5cb6c9a2f52078de075413beb812e3180d195ba\"\u003e\u003ccode\u003ea5cb6c9\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39972\"\u003e#39972\u003c/a\u003e): chore: expose browser.bind and browser.unbind APIs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/99a17b58541798b03257c57a9e5589db2394f89e\"\u003e\u003ccode\u003e99a17b5\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39975\"\u003e#39975\u003c/a\u003e): chore: support opening .trace files via .link indirection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/43607c3b71d89445a6473708429eeecd6f571d6e\"\u003e\u003ccode\u003e43607c3\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39974\"\u003e#39974\u003c/a\u003e): chore(webkit): update Safari user-agent version to 26.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/62cabe19eb07e329086e5cb20441737cf51367d0\"\u003e\u003ccode\u003e62cabe1\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39969\"\u003e#39969\u003c/a\u003e): chore(npm): include all *.md from lib (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39970\"\u003e#39970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/0c65a759af337ba5143ebbe34afe4141482ce2d4\"\u003e\u003ccode\u003e0c65a75\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39968\"\u003e#39968\u003c/a\u003e): chore: screencast.showActions api\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/f04155b09034c21719162146d6016de9933a2dbe\"\u003e\u003ccode\u003ef04155b\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39958\"\u003e#39958\u003c/a\u003e): chore: release notes for langs v1.59\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/playwright/compare/v1.53.2...v1.59.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for playwright since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar-fs` from 2.1.3 to 2.1.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/f421a235565b6a6d305bdf87e999ebdfae9dd1cc\"\u003e\u003ccode\u003ef421a23\u003c/code\u003e\u003c/a\u003e 2.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/c412fa130e216d4c01392f6fb62c8725c1a4ac8b\"\u003e\u003ccode\u003ec412fa1\u003c/code\u003e\u003c/a\u003e refactor to same pattern as v3\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mafintosh/tar-fs/compare/v2.1.3...v2.1.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar-fs` from 3.0.10 to 3.1.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/f421a235565b6a6d305bdf87e999ebdfae9dd1cc\"\u003e\u003ccode\u003ef421a23\u003c/code\u003e\u003c/a\u003e 2.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/c412fa130e216d4c01392f6fb62c8725c1a4ac8b\"\u003e\u003ccode\u003ec412fa1\u003c/code\u003e\u003c/a\u003e refactor to same pattern as v3\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mafintosh/tar-fs/compare/v2.1.3...v2.1.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `svgo` from 2.8.0 to 2.8.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/svg/svgo/releases\"\u003esvgo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.8.2\u003c/h2\u003e\n\u003cp\u003eThis is effectively just a re-release of SVGO v2.8.1, but with \u003ccode\u003e*.test.js\u003c/code\u003e files omitted. It seems something was wrong with the configuration in the v2.8.0 tag and I hadn't noticed it included a few extra files. :sweat_smile:\u003c/p\u003e\n\u003cp\u003eWe'll deprecate v2.8.1, and I'll include the change log here.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMigrates from our unsupported fork of sax (\u003ca href=\"https://www.npmjs.com/package/@trysound/sax\"\u003e\u003ccode\u003e@​trysound/sax\u003c/code\u003e\u003c/a\u003e) to the upstream version of sax (\u003ca href=\"https://www.npmjs.com/package/sax\"\u003esax\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNo longer throws error when encountering comments in DTD.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMetrics\u003c/h2\u003e\n\u003cp\u003eBefore and after of the browser bundle of each respective version:\u003c/p\u003e\n\u003ctable...\n\n_Description has been truncated_","html_url":"https://github.com/SherfeyInv/vscode/pull/49","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SherfeyInv%2Fvscode/issues/49","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/49/packages"},{"uuid":"4194868901","node_id":"PR_kwDOGZklnc7PkuKY","number":114,"state":"closed","title":"Bump the npm_and_yarn group across 3 directories with 20 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-03T06:20:33.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-02T14:09:47.000Z","updated_at":"2026-04-03T06:20:42.000Z","time_to_close":58246,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":20,"packages":[{"name":"rollup","old_version":"2.60.0","new_version":"2.80.0","repository_url":"https://github.com/rollup/rollup"},{"name":"vite","old_version":"2.9.17","new_version":"5.4.21","repository_url":"https://github.com/vitejs/vite"},{"name":"zx","old_version":"4.3.0","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"@angular/common","old_version":"13.1.2","new_version":"19.2.16","repository_url":"https://github.com/angular/angular"},{"name":"@angular/compiler","old_version":"13.1.2","new_version":"19.2.18","repository_url":"https://github.com/angular/angular"},{"name":"@angular/core","old_version":"13.1.2","new_version":"19.2.20","repository_url":"https://github.com/angular/angular"},{"name":"@babel/helpers","old_version":"7.16.7","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.13","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"express","old_version":"4.17.2","new_version":"4.22.1","repository_url":"https://github.com/expressjs/express"},{"name":"flatted","old_version":"3.2.4","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"handlebars","old_version":"4.7.7","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"http-proxy-middleware","old_version":"2.0.1","new_version":"2.0.9","repository_url":"https://github.com/chimurai/http-proxy-middleware"},{"name":"immutable","old_version":"4.0.0","new_version":"4.3.8","repository_url":"https://github.com/immutable-js/immutable-js"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"pug-code-gen","old_version":"3.0.2","new_version":"3.0.4","repository_url":"https://github.com/pugjs/pug"},{"name":"yaml","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 17 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [rollup](https://github.com/rollup/rollup) | `2.60.0` | `2.80.0` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `2.9.17` | `5.4.21` |\n| [zx](https://github.com/google/zx) | `4.3.0` | `8.8.5` |\n| [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common) | `13.1.2` | `19.2.16` |\n| [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) | `13.1.2` | `19.2.18` |\n| [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `13.1.2` | `19.2.20` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.16.7` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.13` |\n| [express](https://github.com/expressjs/express) | `4.17.2` | `4.22.1` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.4` | `3.4.2` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.7` | `4.7.9` |\n| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.1` | `2.0.9` |\n| [immutable](https://github.com/immutable-js/immutable-js) | `4.0.0` | `4.3.8` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [pug-code-gen](https://github.com/pugjs/pug) | `3.0.2` | `3.0.4` |\n| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |\n\nBumps the npm_and_yarn group with 3 updates in the /examples/angular directory: [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common), [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) and [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core).\nBumps the npm_and_yarn group with 3 updates in the /packages/widget-angular directory: [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common), [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) and [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core).\n\nUpdates `rollup` from 2.60.0 to 2.80.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/releases\"\u003erollup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev.2.79.2\u003c/h2\u003e\n\u003ch2\u003e2.79.2\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2024-09-26\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a vulnerability in generated code that affects IIFE, UMD and CJS bundles when run in a browser context (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/5671\"\u003e#5671\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/5671\"\u003e#5671\u003c/a\u003e: Fix DOM Clobbering CVE (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/blob/v2.80.0/CHANGELOG.md\"\u003erollup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.80.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6277\"\u003e#6277\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6277\"\u003e#6277\u003c/a\u003e: Validate bundle stays within output dir (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.79.2\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2024-09-26\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eResolve CVE-2024-43788 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/5677\"\u003e#5677\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/5677\"\u003e#5677\u003c/a\u003e: resolve DOM Clobbering CVE-2024-43788 (backport to v2) (\u003ca href=\"https://github.com/fabianszabo\"\u003e\u003ccode\u003e@​fabianszabo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.79.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2022-09-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid massive performance degradation when creating thousands of chunks (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4643\"\u003e#4643\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/4639\"\u003e#4639\u003c/a\u003e: fix: typo docs and contributors link in CONTRIBUTING.md (\u003ca href=\"https://github.com/takurinton\"\u003e\u003ccode\u003e@​takurinton\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/4641\"\u003e#4641\u003c/a\u003e: Update type definition of resolveId (\u003ca href=\"https://github.com/ivanjonas\"\u003e\u003ccode\u003e@​ivanjonas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/4643\"\u003e#4643\u003c/a\u003e: Improve performance of chunk naming collision check (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.79.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2022-08-31\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eamd.forceJsExtensionForImports\u003c/code\u003e to enforce using \u003ccode\u003e.js\u003c/code\u003e extensions for relative AMD imports (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4607\"\u003e#4607\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/4607\"\u003e#4607\u003c/a\u003e: add option to keep extensions for amd (\u003ca href=\"https://github.com/wh1tevs\"\u003e\u003ccode\u003e@​wh1tevs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/d17ae15336a45c3c59b2a4aacac2b14186035d28\"\u003e\u003ccode\u003ed17ae15\u003c/code\u003e\u003c/a\u003e 2.80.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/d6dee5e99bb82aac0bee1df4ab9efbde455452c3\"\u003e\u003ccode\u003ed6dee5e\u003c/code\u003e\u003c/a\u003e Validate bundle stays within output dir (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6277\"\u003e#6277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/c9bd03d12e96c46122a0372d3bbe9b468cee57da\"\u003e\u003ccode\u003ec9bd03d\u003c/code\u003e\u003c/a\u003e 2.79.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/48aef33cf2f2a6dfb175afb3bcd6a977c81f1d5c\"\u003e\u003ccode\u003e48aef33\u003c/code\u003e\u003c/a\u003e fix: resolve DOM Clobbering CVE-2024-43788 (backport to v2) (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/5677\"\u003e#5677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/69ff4181e701a0fe0026d0ba147f31bc86beffa8\"\u003e\u003ccode\u003e69ff418\u003c/code\u003e\u003c/a\u003e 2.79.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/04dce1bc734c22924b02c3d57061710dcb6395e4\"\u003e\u003ccode\u003e04dce1b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/159137e6425a97c126645110d19d0533643d5ee7\"\u003e\u003ccode\u003e159137e\u003c/code\u003e\u003c/a\u003e fix: typo docs and contributors link in CONTRIBUTING.md (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4639\"\u003e#4639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/e1392b3905de33dc432a5692f9a6ec60103ea2f6\"\u003e\u003ccode\u003ee1392b3\u003c/code\u003e\u003c/a\u003e Update type definition of resolveId (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4641\"\u003e#4641\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/7836357aaeb1fb103318bca3f0ee8beacdec0470\"\u003e\u003ccode\u003e7836357\u003c/code\u003e\u003c/a\u003e Improve performance of chunk naming collision check (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4643\"\u003e#4643\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/71d20c9d4a75b51b95c56df43ba1efd934158acb\"\u003e\u003ccode\u003e71d20c9\u003c/code\u003e\u003c/a\u003e Reduce permissions for repl-artefacts.yml workflow (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4630\"\u003e#4630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rollup/rollup/compare/v2.60.0...v2.80.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 2.9.17 to 5.4.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.4.21\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.20\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/ca88ed7398288ce0c60176ac9a6392f10654c67c/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.21 (2025-10-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970\"\u003e#20970\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c\"\u003ecad1d31\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20968\"\u003e#20968\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20970\"\u003e#20970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update CHANGELOG (\u003ca href=\"https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c\"\u003eca88ed7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.20 (2025-09-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea\"\u003e482000f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20736\"\u003e#20736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: port sirv@3.0.2 changes to sirv@2.0.4 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20737\"\u003e#20737\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/4f1c35bcbb5830290c694aa14b6789e07450f069\"\u003e4f1c35b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20737\"\u003e#20737\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.19 (2025-04-30)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e, check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966\"\u003e#19966\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0\"\u003e766947e\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19965\"\u003e#19965\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19966\"\u003e#19966\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.18 (2025-04-10)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830\"\u003e#19830\u003c/a\u003e, reject requests with \u003ccode\u003e#\u003c/code\u003e in request-target (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831\"\u003e#19831\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f\"\u003e823675b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19830\"\u003e#19830\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19831\"\u003e#19831\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.17 (2025-04-03)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19782\"\u003e#19782\u003c/a\u003e, fs check with svg and relative paths (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19784\"\u003e#19784\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/84b2b46ed129be8215108e789a90adbb33a9c42c\"\u003e84b2b46\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19782\"\u003e#19782\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19784\"\u003e#19784\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.16 (2025-03-31)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19761\"\u003e#19761\u003c/a\u003e, fs check in transform middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19762\"\u003e#19762\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/b627c50d359f3bd9b602408fbbf462cf4a2f019c\"\u003eb627c50\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19761\"\u003e#19761\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19762\"\u003e#19762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.15 (2025-03-24)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19702\"\u003e#19702\u003c/a\u003e, fs raw query with query separators (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19703\"\u003e#19703\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/807d7f06d33ab49c48a2a3501da3eea1906c0d41\"\u003e807d7f0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19702\"\u003e#19702\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19703\"\u003e#19703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.14 (2025-01-21)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: \u003ccode\u003epreview.allowedHosts\u003c/code\u003e with specific values was not respected (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19246\"\u003e#19246\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/9df6e6beabf0d18988ec13b8b742d2aba29662f9\"\u003e9df6e6b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19246\"\u003e#19246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: allow CORS from loopback addresses by default (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19249\"\u003e#19249\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/7d1699ccf673e2790704756d89d2e1e4ee478fb4\"\u003e7d1699c\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19249\"\u003e#19249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/adce3c22c64cc9d44cc8f45cc92b543e3e4bf385\"\u003e\u003ccode\u003eadce3c2\u003c/code\u003e\u003c/a\u003e release: v5.4.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c\"\u003e\u003ccode\u003ecad1d31\u003c/code\u003e\u003c/a\u003e fix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970\"\u003e#20970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c\"\u003e\u003ccode\u003eca88ed7\u003c/code\u003e\u003c/a\u003e chore: update CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/997700f01c7199daf7330d33a7fd3a43b2e9e3ba\"\u003e\u003ccode\u003e997700f\u003c/code\u003e\u003c/a\u003e release: v5.4.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea\"\u003e\u003ccode\u003e482000f\u003c/code\u003e\u003c/a\u003e fix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/80a333a23103ced0442d4463d1191433d90f5e19\"\u003e\u003ccode\u003e80a333a\u003c/code\u003e\u003c/a\u003e release: v5.4.19\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0\"\u003e\u003ccode\u003e766947e\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e, check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966\"\u003e#19966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/731b77d19d36f5682a5441b49cb2f6473389ad99\"\u003e\u003ccode\u003e731b77d\u003c/code\u003e\u003c/a\u003e release: v5.4.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f\"\u003e\u003ccode\u003e823675b\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830\"\u003e#19830\u003c/a\u003e, reject requests with \u003ccode\u003e#\u003c/code\u003e in request-target (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831\"\u003e#19831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/0a2518a98d2354c61ee8ef51f7d00fa92aebb511\"\u003e\u003ccode\u003e0a2518a\u003c/code\u003e\u003c/a\u003e release: v5.4.17\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v5.4.21/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 4.3.0 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/4.3.0...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@angular/common` from 13.1.2 to 19.2.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e\u003ccode\u003e@​angular/common\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.16\u003c/h2\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003cimg src=\"https://img.shields.io/badge/05fe6686a9-fix-green\" alt=\"fix - 05fe6686a9\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.15\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/70d0639bc19e376af1a0491898f54a026d3227e2\"\u003e\u003cimg src=\"https://img.shields.io/badge/70d0639bc1-fix-green\" alt=\"fix - 70d0639bc1\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eintroduce \u003ccode\u003eBootstrapContext\u003c/code\u003e for improved server bootstrapping (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/63639\"\u003e#63639\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eThe server-side bootstrapping process has been changed to eliminate the reliance on a global platform injector.\u003c/p\u003e\n\u003cp\u003eBefore:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst bootstrap = () =\u0026gt; bootstrapApplication(AppComponent, config);\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAfter:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst bootstrap = (context: BootstrapContext) =\u0026gt;\r\n  bootstrapApplication(AppComponent, config, context);\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eA schematic is provided to automatically update \u003ccode\u003emain.server.ts\u003c/code\u003e files to pass the \u003ccode\u003eBootstrapContext\u003c/code\u003e to the \u003ccode\u003ebootstrapApplication\u003c/code\u003e call.\u003c/p\u003e\n\u003cp\u003eIn addition, \u003ccode\u003egetPlatform()\u003c/code\u003e and \u003ccode\u003edestroyPlatform()\u003c/code\u003e will now return \u003ccode\u003enull\u003c/code\u003e and be a no-op respectively when running in a server environment.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information please see: \u003ca href=\"https://github.com/angular/angular/security/advisories/GHSA-68x2-mx4q-78m7\"\u003ehttps://github.com/angular/angular/security/advisories/GHSA-68x2-mx4q-78m7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e18.2.14\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/9d1fb33f5eeadd9da48d0306463235e6d33f82b1\"\u003e\u003cimg src=\"https://img.shields.io/badge/9d1fb33f5e-fix-green\" alt=\"fix - 9d1fb33f5e\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eintroduce \u003ccode\u003eBootstrapContext\u003c/code\u003e for improved server bootstrapping (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/63640\"\u003e#63640\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eThe server-side bootstrapping process has been changed to eliminate the reliance on a global platform injector.\u003c/p\u003e\n\u003cp\u003eBefore:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst bootstrap = () =\u0026gt; bootstrapApplication(AppComponent, config);\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAfter:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst bootstrap = (context: BootstrapContext) =\u0026gt;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e\u003ccode\u003e@​angular/common\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e19.2.16 (2025-11-26)\u003c/h1\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e05fe6686a9\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e20.3.14 (2025-11-25)\u003c/h1\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f\"\u003e0276479e7d\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.0.1 (2025-11-25)\u003c/h1\u003e\n\u003ch3\u003ecompiler-cli\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/39c577bc362b263896b38c9486131d4342b8f1a8\"\u003e39c577bc36\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edo not type check native controls with ControlValueAccessor\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/8d3a89a477e273b9b2223b6db775955e35105963\"\u003e8d3a89a477\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eescape angular control flow in jsdoc\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/bc34083d349a7d30efb43df97de0509fd85a1996\"\u003ebc34083d34\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eignore non-existent files\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0ea1e071742a031d9afb7a39f8e23082cd88ca2e\"\u003e0ea1e07174\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eapply bootstrap-options migration to \u003ccode\u003eplatformBrowserDynamic\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/70507b8c1ce733b8232a12fa45037ee219b5b102\"\u003e70507b8c1c\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edebug data causing memory leak for root effects\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/a55482fca3b7e4f39d95f8ff236b6619e59b8190\"\u003ea55482fca3\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003enotify profiler events in case of errors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/49ad7c650818ee7db321a24c89282dbf9bb250f3\"\u003e49ad7c6508\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003euse injected \u003ccode\u003eDOCUMENT\u003c/code\u003e for \u003ccode\u003eCSP_NONCE\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1ec099315b0f429d0b0f07c9b1bf686668db6b\"\u003ecc1ec09931\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eperf\u003c/td\u003e\n\u003ctd\u003eavoid repeat searches for field directive\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eforms\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7d5c7cf99aa5c6490f8bea950b04bd56073582a1\"\u003e7d5c7cf99a\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efeat\u003c/td\u003e\n\u003ctd\u003eadd DI option for classes on \u003ccode\u003eField\u003c/code\u003e directive\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/8acf5d27563ec51cc76971732d50e1f4142a3fe3\"\u003e8acf5d2756\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow dynamic \u003ccode\u003etype\u003c/code\u003e bindings on signal form controls\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003ccode\u003e05fe668\u003c/code\u003e\u003c/a\u003e fix(http): prevent XSRF token leakage to protocol-relative URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/12e2302a0425f3a2b09cb00d743cbdb099a5eb31\"\u003e\u003ccode\u003e12e2302\u003c/code\u003e\u003c/a\u003e build: update common's locales to use rules_js (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61630\"\u003e#61630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/9701047b9f41175a498b8bb35563e2ed277b83e1\"\u003e\u003ccode\u003e9701047\u003c/code\u003e\u003c/a\u003e test(common): Add circular deps test to 19.2.x (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61651\"\u003e#61651\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/2c876b4fc5d89ce925b1403e239c7d162e39346b\"\u003e\u003ccode\u003e2c876b4\u003c/code\u003e\u003c/a\u003e fix(common): avoid injecting ApplicationRef in FetchBackend (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61649\"\u003e#61649\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/8e54b5773f8f74bdd2e2c0a4c89c84543c99b834\"\u003e\u003ccode\u003e8e54b57\u003c/code\u003e\u003c/a\u003e build: move private testing helpers outside \u003ccode\u003eplatform-browser/testing\u003c/code\u003e (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61571\"\u003e#61571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/2b1b14f4d3751b9b3c351ddc412ecdcb2aea4781\"\u003e\u003ccode\u003e2b1b14f\u003c/code\u003e\u003c/a\u003e fix(core): cleanup \u003ccode\u003erxResource\u003c/code\u003e abort listener (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/58306\"\u003e#58306\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/126efc9972e18806e71977d51a55f8ec2f0514d6\"\u003e\u003ccode\u003e126efc9\u003c/code\u003e\u003c/a\u003e fix(common): cancel reader when app is destroyed (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61528\"\u003e#61528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/efda8724535a8560a64b28cc2bf81df5931af686\"\u003e\u003ccode\u003eefda872\u003c/code\u003e\u003c/a\u003e fix(common): prevent reading chunks if app is destroyed (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61354\"\u003e#61354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/c43fd3a39c8d7b6ab23037a87456f6acfb4eb08f\"\u003e\u003ccode\u003ec43fd3a\u003c/code\u003e\u003c/a\u003e build: migrate common to use rules_js based toolchain (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61434\"\u003e#61434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/185b7801ee0eede67f0ca5a501833eb4f392098b\"\u003e\u003ccode\u003e185b780\u003c/code\u003e\u003c/a\u003e build: migrate \u003ccode\u003epackages/core/schematics\u003c/code\u003e to \u003ccode\u003ets_project\u003c/code\u003e (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61420\"\u003e#61420\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/19.2.16/packages/common\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@angular/compiler` from 13.1.2 to 19.2.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e\u003ccode\u003e@​angular/compiler\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.18\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003cimg src=\"https://img.shields.io/badge/26cdc53d9c-fix-green\" alt=\"fix - 26cdc53d9c\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.17\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003cimg src=\"https://img.shields.io/badge/7c42e2ebeb-fix-green\" alt=\"fix - 7c42e2ebeb\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.16\u003c/h2\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003cimg src=\"https://img.shields.io/badge/05fe6686a9-fix-green\" alt=\"fix - 05fe6686a9\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.15\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/70d0639bc19e376af1a0491898f54a026d3227e2\"\u003e\u003cimg src=\"https://img.shields.io/badge/70d0639bc1-fix-green\" alt=\"fix - 70d0639bc1\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eintroduce \u003ccode\u003eBootstrapContext\u003c/code\u003e for improved server bootstrapping (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/63639\"\u003e#63639\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eThe server-side bootstrapping process has been changed to eliminate the reliance on a global platform injector.\u003c/p\u003e\n\u003cp\u003eBefore:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst bootstrap = () =\u0026gt; bootstrapApplication(AppComponent, config);\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAfter:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst bootstrap = (context: BootstrapContext) =\u0026gt;\r\n  bootstrapApplication(AppComponent, config, context);\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eA schematic is provided to automatically update \u003ccode\u003emain.server.ts\u003c/code\u003e files to pass the \u003ccode\u003eBootstrapContext\u003c/code\u003e to the \u003ccode\u003ebootstrapApplication\u003c/code\u003e call.\u003c/p\u003e\n\u003cp\u003eIn addition, \u003ccode\u003egetPlatform()\u003c/code\u003e and \u003ccode\u003edestroyPlatform()\u003c/code\u003e will now return \u003ccode\u003enull\u003c/code\u003e and be a no-op respectively when running in a server environment.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information please see: \u003ca href=\"https://github.com/angular/angular/security/advisories/GHSA-68x2-mx4q-78m7\"\u003ehttps://github.com/angular/angular/security/advisories/GHSA-68x2-mx4q-78m7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e18.2.14\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/9d1fb33f5eeadd9da48d0306463235e6d33f82b1\"\u003e\u003cimg src=\"https://img.shields.io/badge/9d1fb33f5e-fix-green\" alt=\"fix - 9d1fb33f5e\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eintroduce \u003ccode\u003eBootstrapContext\u003c/code\u003e for improved server bootstrapping (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/63640\"\u003e#63640\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e\u003ccode\u003e@​angular/compiler\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e19.2.18 (2026-01-07)\u003c/h1\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e26cdc53d9c\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.0.7 (2026-01-07)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/8e808740c9311daa0f1c9bab8596ed5e54bdcc6a\"\u003e8e808740c9\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ebetter types for a few expression AST nodes\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/63b1cdcf70e6de448e8fa4ba1732d7bd7b5400d1\"\u003e63b1cdcf70\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eproduce accurate span for typeof and void expressions\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/3c3ae0cb64bb112d7167fd9b0bf7739f0c9e6a39\"\u003e3c3ae0cb64\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprovide location information for literal map keys\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/523dbaf1c3646ce27f1cf2e4cfc84c730fea8da9\"\u003e523dbaf1c3\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003estop ThisReceiver inheritance from ImplicitReceiver\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecompiler-cli\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/4d9c4567edfb8dd424a3336ef54ffdfc6ca7c15f\"\u003e4d9c4567ed\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eensure component import diagnostics are reported within the \u003ccode\u003eimports\u003c/code\u003e expression\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cd405685afbfad530de7fb841ad352d2b702a9a4\"\u003ecd405685af\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003efix up spelling of diagnostic\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/778460fccac13d8667bb53fa24ba977a930c0253\"\u003e778460fcca\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esupport qualified names in \u003ccode\u003etypeof\u003c/code\u003e type references\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c74674eb07491f808f79976e3e21787a841aefb\"\u003e7c74674eb0\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eavoid leaking view data in animations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0edbee4550e85b933e9bd2ba3c5511ef6fbf7304\"\u003e0edbee4550\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eexplicitly cast signal node value to String\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/f9c29572d28feef878c73edad562b3a6451825a6\"\u003ef9c29572d2\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eforms\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/e3fba182f90a2673040cf267a970c54c07d4840f\"\u003ee3fba182f9\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efeat\u003c/td\u003e\n\u003ctd\u003eadd \u003ccode\u003e[formField]\u003c/code\u003e directive\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/561772b152458e1d91d4bf3ef45d9645a731f2b1\"\u003e561772b152\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow custom controls to require \u003ccode\u003edirty\u003c/code\u003e input\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/f0fb1d8581671ca499bcb4790b0549825eb36a91\"\u003ef0fb1d8581\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow custom controls to require \u003ccode\u003ehidden\u003c/code\u003e input\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ec110f170bbba95f023c8ae0e4429c35bfedc572\"\u003eec110f170b\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow custom controls to require \u003ccode\u003epending\u003c/code\u003e input\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ae1dc16bb0d30b6e87b0f98b7989e6685d856e31\"\u003eae1dc16bb0\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eclean up abort listener after timeout\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/9748b0d5da6ffb1fd2498b23cc452240f46e0549\"\u003e9748b0d5da\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esupport custom controls with non signal-based models\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/6bd22df987e433a9e3cb759e35eb6403991cf4b7\"\u003e6bd22df987\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eSupport readonly arrays in signal forms\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003erouter\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/41cd4a6af800cf7807c46862c99ae036457d8fa7\"\u003e41cd4a6af8\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eFix RouterLink href not updating with \u003ccode\u003equeryParamsHandling\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5e9e09aee0c08901d2a4d48b60bd13692c73e76e\"\u003e5e9e09aee0\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ehandle errors from view transition \u003ccode\u003eupdateCallbackDone\u003c/code\u003e promise\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.0.6 (2025-12-17)\u003c/h1\u003e\n\u003ch2\u003eBreaking Changes (affecting only experimental features)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003ccode\u003e26cdc53\u003c/code\u003e\u003c/a\u003e fix(core): sanitize sensitive attributes on SVG script elements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003ccode\u003e7c42e2e\u003c/code\u003e\u003c/a\u003e fix(compiler): prevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/24bab55f0c89c4fe6037780fd7b2e8c8aa5429b2\"\u003e\u003ccode\u003e24bab55\u003c/code\u003e\u003c/a\u003e fix(compiler): lexer support for template literals in object literals (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61601\"\u003e#61601\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/fc2483e7e96f8a26293f6862cbd27417b4e40809\"\u003e\u003ccode\u003efc2483e\u003c/code\u003e\u003c/a\u003e refactor(compiler): avoid duplication between \u003ccode\u003eFactoryTarget\u003c/code\u003e type (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61571\"\u003e#61571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/8e54b5773f8f74bdd2e2c0a4c89c84543c99b834\"\u003e\u003ccode\u003e8e54b57\u003c/code\u003e\u003c/a\u003e build: move private testing helpers outside \u003ccode\u003eplatform-browser/testing\u003c/code\u003e (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61571\"\u003e#61571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/44bb328eaea028524206d0d2b9f12702c9bf3861\"\u003e\u003ccode\u003e44bb328\u003c/code\u003e\u003c/a\u003e fix(compiler): avoid conflicts between HMR code and local symbols (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61550\"\u003e#61550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/1007079aeea013291900109c86fab36c9cac50c4\"\u003e\u003ccode\u003e1007079\u003c/code\u003e\u003c/a\u003e build: update compiler-cli to not be stamped when used for the compiler in ng...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/0d025c5013292fdba65d91982ae8aaee61583d57\"\u003e\u003ccode\u003e0d025c5\u003c/code\u003e\u003c/a\u003e build: support new \u003ccode\u003eng_project\u003c/code\u003e rule (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61336\"\u003e#61336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/899cb4ab49e284185f2093f2b48f1adba8cb3d47\"\u003e\u003ccode\u003e899cb4a\u003c/code\u003e\u003c/a\u003e refactor: add explicit types for exports relying on inferred call return type...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/1312eb1600648c94a0063667c2095165462f27ef\"\u003e\u003ccode\u003e1312eb1\u003c/code\u003e\u003c/a\u003e build: remove irrelevant madge circular deps tests (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61209\"\u003e#61209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/v19.2.18/packages/compiler\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@angular/core` from 13.1.2 to 19.2.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e\u003ccode\u003e@​angular/core\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.20\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5be912eb55fe88e8621e2ce82470d51b7d950ceb\"\u003e\u003cimg src=\"https://img.shields.io/badge/5be912eb55-fix-green\" alt=\"fix - 5be912eb55\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b89b0a83a4d21bbb6f8534bbf56aece12af24595\"\u003e\u003cimg src=\"https://img.shields.io/badge/b89b0a83a4-fix-green\" alt=\"fix - b89b0a83a4\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize translated attribute bindings with interpolations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/621c7071adffbe5dd45a5c954b6b6138e0870844\"\u003e\u003cimg src=\"https://img.shields.io/badge/621c7071ad-fix-green\" alt=\"fix - 621c7071ad\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.19\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/747548721d051c21e388a302d20d53fb3ab16367\"\u003e\u003cimg src=\"https://img.shields.io/badge/747548721d-fix-green\" alt=\"fix - 747548721d\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eblock creation of sensitive URI attributes from ICU messages\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAngular now only applies known attributes from HTML in translated ICU content. Unknown attributes are dropped and not rendered.\u003c/p\u003e\n\u003cp\u003e(cherry picked from commit 03da204b6daa5e4583e0d0968c2107390bbd8235)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.18\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003cimg src=\"https://img.shields.io/badge/26cdc53d9c-fix-green\" alt=\"fix - 26cdc53d9c\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.17\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003cimg src=\"https://img.shields.io/badge/7c42e2ebeb-fix-green\" alt=\"fix - 7c42e2ebeb\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.16\u003c/h2\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003cimg src=\"https://img.shields.io/badge/05fe6686a9-fix-green\" alt=\"fix - 05fe6686a9\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.15\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/70d0639bc19e376af1a0491898f54a026d3227e2\"\u003e\u003cimg src=\"https://img.shields.io/badge/70d0639bc1-fix-green\" alt=\"fix - 70d0639bc1\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eintroduce \u003ccode\u003eBootstrapContext\u003c/code\u003e for improved server bootstrapping (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/63639\"\u003e#63639\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eThe server-side bootstrapping process has been changed to eliminate the reliance on a global platform injector.\u003c/p\u003e\n\u003cp\u003eBefore:\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e\u003ccode\u003e@​angular/core\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e19.2.20 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5be912eb55fe88e8621e2ce82470d51b7d950ceb\"\u003e5be912eb55\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b89b0a83a4d21bbb6f8534bbf56aece12af24595\"\u003eb89b0a83a4\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated attribute bindings with interpolations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/621c7071adffbe5dd45a5c954b6b6138e0870844\"\u003e621c7071ad\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e20.3.18 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/02fbf08890ec6ac2efb6c2ec4f17e56497cb81d2\"\u003e02fbf08890\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/72126f9a08c185a9b93461bab67841c4e84c9b17\"\u003e72126f9a08\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated attribute bindings with interpolations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/626bc8bc20e485cad2094c4a5d9417fb9a71dda8\"\u003e626bc8bc20\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e22.0.0-next.3 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/78dea55351fb305b33a919c43a6b363137eca166\"\u003e78dea55351\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/999c14eaab981d12bf2b1d9b1fd6766157f7b1cc\"\u003e999c14eaab\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ereverts \u0026quot;feat(core): add support for nested animations\u0026quot;\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/de0eb4c6566011e1a34d529a273ec3d5b6bf17d5\"\u003ede0eb4c656\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.2.4 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ed2d324f9cc12aab6cfa0569ef10b73243a62c65\"\u003eed2d324f9c\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/621c7071adffbe5dd45a5c954b6b6138e0870844\"\u003e\u003ccode\u003e621c707\u003c/code\u003e\u003c/a\u003e fix(core): sanitize translated form attributes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/b89b0a83a4d21bbb6f8534bbf56aece12af24595\"\u003e\u003ccode\u003eb89b0a8\u003c/code\u003e\u003c/a\u003e fix(core): sanitize translated attribute bindings with interpolations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/747548721d051c21e388a302d20d53fb3ab16367\"\u003e\u003ccode\u003e7475487\u003c/code\u003e\u003c/a\u003e fix(core): block creation of sensitive URI attributes from ICU messages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003ccode\u003e26cdc53\u003c/code\u003e\u003c/a\u003e fix(core): sanitize sensitive attributes on SVG script elements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003ccode\u003e7c42e2e\u003c/code\u003e\u003c/a\u003e fix(compiler): prevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/70d0639bc19e376af1a0491898f54a026d3227e2\"\u003e\u003ccode\u003e70d0639\u003c/code\u003e\u003c/a\u003e fix(core): introduce \u003ccode\u003eBootstrapContext\u003c/code\u003e for improved server bootstrapping (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/6\"\u003e#6\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/73d3e001d2a2fa3218d769c0834c12a762d86882\"\u003e\u003ccode\u003e73d3e00\u003c/code\u003e\u003c/a\u003e build: fix failing test (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/61683\"\u003e#61683\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/9e1cd4966202d89c7310ab84c50b2c4231a0213e\"\u003e\u003ccode\u003e9e1cd49\u003c/code\u003e\u003c/a\u003e fix(migrations): preserve comments when removing unused imports (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/61674\"\u003e#61674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/a6d5479cc75a91447daf3877d62b68a5740d3c74\"\u003e\u003ccode\u003ea6d5479\u003c/code\u003e\u003c/a\u003e build: migrate platform-server to rules_js (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/61619\"\u003e#61619\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/2a269449745c836e4b99215e36ea10fbe87e9e21\"\u003e\u003ccode\u003e2a26944\u003c/code\u003e\u003c/a\u003e build: migrate platform-browser and platform-browser-dynamic package to use r...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/v19.2.20/packages/core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/helpers` from 7.16.7 to 7.29.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/helpers\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17789\"\u003e#17789\u003c/a\u003e [7.x backport] preset-env include/exclude should accept bugfix plugins (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17813\"\u003e#17813\u003c/a\u003e chore: update eslint peer deps (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.1 (2026-02-04)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17771\"\u003e#17771\u003c/a\u003e [7.x backport] fix: ensure \u003ccode\u003etargets.esmodules\u003c/code\u003e is validated (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17776\"\u003e#17776\u003c/a\u003e [7.x backport] Fix undefined when 64 indents (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.2/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.2 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh...\n\n_Description has been truncated_","html_url":"https://github.com/livechat/chat-widget-adapters/pull/114","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/livechat%2Fchat-widget-adapters/issues/114","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/114/packages"},{"uuid":"4183691446","node_id":"PR_kwDOPqqgTc7PH-lH","number":2,"state":"closed","title":"Bump the npm_and_yarn group across 14 directories with 24 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-03T07:19:21.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-01T02:54:59.000Z","updated_at":"2026-04-03T07:19:23.000Z","time_to_close":188662,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":24,"packages":[{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"9.0.5","new_version":"9.0.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"9.0.3","new_version":"9.0.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"7.4.6","new_version":"7.4.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"5.1.6","new_version":"5.1.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"10.0.1","new_version":"10.2.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"webpack","old_version":"5.100.0","new_version":"5.105.4","repository_url":"https://github.com/webpack/webpack"},{"name":"zx","old_version":"8.7.0","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"@tootallnate/once","old_version":"3.0.0","new_version":"3.0.1","repository_url":"https://github.com/TooTallNate/once"},{"name":"brace-expansion","old_version":"1.1.12","new_version":"1.1.13","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"form-data","old_version":"4.0.0","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"braces","old_version":"2.3.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"flatted","old_version":"3.3.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"playwright","old_version":"1.53.2","new_version":"1.59.0","repository_url":"https://github.com/microsoft/playwright"},{"name":"tar-fs","old_version":"2.1.3","new_version":"2.1.4","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tar-fs","old_version":"3.0.10","new_version":"3.1.2","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"svgo","old_version":"2.8.0","new_version":"2.8.2","repository_url":"https://github.com/svg/svgo"},{"name":"undici","old_version":"7.9.0","new_version":"7.24.6","repository_url":"https://github.com/nodejs/undici"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 15 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.3` | `9.0.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `7.4.6` | `7.4.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `10.0.1` | `10.2.5` |\n| [webpack](https://github.com/webpack/webpack) | `5.100.0` | `5.105.4` |\n| [zx](https://github.com/google/zx) | `8.7.0` | `8.8.5` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `3.0.0` | `3.0.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.13` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.5` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [braces](https://github.com/micromatch/braces) | `2.3.2` | `3.0.3` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.1` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [playwright](https://github.com/microsoft/playwright) | `1.53.2` | `1.59.0` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.1.3` | `2.1.4` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `3.0.10` | `3.1.2` |\n| [svgo](https://github.com/svg/svgo) | `2.8.0` | `2.8.2` |\n| [undici](https://github.com/nodejs/undici) | `7.9.0` | `7.24.6` |\n\nBumps the npm_and_yarn group with 7 updates in the /build directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.13` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.2` | `2.0.3` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.0` | `2.3.2` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.1.3` | `2.1.4` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [jws](https://github.com/brianloveswords/node-jws) | `4.0.0` | `4.0.1` |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.8.10` | `0.8.12` |\n| [qs](https://github.com/ljharb/qs) | `6.13.0` | `6.15.0` |\n\nBumps the npm_and_yarn group with 1 update in the /extensions directory: [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 1 update in the /extensions/json-language-features directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 4 updates in the /extensions/markdown-language-features directory: [minimatch](https://github.com/isaacs/minimatch), [brace-expansion](https://github.com/juliangruber/brace-expansion), [picomatch](https://github.com/micromatch/picomatch) and [dompurify](https://github.com/cure53/DOMPurify).\nBumps the npm_and_yarn group with 1 update in the /extensions/microsoft-authentication directory: [jws](https://github.com/brianloveswords/node-jws).\nBumps the npm_and_yarn group with 1 update in the /extensions/notebook-renderers directory: [@tootallnate/once](https://github.com/TooTallNate/once).\nBumps the npm_and_yarn group with 4 updates in the /extensions/npm directory: [minimatch](https://github.com/isaacs/minimatch), [brace-expansion](https://github.com/juliangruber/brace-expansion), [js-yaml](https://github.com/nodeca/js-yaml) and [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 1 update in the /extensions/vscode-api-tests directory: [node-forge](https://github.com/digitalbazaar/forge).\nBumps the npm_and_yarn group with 4 updates in the /remote directory: [@tootallnate/once](https://github.com/TooTallNate/once), [picomatch](https://github.com/micromatch/picomatch), [tar-fs](https://github.com/mafintosh/tar-fs) and [undici](https://github.com/nodejs/undici).\nBumps the npm_and_yarn group with 3 updates in the /test/automation directory: [minimatch](https://github.com/isaacs/minimatch), [brace-expansion](https://github.com/juliangruber/brace-expansion) and [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 2 updates in the /test/integration/browser directory: [minimatch](https://github.com/isaacs/minimatch) and [brace-expansion](https://github.com/juliangruber/brace-expansion).\nBumps the npm_and_yarn group with 8 updates in the /test/mcp directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.13` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `8.2.0` | `8.4.1` |\n| [playwright](https://github.com/microsoft/playwright) | `1.55.0-alpha-2025-08-12` | `1.60.0-alpha-1774999321000` |\n| [@playwright/mcp](https://github.com/microsoft/playwright-mcp) | `0.0.34` | `0.0.70` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.17.3` | `1.26.0` |\n\nBumps the npm_and_yarn group with 3 updates in the /test/smoke directory: [minimatch](https://github.com/isaacs/minimatch), [brace-expansion](https://github.com/juliangruber/brace-expansion) and [form-data](https://github.com/form-data/form-data).\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 9.0.5 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 9.0.3 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 7.4.6 to 7.4.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 5.1.6 to 5.1.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 10.0.1 to 10.2.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack` from 5.100.0 to 5.105.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/releases\"\u003ewebpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.105.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eModule.getSourceBasicTypes\u003c/code\u003e to distinguish basic source types and clarify how modules with non-basic source types like \u003ccode\u003eremote\u003c/code\u003e still produce JavaScript output. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20546\"\u003e#20546\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003ecreateRequire\u003c/code\u003e in expressions. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20549\"\u003e#20549\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed types for multi stats. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20556\"\u003e#20556\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove empty needless js output for normal css module. (by \u003ca href=\"https://github.com/JSerFeng\"\u003e\u003ccode\u003e@​JSerFeng\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20162\"\u003e#20162\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate \u003ccode\u003eenhanced-resolve\u003c/code\u003e to support new features for \u003ccode\u003etsconfig.json\u003c/code\u003e. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20555\"\u003e#20555\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNarrows export presence guard detection to explicit existence checks on namespace imports only, i.e. patterns like \u0026quot;x\u0026quot; in ns. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20561\"\u003e#20561\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.105.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eContext modules now handle rejections correctly. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20455\"\u003e#20455\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnly mark asset modules as side-effect-free when \u003ccode\u003eexperimental.futureDefaults\u003c/code\u003e is set to true, so asset-copying use cases (e.g. \u003ccode\u003eimport \u0026quot;./x.png\u0026quot;\u003c/code\u003e) won’t break unless the option is enabled. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20535\"\u003e#20535\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd the missing \u003cstrong\u003ewebpack_exports\u003c/strong\u003e declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20463\"\u003e#20463\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed HMR failure for CSS modules with \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e when exportType !== \u0026quot;link\u0026quot;. When exportType is not \u0026quot;link\u0026quot;, CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e CSS to work correctly during hot module replacement. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20514\"\u003e#20514\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20454\"\u003e#20454\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDo not crash when a referenced chunk is not a runtime chunk. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20461\"\u003e#20461\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some types. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20412\"\u003e#20412\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20510\"\u003e#20510\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded \u003ccode\u003ecreateRequire\u003c/code\u003e support for ECMA modules. (by \u003ca href=\"https://github.com/stefanbinoj\"\u003e\u003ccode\u003e@​stefanbinoj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20497\"\u003e#20497\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded category for CJS reexport dependency to fix issues with ECMA modules. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20444\"\u003e#20444\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImplement immutable bytes for \u003ccode\u003ebytes\u003c/code\u003e import attribute to match tc39 spec. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20481\"\u003e#20481\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed deterministic search for graph roots regardless of edge order. (by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20452\"\u003e#20452\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.105.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eWebpackPluginInstance\u003c/code\u003e type regression. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20440\"\u003e#20440\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.105.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/blob/main/CHANGELOG.md\"\u003ewebpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.105.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eModule.getSourceBasicTypes\u003c/code\u003e to distinguish basic source types and clarify how modules with non-basic source types like \u003ccode\u003eremote\u003c/code\u003e still produce JavaScript output. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20546\"\u003e#20546\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003ecreateRequire\u003c/code\u003e in expressions. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20549\"\u003e#20549\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed types for multi stats. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20556\"\u003e#20556\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove empty needless js output for normal css module. (by \u003ca href=\"https://github.com/JSerFeng\"\u003e\u003ccode\u003e@​JSerFeng\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20162\"\u003e#20162\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate \u003ccode\u003eenhanced-resolve\u003c/code\u003e to support new features for \u003ccode\u003etsconfig.json\u003c/code\u003e. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20555\"\u003e#20555\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNarrows export presence guard detection to explicit existence checks on namespace imports only, i.e. patterns like \u0026quot;x\u0026quot; in ns. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20561\"\u003e#20561\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.105.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eContext modules now handle rejections correctly. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20455\"\u003e#20455\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnly mark asset modules as side-effect-free when \u003ccode\u003eexperimental.futureDefaults\u003c/code\u003e is set to true, so asset-copying use cases (e.g. \u003ccode\u003eimport \u0026quot;./x.png\u0026quot;\u003c/code\u003e) won’t break unless the option is enabled. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20535\"\u003e#20535\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd the missing \u003cstrong\u003ewebpack_exports\u003c/strong\u003e declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20463\"\u003e#20463\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed HMR failure for CSS modules with \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e when exportType !== \u0026quot;link\u0026quot;. When exportType is not \u0026quot;link\u0026quot;, CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e CSS to work correctly during hot module replacement. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20514\"\u003e#20514\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20454\"\u003e#20454\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDo not crash when a referenced chunk is not a runtime chunk. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20461\"\u003e#20461\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some types. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20412\"\u003e#20412\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20510\"\u003e#20510\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded \u003ccode\u003ecreateRequire\u003c/code\u003e support for ECMA modules. (by \u003ca href=\"https://github.com/stefanbinoj\"\u003e\u003ccode\u003e@​stefanbinoj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20497\"\u003e#20497\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded category for CJS reexport dependency to fix issues with ECMA modules. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20444\"\u003e#20444\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImplement immutable bytes for \u003ccode\u003ebytes\u003c/code\u003e import attribute to match tc39 spec. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20481\"\u003e#20481\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed deterministic search for graph roots regardless of edge order. (by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20452\"\u003e#20452\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.105.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eWebpackPluginInstance\u003c/code\u003e type regression. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20440\"\u003e#20440\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/27c13b44c861908793f160f9f7413b32543c0522\"\u003e\u003ccode\u003e27c13b4\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20550\"\u003e#20550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/9b2f41ee98e01a9265c430d2c52fa6a9db0e177a\"\u003e\u003ccode\u003e9b2f41e\u003c/code\u003e\u003c/a\u003e chore: bump terser plugin (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20569\"\u003e#20569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/eafe0605b018dd4e19a46d45fb5d72442772aff1\"\u003e\u003ccode\u003eeafe060\u003c/code\u003e\u003c/a\u003e fix: narrow the export presence guard detection (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20561\"\u003e#20561\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/75d605cb57b23257ee88f99ada7938273ea3a1ff\"\u003e\u003ccode\u003e75d605c\u003c/code\u003e\u003c/a\u003e refactor: add AppendOnlyStackedSet iteration support and tests (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20560\"\u003e#20560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/afa607d0967f6b0259bfe9f62d99ef97db64bdac\"\u003e\u003ccode\u003eafa607d\u003c/code\u003e\u003c/a\u003e refactor: remove unused code (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20562\"\u003e#20562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/40989026fa542ceffa2821e5d25ae0d87c0bd09b\"\u003e\u003ccode\u003e4098902\u003c/code\u003e\u003c/a\u003e test: add source files for web-webworker and web-webworker-auto-public-path (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/f97be67fdd3c59acff2c0da7dd9f04835b037e4c\"\u003e\u003ccode\u003ef97be67\u003c/code\u003e\u003c/a\u003e refactor: fix duplicated word in Compilation JSDoc (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20547\"\u003e#20547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/9d76fff9f645d194c293f12dadf029173e9ed1d1\"\u003e\u003ccode\u003e9d76fff\u003c/code\u003e\u003c/a\u003e refactor: add Module.getSourceBasicTypes for basic JS type detection (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20546\"\u003e#20546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/a3d7839376784b2e44987b77f7d6bcc2ed3a0bdc\"\u003e\u003ccode\u003ea3d7839\u003c/code\u003e\u003c/a\u003e fix: types for multi stats (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20556\"\u003e#20556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/b8e9b057bebccf6268d9b348bc23b056c66a067b\"\u003e\u003ccode\u003eb8e9b05\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003eenhanced-resolve\u003c/code\u003e to support new features for \u003ccode\u003etsconfig.json\u003c/code\u003e (#...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpack/webpack/compare/v5.100.0...v5.105.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for webpack since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 8.7.0 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.7.0...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tootallnate/once` from 3.0.0 to 3.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/releases\"\u003e\u003ccode\u003e@​tootallnate/once\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e28dbc5d: Fix promise hang when \u003ccode\u003eAbortSignal\u003c/code\u003e is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/blob/master/CHANGELOG.md\"\u003e\u003ccode\u003e@​tootallnate/once\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e28dbc5d: Fix promise hang when \u003ccode\u003eAbortSignal\u003c/code\u003e is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b31c7623e18b128325a05da02aa0832ee289b893\"\u003e\u003ccode\u003eb31c762\u003c/code\u003e\u003c/a\u003e Fix publish?\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/d2f7407721c023426c1af0712dbd71a3ca91d899\"\u003e\u003ccode\u003ed2f7407\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/TooTallNate/once/issues/9\"\u003e#9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/081645cb260aa86a55e5bffad2f1b52155cee8ea\"\u003e\u003ccode\u003e081645c\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/f01fa45d958113c60f54bf7f83e460741d811a47\"\u003e\u003ccode\u003ef01fa45\u003c/code\u003e\u003c/a\u003e Fix Release job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/28dbc5d7f9342ddfb6014ca5f3dc4206048db9cb\"\u003e\u003ccode\u003e28dbc5d\u003c/code\u003e\u003c/a\u003e Add Changesets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/e66503b7f028a9fe7d22e2547d17cea71be05937\"\u003e\u003ccode\u003ee66503b\u003c/code\u003e\u003c/a\u003e Use pnpm in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/6ec8b43f617a6feeb78ab98a4eb999123b664d2b\"\u003e\u003ccode\u003e6ec8b43\u003c/code\u003e\u003c/a\u003e Fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b9f43cc5259bee2952d91ad3cdbd201a82df448a\"\u003e\u003ccode\u003eb9f43cc\u003c/code\u003e\u003c/a\u003e Fix promise hang when \u003ccode\u003eAbortSignal\u003c/code\u003e is aborted\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/a8c9dc3b7a241f992ebcde5b6b76ad5f97ce99af\"\u003e\u003ccode\u003ea8c9dc3\u003c/code\u003e\u003c/a\u003e Add pnpm-lock.yaml file\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/TooTallNate/once/compare/3.0.0...v3.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​tootallnate/once\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.12 to 1.1.13\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v1.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 3.0.1 to 3.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.3...v3.0.4\"\u003ev3.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/f5e7eb024bc3fc7e2074ff80f143a4f4cbc1dbda\"\u003e\u003ccode\u003ef5e7eb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/1a78b5dd05e508d67e97764d812ac7c6d92ea88d\"\u003e\u003ccode\u003e1a78b5d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/b22a64ef94ba4f3f6ff7d1ac72a54cca128567df\"\u003e\u003ccode\u003eb22a64e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/11d9f7338f18a59b431832a3562b49baece0a432\"\u003e\u003ccode\u003e11d9f73\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.2...v3.0.3\"\u003ev3.0.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/7fecefe4ba8f775634aff86a698776ad95ecffb5\"\u003e\u003ccode\u003e7fecefe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003ecross-spawn\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003epuppeteer\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/8261fcb8bf5944d30ae3bd04b91b71d6a9932ef4\"\u003e\u003ccode\u003e8261fcb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b82f59093cdbadb4b7ec0922d33ae7ab048b82ff\"\u003e\u003ccode\u003eb82f590\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/e5df7f24383342264bd73dee3274818a40d04065\"\u003e\u003ccode\u003ee5df7f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5a5bafee894fead10da49e1fa2b084e17f2e1034\"\u003e\u003ccode\u003e5a5bafe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.2\"\u003ev3.0.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] clean up ignores \u003ca href=\"https://github.com/form-data/form-data/commit/3217b3ded8e382e51171d5c74c6038a21cc54440\"\u003e\u003ccode\u003e3217b3d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: move util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e) \u003ca href=\"https://github.com/form-data/form-data/commit/edb555a811f6f7e4668db4831551cf41c1de1cac\"\u003e\u003ccode\u003eedb555a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/9c82fcdf0858b2764060a87803a55375ffbee6ed\"\u003e\u003ccode\u003e9c82fcd\u003c/code\u003e\u003c/a\u003e v3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e [meta] remove local commit hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/002b9b0c4862576305292ac44f7be25ec7ccea0e\"\u003e\u003ccode\u003e002b9b0\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e [Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.0 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.3...v3.0.4\"\u003ev3.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/f5e7eb024bc3fc7e2074ff80f143a4f4cbc1dbda\"\u003e\u003ccode\u003ef5e7eb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/1a78b5dd05e508d67e97764d812ac7c6d92ea88d\"\u003e\u003ccode\u003e1a78b5d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/b22a64ef94ba4f3f6ff7d1ac72a54cca128567df\"\u003e\u003ccode\u003eb22a64e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/11d9f7338f18a59b431832a3562b49baece0a432\"\u003e\u003ccode\u003e11d9f73\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.2...v3.0.3\"\u003ev3.0.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/7fecefe4ba8f775634aff86a698776ad95ecffb5\"\u003e\u003ccode\u003e7fecefe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003ecross-spawn\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003epuppeteer\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/8261fcb8bf5944d30ae3bd04b91b71d6a9932ef4\"\u003e\u003ccode\u003e8261fcb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b82f59093cdbadb4b7ec0922d33ae7ab048b82ff\"\u003e\u003ccode\u003eb82f590\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/e5df7f24383342264bd73dee3274818a40d04065\"\u003e\u003ccode\u003ee5df7f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5a5bafee894fead10da49e1fa2b084e17f2e1034\"\u003e\u003ccode\u003e5a5bafe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.2\"\u003ev3.0.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] clean up ignores \u003ca href=\"https://github.com/form-data/form-data/commit/3217b3ded8e382e51171d5c74c6038a21cc54440\"\u003e\u003ccode\u003e3217b3d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: move util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e) \u003ca href=\"https://github.com/form-data/form-data/commit/edb555a811f6f7e4668db4831551cf41c1de1cac\"\u003e\u003ccode\u003eedb555a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/9c82fcdf0858b2764060a87803a55375ffbee6ed\"\u003e\u003ccode\u003e9c82fcd\u003c/code\u003e\u003c/a\u003e v3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e [meta] remove local commit hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/002b9b0c4862576305292ac44f7be25ec7ccea0e\"\u003e\u003ccode\u003e002b9b0\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e [Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `braces` from 2.3.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/braces/blob/master/CHANGELOG.md\"\u003ebraces's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e[3.0.0] - 2018-04-08\u003c/h2\u003e\n\u003cp\u003ev3.0 is a complete refactor, resulting in a faster, smaller codebase, with fewer deps, and a more accurate parser and compiler.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking Changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented \u003ccode\u003e.makeRe\u003c/code\u003e method was removed\u003c/li\u003e\n\u003cli\u003eRequire Node.js \u0026gt;= 8.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNon-breaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCaching was removed\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/braces/commits/3.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.1...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli...\n\n_Description has been truncated_","html_url":"https://github.com/dporkka/openvscode-server/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dporkka%2Fopenvscode-server/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"4167802141","node_id":"PR_kwDONtK1tM7OgDiL","number":610,"state":"closed","title":"Bump the npm_and_yarn group across 2 directories with 17 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-04-01T08:24:54.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-30T06:19:53.000Z","updated_at":"2026-04-01T08:24:56.000Z","time_to_close":180301,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":17,"packages":[{"name":"ai","old_version":"4.3.19","new_version":"5.0.52","repository_url":"https://github.com/vercel/ai"},{"name":"zx","old_version":"8.8.1","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"axios","old_version":"1.11.0","new_version":"1.14.0","repository_url":"https://github.com/axios/axios"},{"name":"bn.js","old_version":"5.2.2","new_version":"5.2.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"simple-git","old_version":"3.28.0","new_version":"3.33.0","repository_url":"https://github.com/steveukx/git-js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 6 updates in the /packages/indexer directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ai](https://github.com/vercel/ai) | `4.3.19` | `5.0.52` |\n| [zx](https://github.com/google/zx) | `8.8.1` | `8.8.5` |\n| [axios](https://github.com/axios/axios) | `1.11.0` | `1.14.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `5.2.2` | `5.2.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.28.0` | `3.33.0` |\n\nBumps the npm_and_yarn group with 12 updates in the /packages/web directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `1.13.2` | `1.14.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.3.0` | `3.3.2` |\n| [next](https://github.com/vercel/next.js) | `16.1.0` | `16.1.7` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [h3](https://github.com/h3js/h3) | `1.15.4` | `1.15.10` |\n| [hono](https://github.com/honojs/hono) | `4.10.6` | `4.11.4` |\n| [immutable](https://github.com/immutable-js/immutable-js) | `5.1.4` | `5.1.5` |\n| [markdown-it](https://github.com/markdown-it/markdown-it) | `14.1.0` | `14.1.1` |\n| [socket.io-parser](https://github.com/socketio/socket.io) | `4.2.4` | `4.2.6` |\n\n\nUpdates `ai` from 4.3.19 to 5.0.52\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63d5f669098343a49173d788fe1490127e882bd1\"\u003e\u003ccode\u003e63d5f66\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8895\"\u003e#8895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/930399bb9839a8baf3d349614106d78268775eed\"\u003e\u003ccode\u003e930399b\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): download files when intermediate file cannot be downloaded...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7ca78f19a51859de09171daa3b0cefcc9df90a16\"\u003e\u003ccode\u003e7ca78f1\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/gateway): Add new Qwen models to Gateway model string...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1cfc209a5f9f281565538f2880f9c6278ca6bf04\"\u003e\u003ccode\u003e1cfc209\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): \u003ccode\u003eOpenAILanguageModelOptions\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8858\"\u003e#8858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/347b7ecce9953ae427e7fcf5b0441a63a3d44431\"\u003e\u003ccode\u003e347b7ec\u003c/code\u003e\u003c/a\u003e ci: rename \u003ccode\u003ev5.0\u003c/code\u003e branch to \u003ccode\u003erelease-v*\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/85909a9f6448c7e6eb52d780abcca4f96679e719\"\u003e\u003ccode\u003e85909a9\u003c/code\u003e\u003c/a\u003e Backport: chore(ai): update test message (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8875\"\u003e#8875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c56822dd81d5d70bcd5ef230a875f96a224849a4\"\u003e\u003ccode\u003ec56822d\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the `UIMessageChu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1461adf5841cc3f164482fdff72b66b4b22bf866\"\u003e\u003ccode\u003e1461adf\u003c/code\u003e\u003c/a\u003e Backport: chore(examples): remove redundant OpenAI reasoning examples (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8871\"\u003e#8871\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6bd07df02d9f954b389e44da128fc6d1358462d9\"\u003e\u003ccode\u003e6bd07df\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8853\"\u003e#8853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a45d61aa32f2f319254c5e660731085bcd30f273\"\u003e\u003ccode\u003ea45d61a\u003c/code\u003e\u003c/a\u003e ci(release): remove incorrect changeset bump for \u003ccode\u003e@ai-sdk/baseten\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/compare/ai@4.3.19...ai@5.0.52\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 8.8.1 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.8.1...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.11.0 to 1.14.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.14.0\u003c/h2\u003e\n\u003cp\u003eThis release focuses on compatibility fixes, adapter stability improvements, and test/tooling modernisation.\u003c/p\u003e\n\u003ch2\u003e⚠️ Important Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBreaking Changes:\u003c/strong\u003e None identified in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAction Required:\u003c/strong\u003e If you rely on env-based proxy behaviour or CJS resolution edge-cases, validate your integration after upgrade (notably \u003ccode\u003eproxy-from-env\u003c/code\u003e v2 alignment and \u003ccode\u003emain\u003c/code\u003e entry compatibility fix).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRuntime Features:\u003c/strong\u003e No new end-user features were introduced in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTest Coverage Expansion:\u003c/strong\u003e Added broader smoke/module test coverage for CJS and ESM package usage. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7510\"\u003e#7510\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Trim trailing CRLF in normalised header values. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7456\"\u003e#7456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2:\u003c/strong\u003e Close detached HTTP/2 sessions on timeout to avoid lingering sessions. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7457\"\u003e#7457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Cancel \u003ccode\u003eReadableStream\u003c/code\u003e created during request-stream capability probing to prevent async resource leaks. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7515\"\u003e#7515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Handling:\u003c/strong\u003e Fixed env proxy behavior with \u003ccode\u003eproxy-from-env\u003c/code\u003e v2 usage. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7499\"\u003e#7499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCommonJS Compatibility:\u003c/strong\u003e Fixed package \u003ccode\u003emain\u003c/code\u003e entry regression affecting CJS consumers. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7532\"\u003e#7532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eSecurity/Dependencies:\u003c/strong\u003e Updated \u003ccode\u003eformidable\u003c/code\u003e and refreshed package set to newer versions. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7533\"\u003e#7533\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/10556\"\u003e#10556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTooling:\u003c/strong\u003e Continued migration to Vitest and modernised CI/test harnesses. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7484\"\u003e#7484\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7489\"\u003e#7489\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7498\"\u003e#7498\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild/Lint Stack:\u003c/strong\u003e Rollup, ESLint, TypeScript, and related dev-dependency updates. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7508\"\u003e#7508\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7509\"\u003e#7509\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7522\"\u003e#7522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Clarified JSON parsing and adapter-related docs/comments. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7398\"\u003e#7398\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7460\"\u003e#7460\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7478\"\u003e#7478\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve Axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aviu16\"\u003e\u003ccode\u003e@​aviu16\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7456\"\u003e#7456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NETIZEN-11\"\u003e\u003ccode\u003e@​NETIZEN-11\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7460\"\u003e#7460\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fedotov\"\u003e\u003ccode\u003e@​fedotov\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7457\"\u003e#7457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nthbotast\"\u003e\u003ccode\u003e@​nthbotast\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7478\"\u003e#7478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7398\"\u003e#7398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/penkzhou\"\u003e\u003ccode\u003e@​penkzhou\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7515\"\u003e#7515\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cem\u003eFull Changelog: \u003ca href=\"https://github.com/axios/axios/compare/v1.13.6...v1.14.0\"\u003ev1.13.6...v1.14.0\u003c/a\u003e\u003c/em\u003e\u003c/p\u003e\n\u003ch2\u003ev1.13.6\u003c/h2\u003e\n\u003cp\u003eThis release focuses on platform compatibility, error handling improvements, and code quality maintenance.\u003c/p\u003e\n\u003ch2\u003e⚠️ Important Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBreaking Changes:\u003c/strong\u003e None identified in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAction Required:\u003c/strong\u003e Users targeting React Native should verify their integration, particularly if relying on specific Blob or FormData behaviours, as improvements have been made to support these objects.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native Blob Support:\u003c/strong\u003e Axios now includes support for React Native Blob objects. Thanks to \u003ca href=\"https://github.com/moh3n9595\"\u003e\u003ccode\u003e@​moh3n9595\u003c/code\u003e\u003c/a\u003e for the initial implementation. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/5764\"\u003e#5764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCode Quality:\u003c/strong\u003e Implemented prettier across the codebase and resolved associated formatting issues. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7385\"\u003e#7385\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eEnvironment Compatibility:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eFixed module exports for React Native and Browserify environments. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7386\"\u003e#7386\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.13.2...v1.13.3\"\u003e1.13.3\u003c/a\u003e (2026-01-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ehttp2:\u003c/strong\u003e Use port 443 for HTTPS connections by default. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7256\"\u003e#7256\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d7e60653460480ffacecf85383012ca1baa6263e\"\u003ed7e6065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003einterceptor:\u003c/strong\u003e handle the error in the same interceptor (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6269\"\u003e#6269\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/5945e40bb171d4ac4fc195df276cf952244f0f89\"\u003e5945e40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emain field in package.json should correspond to cjs artifacts (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5756\"\u003e#5756\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7373fbff24cd92ce650d99ff6f7fe08c2e2a0a04\"\u003e7373fbf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epackage.json:\u003c/strong\u003e add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5754\"\u003e#5754\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/b89217e3e91de17a3d55e2b8f39ceb0e9d8aeda8\"\u003eb89217e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esilentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7257\"\u003e#7257\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7d19335e43d6754a1a9a66e424f7f7da259895bf\"\u003e7d19335\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eturn AxiosError into a native error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5394\"\u003e#5394\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5558\"\u003e#5558\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/1c6a86dd2c0623ee1af043a8491dbc96d40e883b\"\u003e1c6a86d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e add handlers to AxiosInterceptorManager interface (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5551\"\u003e#5551\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/8d1271b49fc226ed7defd07cd577bd69a55bb13a\"\u003e8d1271b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e restore AxiosError.cause type from unknown to Error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7327\"\u003e#7327\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d8233d9e8e9a64bfba9bbe01d475ba417510b82b\"\u003ed8233d9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eunclear error message is thrown when specifying an empty proxy authorization (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6314\"\u003e#6314\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/6ef867e684adf7fb2343e3b29a79078a3c76dc29\"\u003e6ef867e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eundefined\u003c/code\u003e as a value in AxiosRequestConfig (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5560\"\u003e#5560\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/095033c626895ecdcda2288050b63dcf948db3bd\"\u003e095033c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd automatic minor and patch upgrades to dependabot (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6053\"\u003e#6053\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/65a7584eda6164980ddb8cf5372f0afa2a04c1ed\"\u003e65a7584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd Node.js coverage script using c8 (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/7289\"\u003e#7289\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7294\"\u003e#7294\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/ec9d94e9f88da13e9219acadf65061fb38ce080a\"\u003eec9d94e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded copilot instructions (\u003ca href=\"https://github.com/axios/axios/commit/3f83143bfe617eec17f9d7dcf8bafafeeae74c26\"\u003e3f83143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with frozen prototypes (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6265\"\u003e#6265\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/860e03396a536e9b926dacb6570732489c9d7012\"\u003e860e033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenhance pipeFileToResponse with error handling (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7169\"\u003e#7169\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/88d78842541610692a04282233933d078a8a2552\"\u003e88d7884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Intellisense for string literals in a widened union (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6134\"\u003e#6134\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/f73474d02c5aa957b2daeecee65508557fd3c6e5\"\u003ef73474d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com//redirect.github.com/microsoft/TypeScript/issues/33471/issues/issuecomment-1376364329\"\u003emicrosoft/TypeScript#33471\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eReverts\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRevert \u0026quot;fix: silentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7\"\u003e#7\u003c/a\u003e…\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7298\"\u003e#7298\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/a4230f5581b3f58b6ff531b6dbac377a4fd7942a\"\u003ea4230f5\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e \u003ca href=\"https://redirect.github.com/axios/axios/issues/7\"\u003e#7\u003c/a\u003e \u003ca href=\"https://redirect.github.com/axios/axios/issues/7298\"\u003e#7298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7334\"\u003e#7334\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/2d6ad5e48bd29b0b2b5e7e95fb473df98301543a\"\u003e2d6ad5e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/ashvin2005\" title=\"+1752/-4 ([#7218](https://github.com/axios/axios/issues/7218) [#7218](https://github.com/axios/axios/issues/7218) )\"\u003eAshvin Tiwari\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/mochinikunj\" title=\"+940/-12 ([#7294](https://github.com/axios/axios/issues/7294) [#7294](https://github.com/axios/axios/issues/7294) )\"\u003eNikunj Mochi\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/imanchalsingh\" title=\"+544/-102 ([#7169](https://github.com/axios/axios/issues/7169) [#7185](https://github.com/axios/axios/issues/7185) )\"\u003eAnchal Singh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/jasonsaayman\" title=\"+317/-73 ([#7334](https://github.com/axios/axios/issues/7334) [#7298](https://github.com/axios/axios/issues/7298) )\"\u003ejasonsaayman\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/brodo\" title=\"+99/-120 ([#5558](https://github.com/axios/axios/issues/5558) )\"\u003eJulian Dax\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/AKASHDHARDUBEY\" title=\"+167/-0 ([#7287](https://github.com/axios/axios/issues/7287) [#7288](https://github.com/axios/axios/issues/7288) )\"\u003eAkash Dhar Dubey\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/madhumitaaa\" title=\"+20/-68 ([#7198](https://github.com/axios/axios/issues/7198) )\"\u003eMadhumita\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Tackoil\" title=\"+80/-2 ([#6269](https://github.com/axios/axios/issues/6269) )\"\u003eTackoil\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/justindhillon\" title=\"+41/-41 ([#6324](https://github.com/axios/axios/issues/6324) [#6315](https://github.com/axios/axios/issues/6315) )\"\u003eJustin Dhillon\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Rudrxxx\" title=\"+71/-2 ([#7257](https://github.com/axios/axios/issues/7257) )\"\u003eRudransh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/WuMingDao\" title=\"+36/-36 ([#7215](https://github.com/axios/axios/issues/7215) )\"\u003eWuMingDao\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/codenomnom\" title=\"+70/-0 ([#7201](https://github.com/axios/axios/issues/7201) [#7201](https://github.com/axios/axios/issues/7201) )\"\u003ecodenomnom\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Nandann018-ux\" title=\"+60/-10 ([#7272](https://github.com/axios/axios/issues/7272) )\"\u003eNandan Acharya\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/KernelDeimos\" title=\"+22/-40 ([#7042](https://github.com/axios/axios/issues/7042) )\"\u003eEric Dubé\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/tiborpilz\" title=\"+40/-4 ([#5551](https://github.com/axios/axios/issues/5551) )\"\u003eTibor Pilz\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/joaoGabriel55\" title=\"+31/-4 ([#6314](https://github.com/axios/axios/issues/6314) )\"\u003eGabriel Quaresma\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/turadg\" title=\"+23/-6 ([#6265](https://github.com/axios/axios/issues/6265) )\"\u003eTuradg Aleahmad\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/46bee3dea75ef53a8eae49f3b7487e6341de6074\"\u003e\u003ccode\u003e46bee3d\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.14.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10563\"\u003e#10563\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/518aff569043116c87ce78e3d83877d5251f2a16\"\u003e\u003ccode\u003e518aff5\u003c/code\u003e\u003c/a\u003e chore: add AI Moderator workflow for spam detection (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10551\"\u003e#10551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b7dfda3e7cf9e85f6063d90334318f82842b42d0\"\u003e\u003ccode\u003eb7dfda3\u003c/code\u003e\u003c/a\u003e chore(sponsor): update sponsor block (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10557\"\u003e#10557\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9aa34d52918c13eaa445d884a24e9e20e71a7a93\"\u003e\u003ccode\u003e9aa34d5\u003c/code\u003e\u003c/a\u003e fix: updated release flow to match the current flows (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10562\"\u003e#10562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e9e5ebe483b3f0cecbb5a4c9fa95a316ea5d0645\"\u003e\u003ccode\u003ee9e5ebe\u003c/code\u003e\u003c/a\u003e Update packages to latest version (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10556\"\u003e#10556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4d8931ca8a92e53c5dcf02cf46d1016a10e60ec0\"\u003e\u003ccode\u003e4d8931c\u003c/code\u003e\u003c/a\u003e fix: formidable dependency vulnerable to arbitrary (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7533\"\u003e#7533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3a6f5c1ae1f9b58198e9f3109896a2c11d017c58\"\u003e\u003ccode\u003e3a6f5c1\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump \u003ccode\u003e@​babel/preset-env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7531\"\u003e#7531\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/bcfd2997dc93b56669dd03b29b83d8a868797937\"\u003e\u003ccode\u003ebcfd299\u003c/code\u003e\u003c/a\u003e fix: bug axios breaks commonjs compatibility main entry (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7532\"\u003e#7532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/d6dcbfd53e9506d9c8c0b1fd09c4d960bea9b9f0\"\u003e\u003ccode\u003ed6dcbfd\u003c/code\u003e\u003c/a\u003e fix: dependabot uses the correct labels (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7530\"\u003e#7530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5dd7ba78b8960fb29e39b6918ee5cb9a2130f15c\"\u003e\u003ccode\u003e5dd7ba7\u003c/code\u003e\u003c/a\u003e chore: upgrade to latest ts (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7522\"\u003e#7522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.11.0...v1.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 5.2.2 to 5.2.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/indutny/bn.js/blob/master/CHANGELOG.md\"\u003ebn.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.3 / 2026-02-19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ea6c072a951493ca99e5cd5f8da3851b90116271\"\u003e\u003ccode\u003eea6c072\u003c/code\u003e\u003c/a\u003e 5.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/33df26b5771e824f303a79ec6407409376baa64b\"\u003e\u003ccode\u003e33df26b\u003c/code\u003e\u003c/a\u003e fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v5.2.2...v5.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `simple-git` from 3.28.0 to 3.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/releases\"\u003esimple-git's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esimple-git@3.33.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea263635: Use \u003ccode\u003epathspec\u003c/code\u003e wrappers for remote and local paths when running either \u003ccode\u003egit.clone\u003c/code\u003e or \u003ccode\u003egit.mirror\u003c/code\u003e to\navoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ee253a0d: Enhanced \u003ccode\u003egit -c\u003c/code\u003e checks in \u003ccode\u003eunsafe\u003c/code\u003e plugin.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JohannesLks\"\u003e\u003ccode\u003e@​JohannesLks\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/CodeAnt-AI-Security\"\u003e\u003ccode\u003e@​CodeAnt-AI-Security\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8d02097: Enhanced clone unsafe switch detection.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e23b070f: Fix regex for detecting unsafe clone options\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/stevenwdv\"\u003e\u003ccode\u003e@​stevenwdv\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e1effd8e: Enhances the \u003ccode\u003eunsafe\u003c/code\u003e plugin to block additional cases where the \u003ccode\u003e-u\u003c/code\u003e switch may be disguised\nalong with other single character options.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JuHwiSang\"\u003e\u003ccode\u003e@​JuHwiSang\u003c/code\u003e\u003c/a\u003e for identifying this as vulnerability.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed5fd4fe: Use task runner for logging use of deprecated (already no-op) functions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.31.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea44184f: Resolve NPM publish steps\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.30.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md\"\u003esimple-git's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.33.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea263635: Use \u003ccode\u003epathspec\u003c/code\u003e wrappers for remote and local paths when running either \u003ccode\u003egit.clone\u003c/code\u003e or \u003ccode\u003egit.mirror\u003c/code\u003e to\navoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ee253a0d: Enhanced \u003ccode\u003egit -c\u003c/code\u003e checks in \u003ccode\u003eunsafe\u003c/code\u003e plugin.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JohannesLks\"\u003e\u003ccode\u003e@​JohannesLks\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/CodeAnt-AI-Security\"\u003e\u003ccode\u003e@​CodeAnt-AI-Security\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8d02097: Enhanced clone unsafe switch detection.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e23b070f: Fix regex for detecting unsafe clone options\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/stevenwdv\"\u003e\u003ccode\u003e@​stevenwdv\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e1effd8e: Enhances the \u003ccode\u003eunsafe\u003c/code\u003e plugin to block additional cases where the \u003ccode\u003e-u\u003c/code\u003e switch may be disguised\nalong with other single character options.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JuHwiSang\"\u003e\u003ccode\u003e@​JuHwiSang\u003c/code\u003e\u003c/a\u003e for identifying this as vulnerability.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed5fd4fe: Use task runner for logging use of deprecated (already no-op) functions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.31.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/8bbbabc827fc05824e0e4bd51746e9ca0109b353\"\u003e\u003ccode\u003e8bbbabc\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/a263635ca4729c276eba869ae8c97cbb00fc4eb9\"\u003e\u003ccode\u003ea263635\u003c/code\u003e\u003c/a\u003e Clone API use pathspec (\u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1132\"\u003e#1132\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/e253a0d1bf9d013228f856209b3b8a7c5980a54b\"\u003e\u003ccode\u003ee253a0d\u003c/code\u003e\u003c/a\u003e Fix/block unsafe 2603 (\u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1135\"\u003e#1135\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/a1170e506eeeaade4a242bfbf6d0620d57872364\"\u003e\u003ccode\u003ea1170e5\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/f7042088aa2dac59e3c49a84d7a2f4b26048a257\"\u003e\u003ccode\u003ef704208\u003c/code\u003e\u003c/a\u003e In extension to CVE-2022-25912, switch to case-insensitive check for `protoco...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/4bb20811eb35c0fa5437553cad4eb8ebf8f6f6e6\"\u003e\u003ccode\u003e4bb2081\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/7ae7537737bafc1e6559a28816785b10926fb095\"\u003e\u003ccode\u003e7ae7537\u003c/code\u003e\u003c/a\u003e Match tokens to word boundary\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/c47ad103b07ce768cf69aec63e0c9f7f77a1ab0f\"\u003e\u003ccode\u003ec47ad10\u003c/code\u003e\u003c/a\u003e Lint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/8d02097b726c2bc5360b4f55ee3ecb7e09648e4d\"\u003e\u003ccode\u003e8d02097\u003c/code\u003e\u003c/a\u003e Enhanced clone switch detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/f6909a52807512cb4e29a654db2dcd409b019113\"\u003e\u003ccode\u003ef6909a5\u003c/code\u003e\u003c/a\u003e Remove test timeout override\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steveukx/git-js/commits/simple-git@3.33.0/simple-git\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for simple-git since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 8.8.1 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.8.1...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.11.0 to 1.14.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.14.0\u003c/h2\u003e\n\u003cp\u003eThis release focuses on compatibility fixes, adapter stability improvements, and test/tooling modernisation.\u003c/p\u003e\n\u003ch2\u003e⚠️ Important Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBreaking Changes:\u003c/strong\u003e None identified in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAction Required:\u003c/strong\u003e If you rely on env-based proxy behaviour or CJS resolution edge-cases, validate your integration after upgrade (notably \u003ccode\u003eproxy-from-env\u003c/code\u003e v2 alignment and \u003ccode\u003emain\u003c/code\u003e entry compatibility fix).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRuntime Features:\u003c/strong\u003e No new end-user features were introduced in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTest Coverage Expansion:\u003c/strong\u003e Added broader smoke/module test coverage for CJS and ESM package usage. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7510\"\u003e#7510\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Trim trailing CRLF in normalised header values. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7456\"\u003e#7456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2:\u003c/strong\u003e Close detached HTTP/2 sessions on timeout to avoid lingering sessions. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7457\"\u003e#7457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Cancel \u003ccode\u003eReadableStream\u003c/code\u003e created during request-stream capability probing to prevent async resource leaks. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7515\"\u003e#7515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Handling:\u003c/strong\u003e Fixed env proxy behavior with \u003ccode\u003eproxy-from-env\u003c/code\u003e v2 usage. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7499\"\u003e#7499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCommonJS Compatibility:\u003c/strong\u003e Fixed package \u003ccode\u003emain\u003c/code\u003e entry regression affecting CJS consumers. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7532\"\u003e#7532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eSecurity/Dependencies:\u003c/strong\u003e Updated \u003ccode\u003eformidable\u003c/code\u003e and refreshed package set to newer versions. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7533\"\u003e#7533\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/10556\"\u003e#10556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTooling:\u003c/strong\u003e Continued migration to Vitest and modernised CI/test harnesses. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7484\"\u003e#7484\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7489\"\u003e#7489\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7498\"\u003e#7498\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild/Lint Stack:\u003c/strong\u003e Rollup, ESLint, TypeScript, and related dev-dependency updates. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7508\"\u003e#7508\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7509\"\u003e#7509\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7522\"\u003e#7522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Clarified JSON parsing and adapter-related docs/comments. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7398\"\u003e#7398\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7460\"\u003e#7460\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7478\"\u003e#7478\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve Axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aviu16\"\u003e\u003ccode\u003e@​aviu16\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7456\"\u003e#7456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NETIZEN-11\"\u003e\u003ccode\u003e@​NETIZEN-11\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7460\"\u003e#7460\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fedotov\"\u003e\u003ccode\u003e@​fedotov\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7457\"\u003e#7457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nthbotast\"\u003e\u003ccode\u003e@​nthbotast\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7478\"\u003e#7478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7398\"\u003e#7398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/penkzhou\"\u003e\u003ccode\u003e@​penkzhou\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7515\"\u003e#7515\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cem\u003eFull Changelog: \u003ca href=\"https://github.com/axios/axios/compare/v1.13.6...v1.14.0\"\u003ev1.13.6...v1.14.0\u003c/a\u003e\u003c/em\u003e\u003c/p\u003e\n\u003ch2\u003ev1.13.6\u003c/h2\u003e\n\u003cp\u003eThis release focuses on platform compatibility, error handling improvements, and code quality maintenance.\u003c/p\u003e\n\u003ch2\u003e⚠️ Important Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBreaking Changes:\u003c/strong\u003e None identified in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAction Required:\u003c/strong\u003e Users targeting React Native should verify their integration, particularly if relying on specific Blob or FormData behaviours, as improvements have been made to support these objects.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native Blob Support:\u003c/strong\u003e Axios now includes support for React Native Blob objects. Thanks to \u003ca href=\"https://github.com/moh3n9595\"\u003e\u003ccode\u003e@​moh3n9595\u003c/code\u003e\u003c/a\u003e for the initial implementation. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/5764\"\u003e#5764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCode Quality:\u003c/strong\u003e Implemented prettier across the codebase and resolved associated formatting issues. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7385\"\u003e#7385\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eEnvironment Compatibility:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eFixed module exports for React Native and Browserify environments. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7386\"\u003e#7386\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.13.2...v1.13.3\"\u003e1.13.3\u003c/a\u003e (2026-01-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ehttp2:\u003c/strong\u003e Use port 443 for HTTPS connections by default. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7256\"\u003e#7256\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d7e60653460480ffacecf85383012ca1baa6263e\"\u003ed7e6065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003einterceptor:\u003c/strong\u003e handle the error in the same interceptor (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6269\"\u003e#6269\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/5945e40bb171d4ac4fc195df276cf952244f0f89\"\u003e5945e40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emain field in package.json should correspond to cjs artifacts (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5756\"\u003e#5756\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7373fbff24cd92ce650d99ff6f7fe08c2e2a0a04\"\u003e7373fbf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epackage.json:\u003c/strong\u003e add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5754\"\u003e#5754\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/b89217e3e91de17a3d55e2b8f39ceb0e9d8aeda8\"\u003eb89217e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esilentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7257\"\u003e#7257\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7d19335e43d6754a1a9a66e424f7f7da259895bf\"\u003e7d19335\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eturn AxiosError into a native error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5394\"\u003e#5394\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5558\"\u003e#5558\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/1c6a86dd2c0623ee1af043a8491dbc96d40e883b\"\u003e1c6a86d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e add handlers to AxiosInterceptorManager interface (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5551\"\u003e#5551\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/8d1271b49fc226ed7defd07cd577bd69a55bb13a\"\u003e8d1271b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e restore AxiosError.cause type from unknown to Error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7327\"\u003e#7327\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d8233d9e8e9a64bfba9bbe01d475ba417510b82b\"\u003ed8233d9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eunclear error message is thrown when specifying an empty proxy authorization (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6314\"\u003e#6314\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/6ef867e684adf7fb2343e3b29a79078a3c76dc29\"\u003e6ef867e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eundefined\u003c/code\u003e as a value in AxiosRequestConfig (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5560\"\u003e#5560\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/095033c626895ecdcda2288050b63dcf948db3bd\"\u003e095033c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd automatic minor and patch upgrades to dependabot (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6053\"\u003e#6053\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/65a7584eda6164980ddb8cf5372f0afa2a04c1ed\"\u003e65a7584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd Node.js coverage script using c8 (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/7289\"\u003e#7289\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7294\"\u003e#7294\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/ec9d94e9f88da13e9219acadf65061fb38ce080a\"\u003eec9d94e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded copilot instructions (\u003ca href=\"https://github.com/axios/axios/commit/3f83143bfe617eec17f9d7dcf8bafafeeae74c26\"\u003e3f83143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with frozen prototypes (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6265\"\u003e#6265\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/860e03396a536e9b926dacb6570732489c9d7012\"\u003e860e033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenhance pipeFileToResponse with error handling (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7169\"\u003e#7169\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/88d78842541610692a04282233933d078a8a2552\"\u003e88d7884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Intellisense for string literals in a widened union (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6134\"\u003e#6134\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/f73474d02c5aa957b2daeecee65508557fd3c6e5\"\u003ef73474d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com//redirect.github.com/microsoft/TypeScript/issues/33471/issues/issuecomment-1376364329\"\u003emicrosoft/TypeScript#33471\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eReverts\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRevert \u0026quot;fix: silentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7\"\u003e#7\u003c/a\u003e…\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7298\"\u003e#7298\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/a4230f5581b3f58b6ff531b6dbac377a4fd7942a\"\u003ea4230f5\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e \u003ca href=\"https://redirect.github.com/axios/axios/issues/7\"\u003e#7\u003c/a\u003e \u003ca href=\"https://redirect.github.com/axios/axios/issues/7298\"\u003e#7298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7334\"\u003e#7334\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/2d6ad5e48bd29b0b2b5e7e95fb473df98301543a\"\u003e2d6ad5e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/ashvin2005\" title=\"+1752/-4 ([#7218](https://github.com/axios/axios/issues/7218) [#7218](https://github.com/axios/axios/issues/7218) )\"\u003eAshvin Tiwari\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/mochinikunj\" title=\"+940/-12 ([#7294](https://github.com/axios/axios/issues/7294) [#7294](https://github.com/axios/axios/issues/7294) )\"\u003eNikunj Mochi\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/imanchalsingh\" title=\"+544/-102 ([#7169](https://github.com/axios/axios/issues/7169) [#7185](https://github.com/axios/axios/issues/7185) )\"\u003eAnchal Singh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/jasonsaayman\" title=\"+317/-73 ([#7334](https://github.com/axios/axios/issues/7334) [#7298](https://github.com/axios/axios/issues/7298) )\"\u003ejasonsaayman\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/brodo\" title=\"+99/-120 ([#5558](https://github.com/axios/axios/issues/5558) )\"\u003eJulian Dax\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/AKASHDHARDUBEY\" title=\"+167/-0 ([#7287](https://github.com/axios/axios/issues/7287) [#7288](https://github.com/axios/axios/issues/7288) )\"\u003eAkash Dhar Dubey\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/madhumitaaa\" title=\"+20/-68 ([#7198](https://github.com/axios/axios/issues/7198) )\"\u003eMadhumita\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Tackoil\" title=\"+80/-2 ([#6269](https://github.com/axios/axios/issues/6269) )\"\u003eTackoil\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/justindhillon\" title=\"+41/-41 ([#6324](https://github.com/axios/axios/issues/6324) [#6315](https://github.com/axios/axios/issues/6315) )\"\u003eJustin Dhillon\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Rudrxxx\" title=\"+71/-2 ([#7257](https://github.com/axios/axios/issues/7257) )\"\u003eRudransh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/WuMingDao\" title=\"+36/-36 ([#7215](https://github.com/axios/axios/issues/7215) )\"\u003eWuMingDao\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/codenomnom\" title=\"+70/-0 ([#7201](https://github.com/axios/axios/issues/7201) [#7201](https://github.com/axios/axios/issues/7201) )\"\u003ecodenomnom\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Nandann018-ux\" title=\"+60/-10 ([#7272](https://github.com/axios/axios/issues/7272) )\"\u003eNandan Acharya\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/KernelDeimos\" title=\"+22/-40 ([#7042](https://github.com/axios/axios/issues/7042) )\"\u003eEric Dubé\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/tiborpilz\" title=\"+40/-4 ([#5551](https://github.com/axios/axios/issues/5551) )\"\u003eTibor Pilz\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/joaoGabriel55\" title=\"+31/-4 ([#6314](https://github.com/axios/axios/issues/6314) )\"\u003eGabriel Quaresma\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/turadg\" title=\"+23/-6 ([#6265](https://github.com/axios/axios/issues/6265) )\"\u003eTuradg Aleahmad\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/46bee3dea75ef53a8eae49f3b7487e6341de6074\"\u003e\u003ccode\u003e46bee3d\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.14.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10563\"\u003e#10563\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/518aff569043116c87ce78e3d83877d5251f2a16\"\u003e\u003ccode\u003e518aff5\u003c/code\u003e\u003c/a\u003e chore: add AI Moderator workflow for spam detection (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10551\"\u003e#10551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b7dfda3e7cf9e85f6063d90334318f82842b42d0\"\u003e\u003ccode\u003eb7dfda3\u003c/code\u003e\u003c/a\u003e chore(sponsor): update sponsor block (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10557\"\u003e#10557\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9aa34d52918c13eaa445d884a24e9e20e71a7a93\"\u003e\u003ccode\u003e9aa34d5\u003c/code\u003e\u003c/a\u003e fix: updated release flow to match the current flows (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10562\"\u003e#10562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e9e5ebe483b3f0cecbb5a4c9fa95a316ea5d0645\"\u003e\u003ccode\u003ee9e5ebe\u003c/code\u003e\u003c/a\u003e Update packages to latest version (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10556\"\u003e#10556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4d8931ca8a92e53c5dcf02cf46d1016a10e60ec0\"\u003e\u003ccode\u003e4d8931c\u003c/code\u003e\u003c/a\u003e fix: formidable dependency vulnerable to arbitrary (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7533\"\u003e#7533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3a6f5c1ae1f9b58198e9f3109896a2c11d017c58\"\u003e\u003ccode\u003e3a6f5c1\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump \u003ccode\u003e@​babel/preset-env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7531\"\u003e#7531\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/bcfd2997dc93b56669dd03b29b83d8a868797937\"\u003e\u003ccode\u003ebcfd299\u003c/code\u003e\u003c/a\u003e fix: bug axios breaks commonjs compatibility main entry (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7532\"\u003e#7532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/d6dcbfd53e9506d9c8c0b1fd09c4d960bea9b9f0\"\u003e\u003ccode\u003ed6dcbfd\u003c/code\u003e\u003c/a\u003e fix: dependabot uses the correct labels (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7530\"\u003e#7530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5dd7ba78b8960fb29e39b6918ee5cb9a2130f15c\"\u003e\u003ccode\u003e5dd7ba7\u003c/code\u003e\u003c/a\u003e chore: upgrade to latest ts (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7522\"\u003e#7522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.11.0...v1.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 5.2.2 to 5.2.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/indutny/bn.js/blob/master/CHANGELOG.md\"\u003ebn.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.3 / 2026-02-19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ea6c072a951493ca99e5cd5f8da3851b90116271\"\u003e\u003ccode\u003eea6c072\u003c/code\u003e\u003c/a\u003e 5.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/33df26b5771e824f303a79ec6407409376baa64b\"\u003e\u003ccode\u003e33df26b\u003c/code\u003e\u003c/a\u003e fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v5.2.2...v5.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.2 to 1.14.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.14.0\u003c/h2\u003e\n\u003cp\u003eThis release focuses on compatibility fixes, adapter stability improvements, and test/tooling modernisation.\u003c/p\u003e\n\u003ch2\u003e⚠️ Important Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBreaking Changes:\u003c/strong\u003e None identified in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAction Required:\u003c/strong\u003e If you rely on env-based proxy behaviour or CJS resolution edge-cases, validate your integration after upgrade (notably \u003ccode\u003eproxy-from-env\u003c/code\u003e v2 alignment and \u003ccode\u003emain\u003c/code\u003e entry compatibility fix).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRuntime Features:\u003c/strong\u003e No new end-user features were introduced in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTest Coverage Expansion:\u003c/strong\u003e Added broader smoke/module test coverage for CJS and ESM package usage. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7510\"\u003e#7510\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Trim trailing CRLF in normalised header values. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7456\"\u003e#7456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2:\u003c/strong\u003e Close detached HTTP/2 sessions on timeout to avoid lingering sessions. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7457\"\u003e#7457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Cancel \u003ccode\u003eReadableStream\u003c/code\u003e created during request-stream capability probing to prevent async resource leaks. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7515\"\u003e#7515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Handling:\u003c/strong\u003e Fixed env proxy behavior with \u003ccode\u003eproxy-from-env\u003c/code\u003e v2 usage. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7499\"\u003e#7499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCommonJS Compatibility:\u003c/strong\u003e Fixed package \u003ccode\u003emain\u003c/code\u003e entry regression affecting CJS consumers. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7532\"\u003e#7532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eSecurity/Dependencies:\u003c/strong\u003e Updated \u003ccode\u003eformidable\u003c/code\u003e and refreshed package set to newer versions. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7533\"\u003e#7533\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/10556\"\u003e#10556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTooling:\u003c/strong\u003e Continued migration to Vitest and modernised CI/test harnesses. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7484\"\u003e#7484\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7489\"\u003e#7489\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7498\"\u003e#7498\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild/Lint Stack:\u003c/strong\u003e Rollup, ESLint, TypeScript, and related dev-dependency updates. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7508\"\u003e#7508\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7509\"\u003e#7509\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7522\"\u003e#7522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Clarified JSON parsing and adapter-related docs/comments. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7398\"\u003e#7398\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7460\"\u003e#7460\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7478\"\u003e#7478\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve Axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aviu16\"\u003e\u003ccode\u003e@​aviu16\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/...\n\n_Description has been truncated_","html_url":"https://github.com/ringecosystem/degov/pull/610","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ringecosystem%2Fdegov/issues/610","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/610/packages"},{"uuid":"4147965589","node_id":"PR_kwDORrmcVc7N4x3P","number":18,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 9 directories with 6 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-26T23:23:16.000Z","updated_at":"2026-03-26T23:24:24.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":6,"packages":[{"name":"picomatch","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/micromatch/picomatch"},{"name":"esbuild","old_version":"0.21.5","new_version":"0.27.4","repository_url":"https://github.com/evanw/esbuild"},{"name":"esbuild","old_version":"0.14.54","new_version":"0.27.4","repository_url":"https://github.com/evanw/esbuild"},{"name":"zx","old_version":"7.2.4","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"esbuild","old_version":"0.14.54","new_version":"0.27.4","repository_url":"https://github.com/evanw/esbuild"},{"name":"ws","old_version":"8.13.0","new_version":"8.17.1","repository_url":"https://github.com/websockets/ws"},{"name":"esbuild","old_version":"0.19.12","new_version":"0.27.4","repository_url":"https://github.com/evanw/esbuild"},{"name":"esbuild","old_version":"0.17.19","new_version":"0.27.4","repository_url":"https://github.com/evanw/esbuild"},{"name":"octokit","old_version":"2.1.0","new_version":"5.0.5","repository_url":"https://github.com/octokit/octokit.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /docs directory: [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 1 update in the /packages/bun directory: [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 2 updates in the /packages/bun/bench directory: [esbuild](https://github.com/evanw/esbuild) and [zx](https://github.com/google/zx).\nBumps the npm_and_yarn group with 1 update in the /packages/bun/bench/scanner directory: [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 1 update in the /packages/bun/bench/websocket-server directory: [ws](https://github.com/websockets/ws).\nBumps the npm_and_yarn group with 1 update in the /packages/bun/packages/bun-inspector-frontend directory: [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 2 updates in the /packages/bun/packages/bun-release directory: [esbuild](https://github.com/evanw/esbuild) and [octokit](https://github.com/octokit/octokit.js).\nBumps the npm_and_yarn group with 1 update in the /packages/bun/packages/bun-vscode directory: [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 1 update in the /packages/bun/packages/bun-vscode/example directory: [elysia](https://github.com/elysiajs/elysia).\n\nUpdates `picomatch` from 4.0.3 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.0.4\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ehttps://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e5474fc1a4d7991870058170407dda8a42be5334\"\u003e\u003ccode\u003ee5474fc\u003c/code\u003e\u003c/a\u003e Publish 4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903\"\u003e\u003ccode\u003e4516eb5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d\"\u003e\u003ccode\u003e5eceecd\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/0db7dd70651ca7c8265601c0442a996ed32e3238\"\u003e\u003ccode\u003e0db7dd7\u003c/code\u003e\u003c/a\u003e Run benchmark again against latest minimatch version (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/161\"\u003e#161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/95003777eb1c60dec09495a8231fa2ba4054d76a\"\u003e\u003ccode\u003e9500377\u003c/code\u003e\u003c/a\u003e docs: clarify what brace expansion syntax is and isn't supported (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/2661f23eca86c8b4a2b14815b9b2b3b74bd5a171\"\u003e\u003ccode\u003e2661f23\u003c/code\u003e\u003c/a\u003e fix typo in globstars.js test name (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/138\"\u003e#138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/1798b07e9df59500b9cf567294d44d559032f4c7\"\u003e\u003ccode\u003e1798b07\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003emakeRe\u003c/code\u003e example (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/9d76bc57a03b7f57cc4ca516c8071daf632bafd8\"\u003e\u003ccode\u003e9d76bc5\u003c/code\u003e\u003c/a\u003e chore: undocument removed options (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e4d718bbfb47e4f030ab2612b5b04a9297fe272d\"\u003e\u003ccode\u003ee4d718b\u003c/code\u003e\u003c/a\u003e Remove unused time-require (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/38dffeb16221cc8eb8981524fb6895dd2aaaba76\"\u003e\u003ccode\u003e38dffeb\u003c/code\u003e\u003c/a\u003e chore(deps): pin dependencies (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/158\"\u003e#158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.21.5 to 0.27.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.27.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix a regression with CSS media queries (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eVersion 0.25.11 of esbuild introduced support for parsing media queries. This unintentionally introduced a regression with printing media queries that use the \u003ccode\u003e\u0026lt;media-type\u0026gt; and \u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e grammar. Specifically, esbuild was failing to wrap an \u003ccode\u003eor\u003c/code\u003e clause with parentheses when inside \u003ccode\u003e\u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e. This release fixes the regression.\u003c/p\u003e\n\u003cp\u003eHere is an example:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\n@media only screen and ((min-width: 10px) or (min-height: 10px)) {\n  a { color: red }\n}\n\u003cp\u003e/* Old output (incorrect) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and (min-width: 10px) or (min-height: 10px) {\na {\ncolor: red;\n}\n}\u003c/p\u003e\n\u003cp\u003e/* New output (correct) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and ((min-width: 10px) or (min-height: 10px)) {\na {\ncolor: red;\n}\n}\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix an edge case with the \u003ccode\u003einject\u003c/code\u003e feature (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes an edge case where esbuild's \u003ccode\u003einject\u003c/code\u003e feature could not be used with arbitrary module namespace names exported using an \u003ccode\u003eexport {} from\u003c/code\u003e statement with bundling disabled and a target environment where arbitrary module namespace names is unsupported.\u003c/p\u003e\n\u003cp\u003eWith the fix, the following \u003ccode\u003einject\u003c/code\u003e file:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport jquery from 'jquery';\nexport { jquery as 'window.jQuery' };\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eCan now always be rewritten as this without esbuild sometimes incorrectly generating an error:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eexport { default as 'window.jQuery' } from 'jquery';\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAttempt to improve API handling of huge metafiles (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release contains a few changes that attempt to improve the behavior of esbuild's JavaScript API with huge metafiles (esbuild's name for the build metadata, formatted as a JSON object). The JavaScript API is designed to return the metafile JSON as a JavaScript object in memory, which makes it easy to access from within a JavaScript-based plugin. Multiple people have encountered issues where this API breaks down with a pathologically-large metafile.\u003c/p\u003e\n\u003cp\u003eThe primary issue is that V8 has an implementation-specific maximum string length, so using the \u003ccode\u003eJSON.parse\u003c/code\u003e API with large enough strings is impossible. This release will now attempt to use a fallback JavaScript-based JSON parser that operates directly on the UTF8-encoded JSON bytes instead of using \u003ccode\u003eJSON.parse\u003c/code\u003e when the JSON metafile is too big to fit in a JavaScript string. The new fallback path has not yet been heavily-tested. The metafile will also now be generated with whitespace removed if the bundle is significantly large, which will reduce the size of the metafile JSON slightly.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2024\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2024 (versions 0.19.12 through 0.24.2).\u003c/p\u003e\n\u003ch2\u003e0.24.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix regression with \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003eimport.meta\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4010\"\u003e#4010\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4012\"\u003e#4012\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4013\"\u003e#4013\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous change in version 0.24.1 to use a more expression-like parser for \u003ccode\u003edefine\u003c/code\u003e values to allow quoted property names introduced a regression that removed the ability to use \u003ccode\u003e--define:import.meta=...\u003c/code\u003e. Even though \u003ccode\u003eimport\u003c/code\u003e is normally a keyword that can't be used as an identifier, ES modules special-case the \u003ccode\u003eimport.meta\u003c/code\u003e expression to behave like an identifier anyway. This change fixes the regression.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/sapphi-red\"\u003e\u003ccode\u003e@​sapphi-red\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.24.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow \u003ccode\u003ees2024\u003c/code\u003e as a target in \u003ccode\u003etsconfig.json\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4004\"\u003e#4004\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eTypeScript recently \u003ca href=\"https://devblogs.microsoft.com/typescript/announcing-typescript-5-7/#support-for---target-es2024-and---lib-es2024\"\u003eadded \u003ccode\u003ees2024\u003c/code\u003e\u003c/a\u003e as a compilation target, so esbuild now supports this in the \u003ccode\u003etarget\u003c/code\u003e field of \u003ccode\u003etsconfig.json\u003c/code\u003e files, such as in the following configuration file:\u003c/p\u003e\n\u003cpre lang=\"json\"\u003e\u003ccode\u003e{\n  \u0026quot;compilerOptions\u0026quot;: {\n    \u0026quot;target\u0026quot;: \u0026quot;ES2024\u0026quot;\n  }\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAs a reminder, the only thing that esbuild uses this field for is determining whether or not to use legacy TypeScript behavior for class fields. You can read more in \u003ca href=\"https://esbuild.github.io/content-types/#tsconfig-json\"\u003ethe documentation\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/billyjanitsch\"\u003e\u003ccode\u003e@​billyjanitsch\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow automatic semicolon insertion after \u003ccode\u003eget\u003c/code\u003e/\u003ccode\u003eset\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eThis change fixes a grammar bug in the parser that incorrectly treated the following code as a syntax error:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003eclass Foo {\n  get\n  *x() {}\n  set\n  *y() {}\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThe above code will be considered valid starting with this release. This change to esbuild follows a \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/pull/60225\"\u003esimilar change to TypeScript\u003c/a\u003e which will allow this syntax starting with TypeScript 5.7.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow quoted property names in \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4008\"\u003e#4008\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe \u003ccode\u003edefine\u003c/code\u003e and \u003ccode\u003epure\u003c/code\u003e API options now accept identifier expressions containing quoted property names. Previously all identifiers in the identifier expression had to be bare identifiers. This change now makes \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e consistent with \u003ccode\u003e--global-name\u003c/code\u003e, which already supported quoted property names. For example, the following is now possible:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f9c9012cdb05135873722184b01f078ea7de8d98\"\u003e\u003ccode\u003ef9c9012\u003c/code\u003e\u003c/a\u003e publish 0.27.4 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/207dbc761ea95a81a8b32cc7f9fae46361faaed7\"\u003e\u003ccode\u003e207dbc7\u003c/code\u003e\u003c/a\u003e js api: fall back to js-based metafile json parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1ca56dc65155b0d887904c683cd43f7618ae621e\"\u003e\u003ccode\u003e1ca56dc\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e: auto-minify metafile for large bundles\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e3823aa485d3cd3f6c11718e4c124b54ebc425e5\"\u003e\u003ccode\u003ee3823aa\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e: add uint cast to stdio int parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/d50e88c00aaa424712eddda2f28aae299db4e0de\"\u003e\u003ccode\u003ed50e88c\u003c/code\u003e\u003c/a\u003e chore: correct copy\u0026amp;paste panic message (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4399\"\u003e#4399\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/8b829b1bdfeb2b11aa16a643b5bfee108066cab0\"\u003e\u003ccode\u003e8b829b1\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e: incorrect error for inject edge case\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/4384badefe3a07b80b3f3eba832c17d0c806dd4c\"\u003e\u003ccode\u003e4384bad\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e: parens for \u003ccode\u003eor\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9129e00e6c36a3e374820cb5e3fc2cd319c8ab85\"\u003e\u003ccode\u003e9129e00\u003c/code\u003e\u003c/a\u003e publish 0.27.3 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e20e4115acda9c9f052fdd1ec8d7d5c5489e837b\"\u003e\u003ccode\u003ee20e411\u003c/code\u003e\u003c/a\u003e small fix to release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0dc0f2dee556460bd7b81d5bbbae5a2f86449ab6\"\u003e\u003ccode\u003e0dc0f2d\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4322\"\u003e#4322\u003c/a\u003e: parse and print CSS \u003ccode\u003e@scope\u003c/code\u003e rules\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.21.5...v0.27.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for esbuild since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.14.54 to 0.27.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.27.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix a regression with CSS media queries (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eVersion 0.25.11 of esbuild introduced support for parsing media queries. This unintentionally introduced a regression with printing media queries that use the \u003ccode\u003e\u0026lt;media-type\u0026gt; and \u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e grammar. Specifically, esbuild was failing to wrap an \u003ccode\u003eor\u003c/code\u003e clause with parentheses when inside \u003ccode\u003e\u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e. This release fixes the regression.\u003c/p\u003e\n\u003cp\u003eHere is an example:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\n@media only screen and ((min-width: 10px) or (min-height: 10px)) {\n  a { color: red }\n}\n\u003cp\u003e/* Old output (incorrect) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and (min-width: 10px) or (min-height: 10px) {\na {\ncolor: red;\n}\n}\u003c/p\u003e\n\u003cp\u003e/* New output (correct) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and ((min-width: 10px) or (min-height: 10px)) {\na {\ncolor: red;\n}\n}\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix an edge case with the \u003ccode\u003einject\u003c/code\u003e feature (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes an edge case where esbuild's \u003ccode\u003einject\u003c/code\u003e feature could not be used with arbitrary module namespace names exported using an \u003ccode\u003eexport {} from\u003c/code\u003e statement with bundling disabled and a target environment where arbitrary module namespace names is unsupported.\u003c/p\u003e\n\u003cp\u003eWith the fix, the following \u003ccode\u003einject\u003c/code\u003e file:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport jquery from 'jquery';\nexport { jquery as 'window.jQuery' };\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eCan now always be rewritten as this without esbuild sometimes incorrectly generating an error:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eexport { default as 'window.jQuery' } from 'jquery';\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAttempt to improve API handling of huge metafiles (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release contains a few changes that attempt to improve the behavior of esbuild's JavaScript API with huge metafiles (esbuild's name for the build metadata, formatted as a JSON object). The JavaScript API is designed to return the metafile JSON as a JavaScript object in memory, which makes it easy to access from within a JavaScript-based plugin. Multiple people have encountered issues where this API breaks down with a pathologically-large metafile.\u003c/p\u003e\n\u003cp\u003eThe primary issue is that V8 has an implementation-specific maximum string length, so using the \u003ccode\u003eJSON.parse\u003c/code\u003e API with large enough strings is impossible. This release will now attempt to use a fallback JavaScript-based JSON parser that operates directly on the UTF8-encoded JSON bytes instead of using \u003ccode\u003eJSON.parse\u003c/code\u003e when the JSON metafile is too big to fit in a JavaScript string. The new fallback path has not yet been heavily-tested. The metafile will also now be generated with whitespace removed if the bundle is significantly large, which will reduce the size of the metafile JSON slightly.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2024\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2024 (versions 0.19.12 through 0.24.2).\u003c/p\u003e\n\u003ch2\u003e0.24.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix regression with \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003eimport.meta\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4010\"\u003e#4010\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4012\"\u003e#4012\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4013\"\u003e#4013\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous change in version 0.24.1 to use a more expression-like parser for \u003ccode\u003edefine\u003c/code\u003e values to allow quoted property names introduced a regression that removed the ability to use \u003ccode\u003e--define:import.meta=...\u003c/code\u003e. Even though \u003ccode\u003eimport\u003c/code\u003e is normally a keyword that can't be used as an identifier, ES modules special-case the \u003ccode\u003eimport.meta\u003c/code\u003e expression to behave like an identifier anyway. This change fixes the regression.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/sapphi-red\"\u003e\u003ccode\u003e@​sapphi-red\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.24.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow \u003ccode\u003ees2024\u003c/code\u003e as a target in \u003ccode\u003etsconfig.json\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4004\"\u003e#4004\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eTypeScript recently \u003ca href=\"https://devblogs.microsoft.com/typescript/announcing-typescript-5-7/#support-for---target-es2024-and---lib-es2024\"\u003eadded \u003ccode\u003ees2024\u003c/code\u003e\u003c/a\u003e as a compilation target, so esbuild now supports this in the \u003ccode\u003etarget\u003c/code\u003e field of \u003ccode\u003etsconfig.json\u003c/code\u003e files, such as in the following configuration file:\u003c/p\u003e\n\u003cpre lang=\"json\"\u003e\u003ccode\u003e{\n  \u0026quot;compilerOptions\u0026quot;: {\n    \u0026quot;target\u0026quot;: \u0026quot;ES2024\u0026quot;\n  }\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAs a reminder, the only thing that esbuild uses this field for is determining whether or not to use legacy TypeScript behavior for class fields. You can read more in \u003ca href=\"https://esbuild.github.io/content-types/#tsconfig-json\"\u003ethe documentation\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/billyjanitsch\"\u003e\u003ccode\u003e@​billyjanitsch\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow automatic semicolon insertion after \u003ccode\u003eget\u003c/code\u003e/\u003ccode\u003eset\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eThis change fixes a grammar bug in the parser that incorrectly treated the following code as a syntax error:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003eclass Foo {\n  get\n  *x() {}\n  set\n  *y() {}\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThe above code will be considered valid starting with this release. This change to esbuild follows a \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/pull/60225\"\u003esimilar change to TypeScript\u003c/a\u003e which will allow this syntax starting with TypeScript 5.7.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow quoted property names in \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4008\"\u003e#4008\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe \u003ccode\u003edefine\u003c/code\u003e and \u003ccode\u003epure\u003c/code\u003e API options now accept identifier expressions containing quoted property names. Previously all identifiers in the identifier expression had to be bare identifiers. This change now makes \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e consistent with \u003ccode\u003e--global-name\u003c/code\u003e, which already supported quoted property names. For example, the following is now possible:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f9c9012cdb05135873722184b01f078ea7de8d98\"\u003e\u003ccode\u003ef9c9012\u003c/code\u003e\u003c/a\u003e publish 0.27.4 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/207dbc761ea95a81a8b32cc7f9fae46361faaed7\"\u003e\u003ccode\u003e207dbc7\u003c/code\u003e\u003c/a\u003e js api: fall back to js-based metafile json parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1ca56dc65155b0d887904c683cd43f7618ae621e\"\u003e\u003ccode\u003e1ca56dc\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e: auto-minify metafile for large bundles\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e3823aa485d3cd3f6c11718e4c124b54ebc425e5\"\u003e\u003ccode\u003ee3823aa\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e: add uint cast to stdio int parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/d50e88c00aaa424712eddda2f28aae299db4e0de\"\u003e\u003ccode\u003ed50e88c\u003c/code\u003e\u003c/a\u003e chore: correct copy\u0026amp;paste panic message (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4399\"\u003e#4399\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/8b829b1bdfeb2b11aa16a643b5bfee108066cab0\"\u003e\u003ccode\u003e8b829b1\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e: incorrect error for inject edge case\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/4384badefe3a07b80b3f3eba832c17d0c806dd4c\"\u003e\u003ccode\u003e4384bad\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e: parens for \u003ccode\u003eor\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9129e00e6c36a3e374820cb5e3fc2cd319c8ab85\"\u003e\u003ccode\u003e9129e00\u003c/code\u003e\u003c/a\u003e publish 0.27.3 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e20e4115acda9c9f052fdd1ec8d7d5c5489e837b\"\u003e\u003ccode\u003ee20e411\u003c/code\u003e\u003c/a\u003e small fix to release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0dc0f2dee556460bd7b81d5bbbae5a2f86449ab6\"\u003e\u003ccode\u003e0dc0f2d\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4322\"\u003e#4322\u003c/a\u003e: parse and print CSS \u003ccode\u003e@scope\u003c/code\u003e rules\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.21.5...v0.27.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for esbuild since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 7.2.4 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/7.2.4...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.14.54 to 0.27.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.27.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix a regression with CSS media queries (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eVersion 0.25.11 of esbuild introduced support for parsing media queries. This unintentionally introduced a regression with printing media queries that use the \u003ccode\u003e\u0026lt;media-type\u0026gt; and \u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e grammar. Specifically, esbuild was failing to wrap an \u003ccode\u003eor\u003c/code\u003e clause with parentheses when inside \u003ccode\u003e\u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e. This release fixes the regression.\u003c/p\u003e\n\u003cp\u003eHere is an example:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\n@media only screen and ((min-width: 10px) or (min-height: 10px)) {\n  a { color: red }\n}\n\u003cp\u003e/* Old output (incorrect) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and (min-width: 10px) or (min-height: 10px) {\na {\ncolor: red;\n}\n}\u003c/p\u003e\n\u003cp\u003e/* New output (correct) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and ((min-width: 10px) or (min-height: 10px)) {\na {\ncolor: red;\n}\n}\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix an edge case with the \u003ccode\u003einject\u003c/code\u003e feature (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes an edge case where esbuild's \u003ccode\u003einject\u003c/code\u003e feature could not be used with arbitrary module namespace names exported using an \u003ccode\u003eexport {} from\u003c/code\u003e statement with bundling disabled and a target environment where arbitrary module namespace names is unsupported.\u003c/p\u003e\n\u003cp\u003eWith the fix, the following \u003ccode\u003einject\u003c/code\u003e file:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport jquery from 'jquery';\nexport { jquery as 'window.jQuery' };\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eCan now always be rewritten as this without esbuild sometimes incorrectly generating an error:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eexport { default as 'window.jQuery' } from 'jquery';\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAttempt to improve API handling of huge metafiles (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release contains a few changes that attempt to improve the behavior of esbuild's JavaScript API with huge metafiles (esbuild's name for the build metadata, formatted as a JSON object). The JavaScript API is designed to return the metafile JSON as a JavaScript object in memory, which makes it easy to access from within a JavaScript-based plugin. Multiple people have encountered issues where this API breaks down with a pathologically-large metafile.\u003c/p\u003e\n\u003cp\u003eThe primary issue is that V8 has an implementation-specific maximum string length, so using the \u003ccode\u003eJSON.parse\u003c/code\u003e API with large enough strings is impossible. This release will now attempt to use a fallback JavaScript-based JSON parser that operates directly on the UTF8-encoded JSON bytes instead of using \u003ccode\u003eJSON.parse\u003c/code\u003e when the JSON metafile is too big to fit in a JavaScript string. The new fallback path has not yet been heavily-tested. The metafile will also now be generated with whitespace removed if the bundle is significantly large, which will reduce the size of the metafile JSON slightly.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2024\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2024 (versions 0.19.12 through 0.24.2).\u003c/p\u003e\n\u003ch2\u003e0.24.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix regression with \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003eimport.meta\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4010\"\u003e#4010\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4012\"\u003e#4012\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4013\"\u003e#4013\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous change in version 0.24.1 to use a more expression-like parser for \u003ccode\u003edefine\u003c/code\u003e values to allow quoted property names introduced a regression that removed the ability to use \u003ccode\u003e--define:import.meta=...\u003c/code\u003e. Even though \u003ccode\u003eimport\u003c/code\u003e is normally a keyword that can't be used as an identifier, ES modules special-case the \u003ccode\u003eimport.meta\u003c/code\u003e expression to behave like an identifier anyway. This change fixes the regression.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/sapphi-red\"\u003e\u003ccode\u003e@​sapphi-red\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.24.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow \u003ccode\u003ees2024\u003c/code\u003e as a target in \u003ccode\u003etsconfig.json\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4004\"\u003e#4004\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eTypeScript recently \u003ca href=\"https://devblogs.microsoft.com/typescript/announcing-typescript-5-7/#support-for---target-es2024-and---lib-es2024\"\u003eadded \u003ccode\u003ees2024\u003c/code\u003e\u003c/a\u003e as a compilation target, so esbuild now supports this in the \u003ccode\u003etarget\u003c/code\u003e field of \u003ccode\u003etsconfig.json\u003c/code\u003e files, such as in the following configuration file:\u003c/p\u003e\n\u003cpre lang=\"json\"\u003e\u003ccode\u003e{\n  \u0026quot;compilerOptions\u0026quot;: {\n    \u0026quot;target\u0026quot;: \u0026quot;ES2024\u0026quot;\n  }\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAs a reminder, the only thing that esbuild uses this field for is determining whether or not to use legacy TypeScript behavior for class fields. You can read more in \u003ca href=\"https://esbuild.github.io/content-types/#tsconfig-json\"\u003ethe documentation\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/billyjanitsch\"\u003e\u003ccode\u003e@​billyjanitsch\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow automatic semicolon insertion after \u003ccode\u003eget\u003c/code\u003e/\u003ccode\u003eset\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eThis change fixes a grammar bug in the parser that incorrectly treated the following code as a syntax error:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003eclass Foo {\n  get\n  *x() {}\n  set\n  *y() {}\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThe above code will be considered valid starting with this release. This change to esbuild follows a \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/pull/60225\"\u003esimilar change to TypeScript\u003c/a\u003e which will allow this syntax starting with TypeScript 5.7.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow quoted property names in \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4008\"\u003e#4008\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe \u003ccode\u003edefine\u003c/code\u003e and \u003ccode\u003epure\u003c/code\u003e API options now accept identifier expressions containing quoted property names. Previously all identifiers in the identifier expression had to be bare identifiers. This change now makes \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e consistent with \u003ccode\u003e--global-name\u003c/code\u003e, which already supported quoted property names. For example, the following is now possible:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f9c9012cdb05135873722184b01f078ea7de8d98\"\u003e\u003ccode\u003ef9c9012\u003c/code\u003e\u003c/a\u003e publish 0.27.4 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/207dbc761ea95a81a8b32cc7f9fae46361faaed7\"\u003e\u003ccode\u003e207dbc7\u003c/code\u003e\u003c/a\u003e js api: fall back to js-based metafile json parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1ca56dc65155b0d887904c683cd43f7618ae621e\"\u003e\u003ccode\u003e1ca56dc\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e: auto-minify metafile for large bundles\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e3823aa485d3cd3f6c11718e4c124b54ebc425e5\"\u003e\u003ccode\u003ee3823aa\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e: add uint cast to stdio int parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/d50e88c00aaa424712eddda2f28aae299db4e0de\"\u003e\u003ccode\u003ed50e88c\u003c/code\u003e\u003c/a\u003e chore: correct copy\u0026amp;paste panic message (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4399\"\u003e#4399\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/8b829b1bdfeb2b11aa16a643b5bfee108066cab0\"\u003e\u003ccode\u003e8b829b1\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e: incorrect error for inject edge case\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/4384badefe3a07b80b3f3eba832c17d0c806dd4c\"\u003e\u003ccode\u003e4384bad\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e: parens for \u003ccode\u003eor\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9129e00e6c36a3e374820cb5e3fc2cd319c8ab85\"\u003e\u003ccode\u003e9129e00\u003c/code\u003e\u003c/a\u003e publish 0.27.3 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e20e4115acda9c9f052fdd1ec8d7d5c5489e837b\"\u003e\u003ccode\u003ee20e411\u003c/code\u003e\u003c/a\u003e small fix to release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0dc0f2dee556460bd7b81d5bbbae5a2f86449ab6\"\u003e\u003ccode\u003e0dc0f2d\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4322\"\u003e#4322\u003c/a\u003e: parse and print CSS \u003ccode\u003e@scope\u003c/code\u003e rules\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.21.5...v0.27.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for esbuild since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.13.0 to 8.17.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.17.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a DoS vulnerability (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2231\"\u003e#2231\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eA request with a number of headers exceeding the[\u003ccode\u003eserver.maxHeadersCount\u003c/code\u003e][]\nthreshold could be used to crash a ws server.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003econst http = require('http');\r\nconst WebSocket = require('ws');\r\n\u003cp\u003econst wss = new WebSocket.Server({ port: 0 }, function () {\nconst chars = \u0026quot;!#$%\u0026amp;'*+-.0123456789abcdefghijklmnopqrstuvwxyz^_`|~\u0026quot;.split('');\nconst headers = {};\nlet count = 0;\u003c/p\u003e\n\u003cp\u003efor (let i = 0; i \u0026lt; chars.length; i++) {\nif (count === 2000) break;\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003efor (let j = 0; j \u0026amp;lt; chars.length; j++) {\r\n  const key = chars[i] + chars[j];\r\n  headers[key] = 'x';\r\n\r\n  if (++count === 2000) break;\r\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\u003c/p\u003e\n\u003cp\u003eheaders.Connection = 'Upgrade';\nheaders.Upgrade = 'websocket';\nheaders['Sec-WebSocket-Key'] = 'dGhlIHNhbXBsZSBub25jZQ==';\nheaders['Sec-WebSocket-Version'] = '13';\u003c/p\u003e\n\u003cp\u003econst request = http.request({\nheaders: headers,\nhost: '127.0.0.1',\nport: wss.address().port\n});\u003c/p\u003e\n\u003cp\u003erequest.end();\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe vulnerability was reported by \u003ca href=\"https://github.com/rrlapointe\"\u003eRyan LaPointe\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/websockets/ws/issues/2230\"\u003ewebsockets/ws#2230\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIn vulnerable versions of ws, the issue can be mitigated in the following ways:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eReduce the maximum allowed length of the request headers using the\n[\u003ccode\u003e--max-http-header-size=size\u003c/code\u003e][] and/or the [\u003ccode\u003emaxHeaderSize\u003c/code\u003e][] options so\nthat no more headers than the \u003ccode\u003eserver.maxHeadersCount\u003c/code\u003e limit can be sent.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3c56601092872f7d7566989f0e379271afd0e4a1\"\u003e\u003ccode\u003e3c56601\u003c/code\u003e\u003c/a\u003e [dist] 8.17.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/e55e5106f10fcbaac37cfa89759e4cc0d073a52c\"\u003e\u003ccode\u003ee55e510\u003c/code\u003e\u003c/a\u003e [security] Fix crash when the Upgrade header cannot be read (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2231\"\u003e#2231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/6a00029edd924499f892aed8003cef1fa724cfe5\"\u003e\u003ccode\u003e6a00029\u003c/code\u003e\u003c/a\u003e [test] Increase code coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ddfe4a804d79e7788ab136290e609f91cf68423f\"\u003e\u003ccode\u003eddfe4a8\u003c/code\u003e\u003c/a\u003e [perf] Reduce the amount of \u003ccode\u003ecrypto.randomFillSync()\u003c/code\u003e calls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/b73b11828d166e9692a9bffe9c01a7e93bab04a8\"\u003e\u003ccode\u003eb73b118\u003c/code\u003e\u003c/a\u003e [dist] 8.17.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/29694a5905fa703e86667928e6bacac397469471\"\u003e\u003ccode\u003e29694a5\u003c/code\u003e\u003c/a\u003e [test] Use the \u003ccode\u003ehighWaterMark\u003c/code\u003e variable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/934c9d6b938b93c045cb13e5f7c19c27a8dd925a\"\u003e\u003ccode\u003e934c9d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/1817bac06e1204bfb578b8b3f4bafd0fa09623d0\"\u003e\u003ccode\u003e1817bac\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/96c9b3deddf56cacb2d756aaa918071e03cdbc42\"\u003e\u003ccode\u003e96c9b3d\u003c/code\u003e\u003c/a\u003e [major] Flip the default value of \u003ccode\u003eallowSynchronousEvents\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2221\"\u003e#2221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/e5f32c7e1e6d3d19cd4a1fdec84890e154db30c1\"\u003e\u003ccode\u003ee5f32c7\u003c/code\u003e\u003c/a\u003e [fix] Emit at most one event per event loop iteration (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2218\"\u003e#2218\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.13.0...8.17.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.19.12 to 0.27.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.27.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix a regression with CSS media queries (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eVersion 0.25.11 of esbuild introduced support for parsing media queries. This unintentionally introduced a regression with printing media queries that use the \u003ccode\u003e\u0026lt;media-type\u0026gt; and \u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e grammar. Specifically, esbuild was failing to wrap an \u003ccode\u003eor\u003c/code\u003e clause with parentheses when inside \u003ccode\u003e\u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e. This release fixes the regression.\u003c/p\u003e\n\u003cp\u003eHere is an example:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\n@media only screen and ((min-width: 10px) or (min-height: 10px)) {\n  a { color: red }\n}\n\u003cp\u003e/* Old output (incorrect) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and (min-width: 10px) or (min-height: 10px) {\na {\ncolor: red;\n}\n}\u003c/p\u003e\n\u003cp\u003e/* New output (correct) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and ((min-width: 10px) or (min-height: 10px)) {\na {\ncolor: red;\n}\n}\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix an edge case with the \u003ccode\u003einject\u003c/code\u003e feature (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes an edge case where esbuild's \u003ccode\u003einject\u003c/code\u003e feature could not be used with arbitrary module namespace names exported using an \u003ccode\u003eexport {} from\u003c/code\u003e statement with bundling disabled and a target environment where arbitrary module namespace names is unsupported.\u003c/p\u003e\n\u003cp\u003eWith the fix, the following \u003ccode\u003einject\u003c/code\u003e file:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport jquery from 'jquery';\nexport { jquery as 'window.jQuery' };\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eCan now always be rewritten as this without esbuild sometimes incorrectly generating an error:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eexport { default as 'window.jQuery' } from 'jquery';\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAttempt to improve API handling of huge metafiles (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release contains a few changes that attempt to improve the behavior of esbuild's JavaScript API with huge metafiles (esbuild's name for the build metadata, formatted as a JSON object). The JavaScript API is designed to return the metafile JSON as a JavaScript object in memory, which makes it easy to access from within a JavaScript-based plugin. Multiple people have encountered issues where this API breaks down with a pathologically-large metafile.\u003c/p\u003e\n\u003cp\u003eThe primary issue is that V8 has an implementation-specific maximum string length, so using the \u003ccode\u003eJSON.parse\u003c/code\u003e API with large enough strings is impossible. This release will now attempt to use a fallback JavaScript-based JSON parser that operates directly on the UTF8-encoded JSON bytes instead of using \u003ccode\u003eJSON.parse\u003c/code\u003e when the JSON metafile is too big to fit in a JavaScript string. The new fallback path has not yet been heavily-tested. The metafile will also now be generated with whitespace removed if the bundle is significantly large, which will reduce the size of the metafile JSON slightly.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2024\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2024 (versions 0.19.12 through 0.24.2).\u003c/p\u003e\n\u003ch2\u003e0.24.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix regression with \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003eimport.meta\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4010\"\u003e#4010\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4012\"\u003e#4012\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4013\"\u003e#4013\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous change in version 0.24.1 to use a more expression-like parser for \u003ccode\u003edefine\u003c/code\u003e values to allow quoted property names introduced a regression that removed the ability to use \u003ccode\u003e--define:import.meta=...\u003c/code\u003e. Even though \u003ccode\u003eimport\u003c/code\u003e is normally a keyword that can't be used as an identifier, ES modules special-case the \u003ccode\u003eimport.meta\u003c/code\u003e expression to behave like an identifier anyway. This change fixes the regression.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/sapphi-red\"\u003e\u003ccode\u003e@​sapphi-red\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.24.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow \u003ccode\u003ees2024\u003c/code\u003e as a target in \u003ccode\u003etsconfig.json\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4004\"\u003e#4004\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eTypeScript recently \u003ca href=\"https://devblogs.microsoft.com/typescript/announcing-typescript-5-7/#support-for---target-es2024-and---lib-es2024\"\u003eadded \u003ccode\u003ees2024\u003c/code\u003e\u003c/a\u003e as a compilation target, so esbuild now supports this in the \u003ccode\u003etarget\u003c/code\u003e field of \u003ccode\u003etsconfig.json\u003c/code\u003e files, such as in the following configuration file:\u003c/p\u003e\n\u003cpre lang=\"json\"\u003e\u003ccode\u003e{\n  \u0026quot;compilerOptions\u0026quot;: {\n    \u0026quot;target\u0026quot;: \u0026quot;ES2024\u0026quot;\n  }\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAs a reminder, the only thing that esbuild uses this field for is determining whether or not to use legacy TypeScript behavior for class fields. You can read more in \u003ca href=\"https://esbuild.github.io/content-types/#tsconfig-json\"\u003ethe documentation\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/billyjanitsch\"\u003e\u003ccode\u003e@​billyjanitsch\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow automatic semicolon insertion after \u003ccode\u003eget\u003c/code\u003e/\u003ccode\u003eset\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eThis change fixes a grammar bug in the parser that incorrectly treated the following code as a syntax error:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003eclass Foo {\n  get\n  *x() {}\n  set\n  *y() {}\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThe above code will be considered valid starting with this release. This change to esbuild follows a \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/pull/60225\"\u003esimilar change to TypeScript\u003c/a\u003e which will allow this syntax starting with TypeScript 5.7.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow quoted property names in \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4008\"\u003e#4008\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe \u003ccode\u003edefine\u003c/code\u003e and \u003ccode\u003epure\u003c/code\u003e API options now accept identifier expressions containing quoted property names. Previously all identifiers in the identifier expression had to be bare identifiers. This change now makes \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e consistent with \u003ccode\u003e--global-name\u003c/code\u003e, which already supported quoted property names. For example, the following is now possible:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f9c9012cdb05135873722184b01f078ea7de8d98\"\u003e\u003ccode\u003ef9c9012\u003c/code\u003e\u003c/a\u003e publish 0.27.4 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/207dbc761ea95a81a8b32cc7f9fae46361faaed7\"\u003e\u003ccode\u003e207dbc7\u003c/code\u003e\u003c/a\u003e js api: fall back to js-based metafile json parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1ca56dc65155b0d887904c683cd43f7618ae621e\"\u003e\u003ccode\u003e1ca56dc\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e: auto-minify metafile for large bundles\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e3823aa485d3cd3f6c11718e4c124b54ebc425e5\"\u003e\u003ccode\u003ee3823aa\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e: add uint cast to stdio int parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/d50e88c00aaa424712eddda2f28aae299db4e0de\"\u003e\u003ccode\u003ed50e88c\u003c/code\u003e\u003c/a\u003e chore: correct copy\u0026amp;paste panic message (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4399\"\u003e#4399\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/8b829b1bdfeb2b11aa16a643b5bfee108066cab0\"\u003e\u003ccode\u003e8b829b1\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e: incorrect error for inject edge case\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/4384badefe3a07b80b3f3eba832c17d0c806dd4c\"\u003e\u003ccode\u003e4384bad\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e: parens for \u003ccode\u003eor\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9129e00e6c36a3e374820cb5e3fc2cd319c8ab85\"\u003e\u003ccode\u003e9129e00\u003c/code\u003e\u003c/a\u003e publish 0.27.3 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e20e4115acda9c9f052fdd1ec8d7d5c5489e837b\"\u003e\u003ccode\u003ee20e411\u003c/code\u003e\u003c/a\u003e small fix to release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0dc0f2dee556460bd7b81d5bbbae5a2f86449ab6\"\u003e\u003ccode\u003e0dc0f2d\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4322\"\u003e#4322\u003c/a\u003e: parse and print CSS \u003ccode\u003e@scope\u003c/code\u003e rules\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.21.5...v0.27.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for esbuild since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.17.19 to 0.27.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.27.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix a regression with CSS media queries (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eVersion 0.25.11 of esbuild introduced support for parsing media queries. This unintentionally introduced a regression with printing media queries that use the \u003ccode\u003e\u0026lt;media-type\u0026gt; and \u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e grammar. Specifically, esbuild was failing to wrap an \u003ccode\u003eor\u003c/code\u003e clause with parentheses when inside \u003ccode\u003e\u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e. This release fixes the regression.\u003c/p\u003e\n\u003cp\u003eHere is an example:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\n@media only screen and ((min-width: 10px) or (min-height: 10px)) {\n  a { color: red }\n}\n\u003cp\u003e/* Old output (incorrect) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and (min-width: 10px) or (min-height: 10px) {\na {\ncolor: red;\n}\n}\u003c/p\u003e\n\u003cp\u003e/* New output (correct) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and ((min-width: 10px) or (min-height: 10px)) {\na {\ncolor: red;\n}\n}\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix an edge case with the \u003ccode\u003einject\u003c/code\u003e feature (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes an edge case where esbuild's \u003ccode\u003einject\u003c/code\u003e feature could not be used with arbitrary module namespace names exported using an \u003ccode\u003eexport {} from\u003c/code\u003e statement with bundling disabled and a target environment where arbitrary module namespace names is unsupported.\u003c/p\u003e\n\u003cp\u003eWith the fix, the following \u003ccode\u003einject\u003c/code\u003e file:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport jquery from 'jquery';\nexport { jquery as 'window.jQuery' };\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eCan now always be rewritten as this without esbuild sometimes incorrectly generating an error:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eexport { default as 'window.jQuery' } from 'jquery';\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAttempt to improve API handling of huge metafiles (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release contains a few changes that attempt to improve the behavior of esbuild's JavaScript API with huge metafiles (esbuild's name for the build metadata, formatted as a JSON object). The JavaScript API is designed to return the metafile JSON as a JavaScript object in memory, which makes it easy to access from within a JavaScript-based plugin. Multiple people have encountered issues where this API breaks down with a pathologically-large metafile.\u003c/p\u003e\n\u003cp\u003eThe primary issue is that V8 has an implementation-specific maximum string length, so using the \u003ccode\u003eJSON.parse\u003c/code\u003e API with large enough strings is impossible. This release will now attempt to use a fallback JavaScript-based JSON parser that operates directly on the UTF8-encoded JSON bytes instead of using \u003ccode\u003eJSON.parse\u003c/code\u003e when the JSON metafile is too big to fit in a JavaScript string. The new fallback path has not yet been heavily-tested. The metafile will also now be generated with whitespace removed if the bundle is significantly large, which will reduce the size of the metafile JSON slightly.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2024\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2024 (versions 0.19.12 through 0.24.2).\u003c/p\u003e\n\u003ch2\u003e0.24.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix regression with \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003eimport.meta\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4010\"\u003e#4010\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4012\"\u003e#4012\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4013\"\u003e#4013\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous change in version 0.24.1 to use a more expression-like parser for \u003ccode\u003edefine\u003c/code\u003e values to allow quoted property names introduced a regression that removed the ability to use \u003ccode\u003e--define:import.meta=...\u003c/code\u003e. Even though \u003ccode\u003eimport\u003c/code\u003e is normally a keyword that can't be used as an identifier, ES modules special-case the \u003ccode\u003eimport.meta\u003c/code\u003e expression to behave like an identifier anyway. This change fixes the regression.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/sapphi-red\"\u003e\u003ccode\u003e@​sapphi-red\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.24.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow \u003ccode\u003ees2024\u003c/code\u003e as a target in \u003ccode\u003etsconfig.json\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4004\"\u003e#4004\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eTypeScript recently \u003ca href=\"https://devblogs.microsoft.com/typescript/announcing-typescript-5-7/#support-for---target-es2024-and---lib-es2024\"\u003eadded \u003ccode\u003ees2024\u003c/code\u003e\u003c/a\u003e as a compilation target, so esbuild now supports this in the \u003ccode\u003etarget\u003c/code\u003e field of \u003ccode\u003etsconfig.json\u003c/code\u003e files, such as in the following configuration file:\u003c/p\u003e\n\u003cpre lang=\"json\"\u003e\u003ccode\u003e{\n  \u0026quot;compilerOptions\u0026quot;: {\n    \u0026quot;target\u0026quot;: \u0026quot;ES2024\u0026quot;\n  }\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAs a reminder, the only thing that esbuild uses this field for is determining whether or not to use legacy TypeScript behavior for class fields. You can read more in \u003ca href=\"https://esbuild.github.io/content-types/#tsconfig-json\"\u003ethe documentation\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/billyjanitsch\"\u003e\u003ccode\u003e@​billyjanitsch\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow automatic semicolon insertion after \u003ccode\u003eget\u003c/code\u003e/\u003ccode\u003eset\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eThis change fixes a grammar bug in the parser that incorrectly treated the following code as a syntax error:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003eclass Foo {\n  get\n  *x() {}\n  set\n  *y() {}\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThe above code will be considered valid starting with this release. This change to esbuild follows a \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/pull/60225\"\u003esimilar change to TypeScript\u003c/a\u003e which will allow this syntax starting with TypeScript 5.7.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow quoted property names in \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4008\"\u003e#4008\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe \u003ccode\u003edefine\u003c/code\u003e and \u003ccode\u003epure\u003c/code\u003e API options now accept identifier expressions containing quoted property names. Previously all identifiers in the identifier expression had to be bare identifiers. This change now makes \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e consistent with \u003ccode\u003e--global-name\u003c/code\u003e, which already supported quoted property names. For example, the following is now possible:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f9c9012cdb05135873722184b01f078ea7de8d98\"\u003e\u003ccode\u003ef9c9012\u003c/code\u003e\u003c/a\u003e publish 0.27.4 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/207dbc761ea95a81a8b32cc7f9fae46361faaed7\"\u003e\u003ccode\u003e207dbc7\u003c/code\u003e\u003c/a\u003e js api: fall back to js-based metafile json parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1ca56dc65155b0d887904c683cd43f7618ae621e\"\u003e\u003ccode\u003e1ca56dc\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e: auto-minify metafile for large bundles\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e3823aa485d3cd3f6c11718e4c124b54ebc425e5\"\u003e\u003ccode\u003ee3823aa\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e: add uint cast to stdio int parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/d50e88c00aaa424712eddda2f28aae299db4e0de\"\u003e\u003ccode\u003ed50e88c\u003c/code\u003e\u003c/a\u003e chore: correct copy\u0026amp;paste panic message (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4399\"\u003e#4399\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/8b829b1bdfeb2b11aa16a643b5bfee108066cab0\"\u003e\u003ccode\u003e8b829b1\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e: incorrect error for inject edge case\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/4384badefe3a07b80b3f3eba832c17d0c806dd4c\"\u003e\u003ccode\u003e4384bad\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e: parens for \u003ccode\u003eor\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9129e00e6c36a3e374820cb5e3fc2cd319c8ab85\"\u003e\u003ccode\u003e9129e00\u003c/code\u003e\u003c/a\u003e publish 0.27.3 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e20e4115acda9c9f052fdd1ec8d7d5c5489e837b\"\u003e\u003ccode\u003ee20e411\u003c/code\u003e\u003c/a\u003e small fix to release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0dc0f2dee556460bd7b81d5bbbae5a2f86449ab6\"\u003e\u003ccode\u003e0dc0f2d\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4322\"\u003e#4322\u003c/a\u003e: parse and print CSS \u003ccode\u003e@scope\u003c/code\u003e rules\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.21.5...v0.27.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for esbuild since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `octokit` from 2.1.0 to 5.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/octokit.js/releases\"\u003eoctokit's r...\n\n_Description has been truncated_","html_url":"https://github.com/awfixers-stuff/awplus/pull/18","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/awfixers-stuff%2Fawplus/issues/18","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/18/packages"},{"uuid":"4140903441","node_id":"PR_kwDOP9kpyc7Nl1GT","number":20,"state":"open","title":"Bump the npm_and_yarn group across 2 directories with 24 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-26T05:57:35.000Z","updated_at":"2026-03-26T05:58:21.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":24,"packages":[{"name":"ai","old_version":"5.0.28","new_version":"5.0.52","repository_url":"https://github.com/vercel/ai"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"next","old_version":"15.3.3","new_version":"15.5.14","repository_url":"https://github.com/vercel/next.js"},{"name":"glob","old_version":"11.0.2","new_version":"12.0.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"validator","old_version":"13.15.15","new_version":"13.15.22","repository_url":"https://github.com/validatorjs/validator.js"},{"name":"@modelcontextprotocol/sdk","old_version":"1.12.1","new_version":"1.28.0","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.2.0","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"bn.js","old_version":"4.12.2","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"mdast-util-to-hast","old_version":"13.2.0","new_version":"13.2.1","repository_url":"https://github.com/syntax-tree/mdast-util-to-hast"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"qs","old_version":"6.14.0","new_version":"6.15.0","repository_url":"https://github.com/ljharb/qs"},{"name":"rollup","old_version":"4.43.0","new_version":"4.60.0","repository_url":"https://github.com/rollup/rollup"},{"name":"tar-fs","old_version":"3.0.9","new_version":"3.1.2","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.13","repository_url":"https://github.com/isaacs/node-tar"},{"name":"undici","old_version":"7.10.0","new_version":"7.24.6","repository_url":"https://github.com/nodejs/undici"},{"name":"zx","old_version":"7.2.3","new_version":"7.2.4","repository_url":"https://github.com/google/zx"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 22 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ai](https://github.com/vercel/ai) | `5.0.28` | `5.0.52` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [next](https://github.com/vercel/next.js) | `15.3.3` | `15.5.14` |\n| [glob](https://github.com/isaacs/node-glob) | `11.0.2` | `12.0.0` |\n| [validator](https://github.com/validatorjs/validator.js) | `13.15.15` | `13.15.22` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.12.1` | `1.28.0` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.2.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.2` | `4.12.3` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) | `13.2.0` | `13.2.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n| [rollup](https://github.com/rollup/rollup) | `4.43.0` | `4.60.0` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `3.0.9` | `3.1.2` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.13` |\n| [undici](https://github.com/nodejs/undici) | `7.10.0` | `7.24.6` |\n| [zx](https://github.com/google/zx) | `7.2.3` | `7.2.4` |\n\nBumps the npm_and_yarn group with 4 updates in the /apps/www directory: [ai](https://github.com/vercel/ai), [lodash](https://github.com/lodash/lodash), [next](https://github.com/vercel/next.js) and [glob](https://github.com/isaacs/node-glob).\n\nUpdates `ai` from 5.0.28 to 5.0.52\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63d5f669098343a49173d788fe1490127e882bd1\"\u003e\u003ccode\u003e63d5f66\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8895\"\u003e#8895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/930399bb9839a8baf3d349614106d78268775eed\"\u003e\u003ccode\u003e930399b\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): download files when intermediate file cannot be downloaded...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7ca78f19a51859de09171daa3b0cefcc9df90a16\"\u003e\u003ccode\u003e7ca78f1\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/gateway): Add new Qwen models to Gateway model string...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1cfc209a5f9f281565538f2880f9c6278ca6bf04\"\u003e\u003ccode\u003e1cfc209\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): \u003ccode\u003eOpenAILanguageModelOptions\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8858\"\u003e#8858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/347b7ecce9953ae427e7fcf5b0441a63a3d44431\"\u003e\u003ccode\u003e347b7ec\u003c/code\u003e\u003c/a\u003e ci: rename \u003ccode\u003ev5.0\u003c/code\u003e branch to \u003ccode\u003erelease-v*\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/85909a9f6448c7e6eb52d780abcca4f96679e719\"\u003e\u003ccode\u003e85909a9\u003c/code\u003e\u003c/a\u003e Backport: chore(ai): update test message (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8875\"\u003e#8875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c56822dd81d5d70bcd5ef230a875f96a224849a4\"\u003e\u003ccode\u003ec56822d\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the `UIMessageChu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1461adf5841cc3f164482fdff72b66b4b22bf866\"\u003e\u003ccode\u003e1461adf\u003c/code\u003e\u003c/a\u003e Backport: chore(examples): remove redundant OpenAI reasoning examples (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8871\"\u003e#8871\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6bd07df02d9f954b389e44da128fc6d1358462d9\"\u003e\u003ccode\u003e6bd07df\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8853\"\u003e#8853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a45d61aa32f2f319254c5e660731085bcd30f273\"\u003e\u003ccode\u003ea45d61a\u003c/code\u003e\u003c/a\u003e ci(release): remove incorrect changeset bump for \u003ccode\u003e@ai-sdk/baseten\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/compare/ai@5.0.28...ai@5.0.52\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 15.3.3 to 15.5.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(next/image): add lru disk cache and images.maximumDiskCacheSize (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91660\"\u003e#91660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix(pages-router): restore Content-Length and ETag for /_next/data/ JSON responses (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/90304\"\u003e#90304\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/lllomh\"\u003e\u003ccode\u003e@​lllomh\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003ev15.5.13\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: patch http-proxy to prevent request smuggling in rewrites (See: \u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ggv3-7p47-pfv8\"\u003eCVE-2026-29057\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/ztanner\"\u003e\u003ccode\u003e@​ztanner\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003ev15.5.12\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003efix unlock in publish-native\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis is a re-release of \u003ca href=\"https://github.com/vercel/next.js/releases/tag/v15.5.11\"\u003ev15.5.11\u003c/a\u003e applying the turbopack changes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d7b012d787c01e0435f8cdf2a47211891668d13b\"\u003e\u003ccode\u003ed7b012d\u003c/code\u003e\u003c/a\u003e v15.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/2b0525123245da5b1b9d1abedc636c5fd3ee1d07\"\u003e\u003ccode\u003e2b05251\u003c/code\u003e\u003c/a\u003e [backport] feat(next/image): add lru disk cache and `images.maximumDiskCacheS...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/f88cee9604f0ec8ab869a2f94ced984194277b9e\"\u003e\u003ccode\u003ef88cee9\u003c/code\u003e\u003c/a\u003e Backport: Fix(pages-router): restore Content-Length and ETag for /_next/data/...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/cfd5f533b08df3038476dcd54f1d6d660d85f069\"\u003e\u003ccode\u003ecfd5f53\u003c/code\u003e\u003c/a\u003e v15.5.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/15f28911fd272041707dbf6b7c07d62642593be8\"\u003e\u003ccode\u003e15f2891\u003c/code\u003e\u003c/a\u003e [backport]: fix: patch http-proxy to prevent request smuggling in rewrites (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d23f41c42506005fe6978e076a1ccbf8979e4925\"\u003e\u003ccode\u003ed23f41c\u003c/code\u003e\u003c/a\u003e v15.5.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/8e75765a6544dc0e6b20aefeade7d33190ffcb7c\"\u003e\u003ccode\u003e8e75765\u003c/code\u003e\u003c/a\u003e fix unlock in publish-native\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/6cef992286e3050aeca46e0d506dc5bad4368fd2\"\u003e\u003ccode\u003e6cef992\u003c/code\u003e\u003c/a\u003e [backport] normalize CRLF line endings in jscodeshift tests on Windows (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/8800\"\u003e#8800\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7a9464553ac72f5b3f3acf17174a61b7b8a210a5\"\u003e\u003ccode\u003e7a94645\u003c/code\u003e\u003c/a\u003e Apply needs for publishRelease\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/bbfd4e313d4bc9024ec340d9de419a0e4357f898\"\u003e\u003ccode\u003ebbfd4e3\u003c/code\u003e\u003c/a\u003e v15.5.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v15.3.3...v15.5.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.2 to 12.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2b03ccaf9fc397b6054d639cd5fbe97104d36221\"\u003e\u003ccode\u003e2b03cca\u003c/code\u003e\u003c/a\u003e 12.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d56203dc19a4af5c8f8177a3b67e63a14a246458\"\u003e\u003ccode\u003ed56203d\u003c/code\u003e\u003c/a\u003e prettier config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bb521e5d188a8cbbe86d5cef3bf57a49fdee7c59\"\u003e\u003ccode\u003ebb521e5\u003c/code\u003e\u003c/a\u003e Remove --shell option where unsafe to use\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2551fb51440d402fa2120457bf460e546ee9964d\"\u003e\u003ccode\u003e2551fb5\u003c/code\u003e\u003c/a\u003e 11.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146\"\u003e\u003ccode\u003e47473c0\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bc33fe1c6a47abd497703d79ad96036e7891ff62\"\u003e\u003ccode\u003ebc33fe1\u003c/code\u003e\u003c/a\u003e skip tilde test on systems that lack tilde expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/59bf9ca211bda5636c4fe9e32d41530c90a4f30d\"\u003e\u003ccode\u003e59bf9ca\u003c/code\u003e\u003c/a\u003e fix notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/dde4fa66c87e24b37bb5be28ed10c6e12019edac\"\u003e\u003ccode\u003edde4fa6\u003c/code\u003e\u003c/a\u003e docs(README): add #anchor and improve \u003ccode\u003enote\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/0559b0ed13c0f8147cd2ac9d48bb49684caaf20e\"\u003e\u003ccode\u003e0559b0e\u003c/code\u003e\u003c/a\u003e docs: add better links to path-scurry docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c9773c249b4b9ed6b2447222c226f9d20c6ce916\"\u003e\u003ccode\u003ec9773c2\u003c/code\u003e\u003c/a\u003e fix: correct typos in \u003ccode\u003eREADME.md\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v11.0.2...v12.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `validator` from 13.15.15 to 13.15.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/releases\"\u003evalidator's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e13.15.22\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003evalidatorjs/validator.js#2622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e-- made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003evalidatorjs/validator.js#2616\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e13.15.20\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003evalidatorjs/validator.js#2563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003evalidatorjs/validator.js#2556\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003evalidatorjs/validator.js#2576\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003evalidatorjs/validator.js#2574\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003evalidatorjs/validator.js#2584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003evalidatorjs/validator.js#2581\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003evalidatorjs/validator.js#2608\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md\"\u003evalidator's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e13.15.22\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e13.15.20\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2b5c17dbe03f2ca9ad9122c597f81e86ce1a9a1\"\u003e\u003ccode\u003ef2b5c17\u003c/code\u003e\u003c/a\u003e maintenance: 2511 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2627\"\u003e#2627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/d457ecaf55b0f3d8bd379d82757425d0d13dd382\"\u003e\u003ccode\u003ed457eca\u003c/code\u003e\u003c/a\u003e fix(isLength): correctly handle Unicode variation selectors (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2616\"\u003e#2616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2e3633f22fd3016656789d100bc451d857e7488\"\u003e\u003ccode\u003ef2e3633\u003c/code\u003e\u003c/a\u003e docs: add install instructions to contibution guide (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2621\"\u003e#2621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cf401458b8733d981a3724d634c795a9d612b516\"\u003e\u003ccode\u003ecf40145\u003c/code\u003e\u003c/a\u003e fix: URL validation for hostnames with ports (no protocol) (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2622\"\u003e#2622\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/4af61243ba0ae93f29e7689040e188b5849ff1b0\"\u003e\u003ccode\u003e4af6124\u003c/code\u003e\u003c/a\u003e maintenance: 2510 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2585\"\u003e#2585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/30d4fe02c16d36ed471f12da658c4b5d843781e0\"\u003e\u003ccode\u003e30d4fe0\u003c/code\u003e\u003c/a\u003e 13.15.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cbef5088f02d36caf978f378bb845fe49bdc0809\"\u003e\u003ccode\u003ecbef508\u003c/code\u003e\u003c/a\u003e fix(isURL): improve protocol detection. Resolves CVE-2025-56200 (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2608\"\u003e#2608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/6f436be36945e460ee624bf72a935a06daded859\"\u003e\u003ccode\u003e6f436be\u003c/code\u003e\u003c/a\u003e Fix typo in validators.test.js (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2581\"\u003e#2581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/3c857088d58197453957a2b924dfedea328003b6\"\u003e\u003ccode\u003e3c85708\u003c/code\u003e\u003c/a\u003e Fix: correct French VAT (FR) validation regex and add tests (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2584\"\u003e#2584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/eee525cd117d24ac905b9432f3f5a27e96aa9719\"\u003e\u003ccode\u003eeee525c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2491\"\u003e#2491\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2573\"\u003e#2573\u003c/a\u003e Simplify isBase64 to prevent stack overflow (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2574\"\u003e#2574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~wikirik\"\u003ewikirik\u003c/a\u003e, a new releaser for validator since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.12.1 to 1.28.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e\u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.28.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: use scopes_supported from resource metadata by default (fixes \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/580\"\u003e#580\u003c/a\u003e) by \u003ca href=\"https://github.com/antogyn\"\u003e\u003ccode\u003e@​antogyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/757\"\u003emodelcontextprotocol/typescript-sdk#757\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x backport] Default to client_secret_basic when server omits token_endpoint_auth_methods_supported by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1611\"\u003emodelcontextprotocol/typescript-sdk#1611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: reject plain JSON Schema objects passed as inputSchema by \u003ca href=\"https://github.com/tiluckdave\"\u003e\u003ccode\u003e@​tiluckdave\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1596\"\u003emodelcontextprotocol/typescript-sdk#1596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: clear _timeoutInfo in _onclose() and scope .finally() abort controller cleanup by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1462\"\u003emodelcontextprotocol/typescript-sdk#1462\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server/auth): RFC 8252 loopback port relaxation by \u003ca href=\"https://github.com/poteat\"\u003e\u003ccode\u003e@​poteat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1738\"\u003emodelcontextprotocol/typescript-sdk#1738\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.28.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1746\"\u003emodelcontextprotocol/typescript-sdk#1746\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/antogyn\"\u003e\u003ccode\u003e@​antogyn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/757\"\u003emodelcontextprotocol/typescript-sdk#757\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tiluckdave\"\u003e\u003ccode\u003e@​tiluckdave\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1596\"\u003emodelcontextprotocol/typescript-sdk#1596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/poteat\"\u003e\u003ccode\u003e@​poteat\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1738\"\u003emodelcontextprotocol/typescript-sdk#1738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.1...v1.28.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.1...v1.28.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: implement auth/pre-registration conformance scenario by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1545\"\u003emodelcontextprotocol/typescript-sdk#1545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add governance documentation for SEP-1730 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1547\"\u003emodelcontextprotocol/typescript-sdk#1547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: comprehensive feature documentation for SEP-1730 Tier 1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1548\"\u003emodelcontextprotocol/typescript-sdk#1548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent command injection in example URL opening (v1.x backport) by \u003ca href=\"https://github.com/maxisbey\"\u003e\u003ccode\u003e@​maxisbey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1579\"\u003emodelcontextprotocol/typescript-sdk#1579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: call onerror for silently swallowed transport errors by \u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.27.1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1581\"\u003emodelcontextprotocol/typescript-sdk#1581\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add conformance test infrastructure for v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1518\"\u003emodelcontextprotocol/typescript-sdk#1518\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: backport discoverOAuthServerInfo() and discovery caching to v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1533\"\u003emodelcontextprotocol/typescript-sdk#1533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add url property to RequestInfo interface by \u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] feat(tasks): add streaming methods for elicitation and sampling by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1528\"\u003emodelcontextprotocol/typescript-sdk#1528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version for v1.27.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1541\"\u003emodelcontextprotocol/typescript-sdk#1541\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.26.0\u003c/h2\u003e\n\u003cp\u003eAddresses \u0026quot;Sharing server/transport instances can leak cross-client response data\u0026quot; in this GHSA \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump v1.25.3 for backport fixes by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1412\"\u003emodelcontextprotocol/typescript-sdk#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by \u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/a0565695218544fc53e99bf5b544a887d373cefa\"\u003e\u003ccode\u003ea056569\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.28.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1746\"\u003e#1746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/897bc25bfe7beb782dbe31e466c8d161224cfed7\"\u003e\u003ccode\u003e897bc25\u003c/code\u003e\u003c/a\u003e fix(server/auth): RFC 8252 loopback port relaxation (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1738\"\u003e#1738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/398dc70f64a8bf42cc1da2ce2d2479bbde933fc3\"\u003e\u003ccode\u003e398dc70\u003c/code\u003e\u003c/a\u003e fix: clear _timeoutInfo in _onclose() and scope .finally() abort controller c...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/93640d33ab2725c8fe2cfad240f38f27a624194e\"\u003e\u003ccode\u003e93640d3\u003c/code\u003e\u003c/a\u003e fix: reject plain JSON Schema objects passed as inputSchema (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1596\"\u003e#1596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4cbcec0edb96332d87ed42c1910dca92cca507de\"\u003e\u003ccode\u003e4cbcec0\u003c/code\u003e\u003c/a\u003e [v1.x backport] Default to client_secret_basic when server omits token_endpoi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/c9b58d19861b3917f23f5cda395c71f8239b8b33\"\u003e\u003ccode\u003ec9b58d1\u003c/code\u003e\u003c/a\u003e feat: use scopes_supported from resource metadata by default (fixes \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/580\"\u003e#580\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/757\"\u003e#757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/351e1246fc88c6bb97e909be9190a68c6e05bf1a\"\u003e\u003ccode\u003e351e124\u003c/code\u003e\u003c/a\u003e docs: add links to hosted V1 and V2 API reference docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4faa8c899c069a98f8a0c3f804ec1a50dc2bae64\"\u003e\u003ccode\u003e4faa8c8\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.27.1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1581\"\u003e#1581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/09a85a80439f0ca9e5556ac20bdec41461e35234\"\u003e\u003ccode\u003e09a85a8\u003c/code\u003e\u003c/a\u003e fix: call onerror for silently swallowed transport errors (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1580\"\u003e#1580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/e79d14ab6d8fbcb49543cab3917a60a89d0a6df9\"\u003e\u003ccode\u003ee79d14a\u003c/code\u003e\u003c/a\u003e fix: prevent command injection in example URL opening (v1.x backport) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1579\"\u003e#1579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.12.1...v1.28.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~pcarleton\"\u003epcarleton\u003c/a\u003e, a new releaser for \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5d41e45073ed1a8a3b5e5a1bbfcd131e61295bf8\"\u003e\u003ccode\u003e5d41e45\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/49c2e73ed1cae4962ae38b33ab93a3548c2f5622\"\u003e\u003ccode\u003e49c2e73\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/2a2a0e6514357b9eda07c2f8afbd3f04727a7cd9\"\u003e\u003ccode\u003e2a2a0e6\u003c/code\u003e\u003c/a\u003e Skip invalid filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/65c90d949c0f8a9709759dff9e76bbe07061812b\"\u003e\u003ccode\u003e65c90d9\u003c/code\u003e\u003c/a\u003e Fix permissions for workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/593cb7831bec60d5590acc3eeb2e553f4a431167\"\u003e\u003ccode\u003e593cb78\u003c/code\u003e\u003c/a\u003e Set permissions for workflow jobs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/36adf110beabc9acdcad122149a2ea795a2b1a6c\"\u003e\u003ccode\u003e36adf11\u003c/code\u003e\u003c/a\u003e Remove deprecated CodeQL check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9da4af0e1f82fe372bedc1b7820f55c6eaf012e5\"\u003e\u003ccode\u003e9da4af0\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/699303975bea182b966f9f34a1ecbbebe92afcef\"\u003e\u003ccode\u003e6993039\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0b8f7560e11af817d70ff17f986b334ba2e99b81\"\u003e\u003ccode\u003e0b8f756\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/67a53f21623e4047d28d7a6f98f539f1adc9d1d0\"\u003e\u003ccode\u003e67a53f2\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.2 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.2...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 2.2.0 to 2.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README links by \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: release notes for the v1.20.4 release by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/674\"\u003eexpressjs/body-parser#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update URL-encoded parser description to include ISO-8859-1 encoding support by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/679\"\u003eexpressjs/body-parser#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use standard jsdoc tags everywhere by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/677\"\u003eexpressjs/body-parser#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/689\"\u003eexpressjs/body-parser#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/693\"\u003eexpressjs/body-parser#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.2.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/691\"\u003eexpressjs/body-parser#691\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\"\u003ehttps://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-13466\"\u003eCVE-2025-13466\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/593\"\u003eexpressjs/body-parser#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/594\"\u003eexpressjs/body-parser#594\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: type-is@^2.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/599\"\u003eexpressjs/body-parser#599\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/609\"\u003eexpressjs/body-parser#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/610\"\u003eexpressjs/body-parser#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/611\"\u003eexpressjs/body-parser#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/613\"\u003eexpressjs/body-parser#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/612\"\u003eexpressjs/body-parser#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add codeql github workflows scanning by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/614\"\u003eexpressjs/body-parser#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update CodeQL config to ignore the test directory by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/615\"\u003eexpressjs/body-parser#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/620\"\u003eexpressjs/body-parser#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/619\"\u003eexpressjs/body-parser#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): unpin devDependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/616\"\u003eexpressjs/body-parser#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/621\"\u003eexpressjs/body-parser#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/623\"\u003eexpressjs/body-parser#623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/624\"\u003eexpressjs/body-parser#624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/617\"\u003eexpressjs/body-parser#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/625\"\u003eexpressjs/body-parser#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/630\"\u003eexpressjs/body-parser#630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: move common request validation to read function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/600\"\u003eexpressjs/body-parser#600\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump iconv-lite by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/631\"\u003eexpressjs/body-parser#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: pull beta changelog forward into 2.0.0 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/629\"\u003eexpressjs/body-parser#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: optimize raw and text parsers with shared passthrough function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/634\"\u003eexpressjs/body-parser#634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/640\"\u003eexpressjs/body-parser#640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/639\"\u003eexpressjs/body-parser#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/636\"\u003eexpressjs/body-parser#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/637\"\u003eexpressjs/body-parser#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/638\"\u003eexpressjs/body-parser#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: raw-body@^3.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/641\"\u003eexpressjs/body-parser#641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.2.2 / 2026-01-07\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@^6.14.1\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.1 / 2025-11-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.1\u003c/li\u003e\n\u003cli\u003eiconv-lite@^0.7.0\n\u003cul\u003e\n\u003cli\u003eHandle split surrogate pairs when encoding UTF-8\u003c/li\u003e\n\u003cli\u003eAvoid false positives in \u003ccode\u003eencodingExists\u003c/code\u003e by using prototype-less objects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eraw-body@^3.0.1\u003c/li\u003e\n\u003cli\u003edebug@^4.4.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/3d248660b2e8b66732b232d7c758517fbf2420a6\"\u003e\u003ccode\u003e3d24866\u003c/code\u003e\u003c/a\u003e 2.2.2 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/8474a984c3ba36a1b4328ce019833b99caa0f08f\"\u003e\u003ccode\u003e8474a98\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/693\"\u003e#693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/03f17c2538552a57e6be537afca8c7587bd40aaa\"\u003e\u003ccode\u003e03f17c2\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/689\"\u003e#689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ea1f25e503c1b2f7ba6f8562724ae0fcd247fb75\"\u003e\u003ccode\u003eea1f25e\u003c/code\u003e\u003c/a\u003e docs: use standard jsdoc tags everywhere (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d7deef8ec61307fa28c22bc443cf8ed2f267945a\"\u003e\u003ccode\u003ed7deef8\u003c/code\u003e\u003c/a\u003e docs: update URL-encoded parser description to include ISO-8859-1 encoding su...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b6f52aabc65137c5227c8a462bddb761daeb96e7\"\u003e\u003ccode\u003eb6f52aa\u003c/code\u003e\u003c/a\u003e docs: release notes for the v1.20.4 release (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2965ca4af4883109cb2f651f4ce12da310902a0c\"\u003e\u003ccode\u003e2965ca4\u003c/code\u003e\u003c/a\u003e docs: update links (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d96b63da8d7445de317736471633bac83ec76cbb\"\u003e\u003ccode\u003ed96b63d\u003c/code\u003e\u003c/a\u003e 2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/659\"\u003e#659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63\"\u003e\u003ccode\u003eb204886\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2025-13466\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/e20e3512e085c1162e8ffe36ac65c705a8017251\"\u003e\u003ccode\u003ee20e351\u003c/code\u003e\u003c/a\u003e feat: remove \u003ccode\u003ehistory.md\u003c/code\u003e from being packaged on publish (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.0...v2.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 4.0.2 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 4.0.2 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev4.0.3 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5\"\u003e\u003ccode\u003ef06f3e4\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75\"\u003e\u003ccode\u003e0179a48\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683\"\u003e\u003ccode\u003e4568cae\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a\"\u003e\u003ccode\u003e4de0ffa\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~explodingcabbage\"\u003eexplodingcabbage\u003c/a\u003e, a new releaser for diff since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `immutable` from 5.1.2 to 4.3.8\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md\"\u003eimmutable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e,\nand this project adheres to \u003ca href=\"https://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\nDates are formatted as YYYY-MM-DD.\u003c/p\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003ch2\u003e5.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate some files to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2125\"\u003eimmutable-js/immutable-js#2125\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIterator.ts\u003c/li\u003e\n\u003cli\u003ePairSorting.ts\u003c/li\u003e\n\u003cli\u003etoJS.ts\u003c/li\u003e\n\u003cli\u003eMath.ts\u003c/li\u003e\n\u003cli\u003eHash.ts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eExtract CollectionHelperMethods and convert to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2131\"\u003eimmutable-js/immutable-js#2131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse npm \u003ca href=\"https://docs.npmjs.com/trusted-publishers\"\u003etrusted publishing only\u003c/a\u003e to avoid token stealing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/a11y issues by \u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDoc add Map.get signature update by \u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(doc):minor-issues#2132 by \u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix algolia search by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2135\"\u003eimmutable-js/immutable-js#2135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTypo in OrderedMap by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2144\"\u003eimmutable-js/immutable-js#2144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: Sort all imports and activate eslint import rule by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2119\"\u003eimmutable-js/immutable-js#2119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.3\u003c/h2\u003e\n\u003ch3\u003eTypeScript\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: allow readonly map entry constructor by \u003ca href=\"https://github.com/septs\"\u003e\u003ccode\u003e@​septs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2123\"\u003eimmutable-js/immutable-js#2123\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cp\u003eThere has been a huge amount of changes in the documentation, mainly migrate from an autogenerated documentation from .d.ts file, to a proper documentation in markdown.\nThe playground has been included on nearly all method examples.\nWe added a page about browser extensions too: \u003ca href=\"https://immutable-js.com/browser-extension/\"\u003ehttps://immutable-js.com/browser-extension/\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/485cbe0edf3ca7bb4b9c4a80ac55ba937a291da0\"\u003e\u003ccode\u003e485cbe0\u003c/code\u003e\u003c/a\u003e 4.3.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/6ed4eb626906df788b08019061b292b90bc718cb\"\u003e\u003ccode\u003e6ed4eb6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/94bcd3c79972db4afffd8d1e5aab415880098b05\"\u003e\u003ccode\u003e94bcd3c\u003c/code\u003e\u003c/a\u003e fix new proto key injection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/faeb58b0cc71ed351dc51f672a95ae21bc859ef5\"\u003e\u003ccode\u003efaeb58b\u003c/code\u003e\u003c/a\u003e fix Prototype Pollution in mergeDeep, toJS, etc.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/37ca4170060827e5f4eaa1969d1b61e5dc5eb11d\"\u003e\u003ccode\u003e37ca417\u003c/code\u003e\u003c/a\u003e release 4.3.7 (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/2007\"\u003e#2007\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/23daf26b51ecc2805dcd9ac8534ce523397f9b62\"\u003e\u003ccode\u003e23daf26\u003c/code\u003e\u003c/a\u003e Fix issue with slice negative of filtered sequence (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/2006\"\u003e#2006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/493afba6ec17d9c999dc5a15ac80c71c6bdba1c3\"\u003e\u003ccode\u003e493afba\u003c/code\u003e\u003c/a\u003e release 4.3.6 (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/1997\"\u003e#1997\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/be3cb9a7ae9a29f82c9d0c595f5f3cb957d7006c\"\u003e\u003ccode\u003ebe3cb9a\u003c/code\u003e\u003c/a\u003e Fix Repeat(\u0026lt;value\u0026gt;).equals(undefined) incorrectly returning true (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/1994\"\u003e#1994\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/d7664bf9d3539da8ea095f2ed08bbe1cd0d46071\"\u003e\u003ccode\u003ed7664bf\u003c/code\u003e\u003c/a\u003e generate sitemap in path that will be deployed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/f8327b1db0bb131df8a830cf14642f6ad07ca466\"\u003e\u003ccode\u003ef8327b1\u003c/code\u003e\u003c/a\u003e upgrade next sitemap (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/1978\"\u003e#1978\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/immutable-js/immutable-js/compare/v5.1.2...v4.3.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for immutable since your current ve...\n\n_Description has been truncated_\n\n---\n\n🔄 This PR updates 24 npm dependencies across multiple packages in the monorepo, including major updates to Next.js (15.3.3 → 15.5.14), AI SDK (5.0.28 → 5.0.52), and lodash (4.17.21 → 4.17.23), along with security patches for several packages.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Framework Updates**: Next.js updated from 15.3.3 to 15.5.14, bringing bug fixes and security improvements including CVE-2026-29057 patch\n- **AI SDK Enhancement**: Updated from 5.0.28 to 5.0.52 across multiple packages, likely including new features and bug fixes\n- **Security Patches**: Multiple packages received security updates including validator.js (CVE-2025-56200), basic-ftp (CVE-2026-27699), and body-parser (CVE-2025-13466)\n- **Utility Library Updates**: Lodash updated to 4.17.23 across 15 packages, glob updated to 12.0.0 with breaking changes\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 24 Updates]\n    B --\u003e C[Security Patches]\n    B --\u003e D[Feature Updates]\n    B --\u003e E[Bug Fixes]\n    \n    C --\u003e F[validator.js CVE-2025-56200]\n    C --\u003e G[basic-ftp CVE-2026-27699]\n    C --\u003e H[body-parser CVE-2025-13466]\n    \n    D --\u003e I[Next.js 15.5.14]\n    D --\u003e J[AI SDK 5.0.52]\n    D --\u003e K[glob 12.0.0]\n    \n    E --\u003e L[lodash 4.17.23]\n    E --\u003e M[Various Minor Updates]\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple CVEs and security vulnerabilities across the dependency tree\n- **Framework Stability**: Next.js updates include important bug fixes for Pages Router and image optimization features\n- **Breaking Changes**: glob 12.0.0 removes unsafe shell options and CLI functionality, requiring attention during deployment\n- **Maintenance**: Keeps dependencies current with latest patches and improvements, reducing technical debt\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/plate/pull/20","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Fplate/issues/20","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/20/packages"},{"uuid":"4140546235","node_id":"PR_kwDOOv1_fM7Nk3bl","number":8,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 3 directories with 10 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-02T10:49:06.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-26T04:43:04.000Z","updated_at":"2026-04-02T10:49:08.000Z","time_to_close":626762,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":10,"packages":[{"name":"webpack","old_version":"5.99.9","new_version":"5.104.1","repository_url":"https://github.com/webpack/webpack"},{"name":"zx","old_version":"8.5.4","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"glob","old_version":"11.0.2","new_version":"11.1.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23"},{"name":"axios","old_version":"1.9.0","new_version":"1.13.6"},{"name":"mermaid","old_version":"11.6.0","new_version":"11.13.0"},{"name":"dompurify","old_version":"3.2.4","new_version":"3.3.3"},{"name":"immutable","old_version":"4.3.7","new_version":"5.1.5"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 2 updates in the / directory: [webpack](https://github.com/webpack/webpack) and [zx](https://github.com/google/zx).\nBumps the npm_and_yarn group with 2 updates in the /packages/rspack-test-tools directory: [webpack](https://github.com/webpack/webpack) and [glob](https://github.com/isaacs/node-glob).\nBumps the npm_and_yarn group with 2 updates in the /scripts directory: [zx](https://github.com/google/zx) and [glob](https://github.com/isaacs/node-glob).\n\nUpdates `webpack` from 5.99.9 to 5.104.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/releases\"\u003ewebpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.104.1\u003c/h2\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.104.0\u003c/h2\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.103.0\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eDotenvPlugin\u003c/code\u003e and top level \u003ccode\u003edotenv\u003c/code\u003e option to enable this plugin\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eWebpackManifestPlugin\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded support the \u003ccode\u003eignoreList\u003c/code\u003e option in devtool plugins\u003c/li\u003e\n\u003cli\u003eAllow to use custom javascript parse function\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/blob/main/CHANGELOG.md\"\u003ewebpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/24e3c2d2c9f8c6d60810302b2ea70ed86e2863dc\"\u003e\u003ccode\u003e24e3c2d\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20253\"\u003e#20253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/2efd21b0b06baa9b1a7f009b336379dcef24c1a5\"\u003e\u003ccode\u003e2efd21b\u003c/code\u003e\u003c/a\u003e fix(re-exports): reexports runtime calculation should not accessing `__WEBPAC...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/c5100702335a9cdcb75558ccd80def2329bd4abf\"\u003e\u003ccode\u003ec510070\u003c/code\u003e\u003c/a\u003e fix(security): userinfo bypass vulnerability in HttpUriPlugin allowedUris\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/4b0501c69700963bad1285b56f9cfa74704cb963\"\u003e\u003ccode\u003e4b0501c\u003c/code\u003e\u003c/a\u003e ci: fix release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20252\"\u003e#20252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/0c213cecf2906bc41102c3a4cfdd1ad3522d0171\"\u003e\u003ccode\u003e0c213ce\u003c/code\u003e\u003c/a\u003e ci: use \u003ccode\u003e\\\u0026lt;@\u0026amp;1450591255485743204\u0026gt;\u003c/code\u003e over \u003ccode\u003e@here\u003c/code\u003e for discord notificationw\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/5bf8bc51bcfb49d25b73aae450b246cd8b8b423a\"\u003e\u003ccode\u003e5bf8bc5\u003c/code\u003e\u003c/a\u003e refactor: types for benchmarks and tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/505a5e744fbcf4471ddb534bf1d4aebea9643c1b\"\u003e\u003ccode\u003e505a5e7\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20188\"\u003e#20188\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/0c066808d59e4f9406e11bab4ffa2e0feacbd0e2\"\u003e\u003ccode\u003e0c06680\u003c/code\u003e\u003c/a\u003e refactor: update eslint configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/2eb0d6a410513960bd7d65bf15baf15704a612eb\"\u003e\u003ccode\u003e2eb0d6a\u003c/code\u003e\u003c/a\u003e ci: release announcement (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20238\"\u003e#20238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/b2b24590a08755b706d2009ca97a226addf9e83b\"\u003e\u003ccode\u003eb2b2459\u003c/code\u003e\u003c/a\u003e ci: cancel in progress (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20239\"\u003e#20239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpack/webpack/compare/v5.99.9...v5.104.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 8.5.4 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.5.4...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.2 to 11.1.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2b03ccaf9fc397b6054d639cd5fbe97104d36221\"\u003e\u003ccode\u003e2b03cca\u003c/code\u003e\u003c/a\u003e 12.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d56203dc19a4af5c8f8177a3b67e63a14a246458\"\u003e\u003ccode\u003ed56203d\u003c/code\u003e\u003c/a\u003e prettier config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bb521e5d188a8cbbe86d5cef3bf57a49fdee7c59\"\u003e\u003ccode\u003ebb521e5\u003c/code\u003e\u003c/a\u003e Remove --shell option where unsafe to use\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2551fb51440d402fa2120457bf460e546ee9964d\"\u003e\u003ccode\u003e2551fb5\u003c/code\u003e\u003c/a\u003e 11.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146\"\u003e\u003ccode\u003e47473c0\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bc33fe1c6a47abd497703d79ad96036e7891ff62\"\u003e\u003ccode\u003ebc33fe1\u003c/code\u003e\u003c/a\u003e skip tilde test on systems that lack tilde expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/59bf9ca211bda5636c4fe9e32d41530c90a4f30d\"\u003e\u003ccode\u003e59bf9ca\u003c/code\u003e\u003c/a\u003e fix notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/dde4fa66c87e24b37bb5be28ed10c6e12019edac\"\u003e\u003ccode\u003edde4fa6\u003c/code\u003e\u003c/a\u003e docs(README): add #anchor and improve \u003ccode\u003enote\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/0559b0ed13c0f8147cd2ac9d48bb49684caaf20e\"\u003e\u003ccode\u003e0559b0e\u003c/code\u003e\u003c/a\u003e docs: add better links to path-scurry docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c9773c249b4b9ed6b2447222c226f9d20c6ce916\"\u003e\u003ccode\u003ec9773c2\u003c/code\u003e\u003c/a\u003e fix: correct typos in \u003ccode\u003eREADME.md\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v11.0.2...v12.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.9.0 to 1.13.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.13.6\u003c/h2\u003e\n\u003cp\u003eThis release focuses on platform compatibility, error handling improvements, and code quality maintenance.\u003c/p\u003e\n\u003ch2\u003e⚠️ Important Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBreaking Changes:\u003c/strong\u003e None identified in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAction Required:\u003c/strong\u003e Users targeting React Native should verify their integration, particularly if relying on specific Blob or FormData behaviours, as improvements have been made to support these objects.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native Blob Support:\u003c/strong\u003e Axios now includes support for React Native Blob objects. Thanks to \u003ca href=\"https://github.com/moh3n9595\"\u003e\u003ccode\u003e@​moh3n9595\u003c/code\u003e\u003c/a\u003e for the initial implementation. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/5764\"\u003e#5764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCode Quality:\u003c/strong\u003e Implemented prettier across the codebase and resolved associated formatting issues. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7385\"\u003e#7385\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eEnvironment Compatibility:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed module exports for React Native and Browserify environments. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7386\"\u003e#7386\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded safe FormData detection for the WeChat Mini Program environment. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7324\"\u003e#7324\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAxiosError.message is now correctly enumerable. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7392\"\u003e#7392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAxiosError.from now correctly copies the status property from the source error, ensuring better error propagation. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7403\"\u003e#7403\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Updated the development_dependencies group (5 updates). (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7432\"\u003e#7432\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eInfrastructure:\u003c/strong\u003e Migrated \u003ccode\u003e@​rollup/plugin-babel\u003c/code\u003e from v5.3.1 to v6.1.0. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7424\"\u003e#7424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Added missing JSDoc comments to utilities. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7427\"\u003e#7427\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors! Thank you for helping improve the project:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Gudahtt\"\u003e\u003ccode\u003e@​Gudahtt\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7386\"\u003e#7386\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ybbus\"\u003e\u003ccode\u003e@​ybbus\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7392\"\u003e#7392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Shiwaangee\"\u003e\u003ccode\u003e@​Shiwaangee\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7324\"\u003e#7324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/skrtheboss\"\u003e\u003ccode\u003e@​skrtheboss\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7403\"\u003e#7403\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Janaka66\"\u003e\u003ccode\u003e@​Janaka66\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7427\"\u003e#7427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moh3n9595\"\u003e\u003ccode\u003e@​moh3n9595\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/5764\"\u003e#5764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digital-wizard48\"\u003e\u003ccode\u003e@​digital-wizard48\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7424\"\u003e#7424\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cem\u003eFull Changelog: \u003ca href=\"https://github.com/axios/axios/compare/v1.13.5...v1.13.6\"\u003ev1.13.5...v1.13.6\u003c/a\u003e\u003c/em\u003e\u003c/p\u003e\n\u003ch2\u003ev1.13.5\u003c/h2\u003e\n\u003ch2\u003eRelease 1.13.5\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eSecurity:\u003c/strong\u003e Fixed a potential \u003cstrong\u003eDenial of Service\u003c/strong\u003e issue involving the \u003ccode\u003e__proto__\u003c/code\u003e key in \u003ccode\u003emergeConfig\u003c/code\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7369\"\u003e#7369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBug fix:\u003c/strong\u003e Resolved an issue where \u003ccode\u003eAxiosError\u003c/code\u003e could be missing the \u003ccode\u003estatus\u003c/code\u003e field on and after \u003cstrong\u003ev1.13.3\u003c/strong\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7368\"\u003e#7368\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003ch4\u003eSecurity\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix Denial of Service via \u003ccode\u003e__proto__\u003c/code\u003e key in \u003ccode\u003emergeConfig\u003c/code\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7369\"\u003e#7369\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.13.2...v1.13.3\"\u003e1.13.3\u003c/a\u003e (2026-01-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ehttp2:\u003c/strong\u003e Use port 443 for HTTPS connections by default. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7256\"\u003e#7256\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d7e60653460480ffacecf85383012ca1baa6263e\"\u003ed7e6065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003einterceptor:\u003c/strong\u003e handle the error in the same interceptor (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6269\"\u003e#6269\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/5945e40bb171d4ac4fc195df276cf952244f0f89\"\u003e5945e40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emain field in package.json should correspond to cjs artifacts (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5756\"\u003e#5756\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7373fbff24cd92ce650d99ff6f7fe08c2e2a0a04\"\u003e7373fbf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epackage.json:\u003c/strong\u003e add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5754\"\u003e#5754\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/b89217e3e91de17a3d55e2b8f39ceb0e9d8aeda8\"\u003eb89217e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esilentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7257\"\u003e#7257\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7d19335e43d6754a1a9a66e424f7f7da259895bf\"\u003e7d19335\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eturn AxiosError into a native error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5394\"\u003e#5394\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5558\"\u003e#5558\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/1c6a86dd2c0623ee1af043a8491dbc96d40e883b\"\u003e1c6a86d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e add handlers to AxiosInterceptorManager interface (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5551\"\u003e#5551\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/8d1271b49fc226ed7defd07cd577bd69a55bb13a\"\u003e8d1271b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e restore AxiosError.cause type from unknown to Error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7327\"\u003e#7327\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d8233d9e8e9a64bfba9bbe01d475ba417510b82b\"\u003ed8233d9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eunclear error message is thrown when specifying an empty proxy authorization (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6314\"\u003e#6314\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/6ef867e684adf7fb2343e3b29a79078a3c76dc29\"\u003e6ef867e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eundefined\u003c/code\u003e as a value in AxiosRequestConfig (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5560\"\u003e#5560\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/095033c626895ecdcda2288050b63dcf948db3bd\"\u003e095033c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd automatic minor and patch upgrades to dependabot (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6053\"\u003e#6053\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/65a7584eda6164980ddb8cf5372f0afa2a04c1ed\"\u003e65a7584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd Node.js coverage script using c8 (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/7289\"\u003e#7289\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7294\"\u003e#7294\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/ec9d94e9f88da13e9219acadf65061fb38ce080a\"\u003eec9d94e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded copilot instructions (\u003ca href=\"https://github.com/axios/axios/commit/3f83143bfe617eec17f9d7dcf8bafafeeae74c26\"\u003e3f83143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with frozen prototypes (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6265\"\u003e#6265\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/860e03396a536e9b926dacb6570732489c9d7012\"\u003e860e033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenhance pipeFileToResponse with error handling (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7169\"\u003e#7169\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/88d78842541610692a04282233933d078a8a2552\"\u003e88d7884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Intellisense for string literals in a widened union (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6134\"\u003e#6134\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/f73474d02c5aa957b2daeecee65508557fd3c6e5\"\u003ef73474d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com//redirect.github.com/microsoft/TypeScript/issues/33471/issues/issuecomment-1376364329\"\u003emicrosoft/TypeScript#33471\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eReverts\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRevert \u0026quot;fix: silentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7\"\u003e#7\u003c/a\u003e…\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7298\"\u003e#7298\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/a4230f5581b3f58b6ff531b6dbac377a4fd7942a\"\u003ea4230f5\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e \u003ca href=\"https://redirect.github.com/axios/axios/issues/7\"\u003e#7\u003c/a\u003e \u003ca href=\"https://redirect.github.com/axios/axios/issues/7298\"\u003e#7298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7334\"\u003e#7334\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/2d6ad5e48bd29b0b2b5e7e95fb473df98301543a\"\u003e2d6ad5e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/ashvin2005\" title=\"+1752/-4 ([#7218](https://github.com/axios/axios/issues/7218) [#7218](https://github.com/axios/axios/issues/7218) )\"\u003eAshvin Tiwari\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/mochinikunj\" title=\"+940/-12 ([#7294](https://github.com/axios/axios/issues/7294) [#7294](https://github.com/axios/axios/issues/7294) )\"\u003eNikunj Mochi\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/imanchalsingh\" title=\"+544/-102 ([#7169](https://github.com/axios/axios/issues/7169) [#7185](https://github.com/axios/axios/issues/7185) )\"\u003eAnchal Singh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/jasonsaayman\" title=\"+317/-73 ([#7334](https://github.com/axios/axios/issues/7334) [#7298](https://github.com/axios/axios/issues/7298) )\"\u003ejasonsaayman\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/brodo\" title=\"+99/-120 ([#5558](https://github.com/axios/axios/issues/5558) )\"\u003eJulian Dax\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/AKASHDHARDUBEY\" title=\"+167/-0 ([#7287](https://github.com/axios/axios/issues/7287) [#7288](https://github.com/axios/axios/issues/7288) )\"\u003eAkash Dhar Dubey\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/madhumitaaa\" title=\"+20/-68 ([#7198](https://github.com/axios/axios/issues/7198) )\"\u003eMadhumita\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Tackoil\" title=\"+80/-2 ([#6269](https://github.com/axios/axios/issues/6269) )\"\u003eTackoil\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/justindhillon\" title=\"+41/-41 ([#6324](https://github.com/axios/axios/issues/6324) [#6315](https://github.com/axios/axios/issues/6315) )\"\u003eJustin Dhillon\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Rudrxxx\" title=\"+71/-2 ([#7257](https://github.com/axios/axios/issues/7257) )\"\u003eRudransh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/WuMingDao\" title=\"+36/-36 ([#7215](https://github.com/axios/axios/issues/7215) )\"\u003eWuMingDao\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/codenomnom\" title=\"+70/-0 ([#7201](https://github.com/axios/axios/issues/7201) [#7201](https://github.com/axios/axios/issues/7201) )\"\u003ecodenomnom\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Nandann018-ux\" title=\"+60/-10 ([#7272](https://github.com/axios/axios/issues/7272) )\"\u003eNandan Acharya\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/KernelDeimos\" title=\"+22/-40 ([#7042](https://github.com/axios/axios/issues/7042) )\"\u003eEric Dubé\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/tiborpilz\" title=\"+40/-4 ([#5551](https://github.com/axios/axios/issues/5551) )\"\u003eTibor Pilz\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/joaoGabriel55\" title=\"+31/-4 ([#6314](https://github.com/axios/axios/issues/6314) )\"\u003eGabriel Quaresma\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/turadg\" title=\"+23/-6 ([#6265](https://github.com/axios/axios/issues/6265) )\"\u003eTuradg Aleahmad\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/7108c8877f9dc05f7aba8beb2b9e522537f9a9a7\"\u003e\u003ccode\u003e7108c88\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.13.6 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7446\"\u003e#7446\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/20a0ba3c01174aa2ec441753fa1fe47f21d20491\"\u003e\u003ccode\u003e20a0ba3\u003c/code\u003e\u003c/a\u003e refactor(deps): migrate \u003ccode\u003e@​rollup/plugin-babel\u003c/code\u003e from v5.3.1 to v6.1.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7424\"\u003e#7424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/885b4af6f5dd6ab7977b207fdf61a7e89af69e69\"\u003e\u003ccode\u003e885b4af\u003c/code\u003e\u003c/a\u003e feat: support react native blob objects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5764\"\u003e#5764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/00d97b9730f3d83e865d0f3ee33cba6290ba20ed\"\u003e\u003ccode\u003e00d97b9\u003c/code\u003e\u003c/a\u003e docs(utils): add missing JSDoc comments (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7427\"\u003e#7427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9712548a49521580c8e692c367609b9f5e748d63\"\u003e\u003ccode\u003e9712548\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group across 1 directory w...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/d51accbea1faef6e3b74c7dfa636704a2332bfbb\"\u003e\u003ccode\u003ed51accb\u003c/code\u003e\u003c/a\u003e fix(core): copy status from source error in AxiosError.from (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7403\"\u003e#7403\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e30bbf1b33c8b6213c793eb0cf6b61b0edc72f1\"\u003e\u003ccode\u003e3e30bbf\u003c/code\u003e\u003c/a\u003e chore: fix publish to only run on v1 tags\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/672491db34b5575d2abb1c3f91382bc1f45ae7b7\"\u003e\u003ccode\u003e672491d\u003c/code\u003e\u003c/a\u003e fix: safe FormData detection for WeChat Mini Program (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7306\"\u003e#7306\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7324\"\u003e#7324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/822e3e40b4f9287b5a787f5d1dfb3ae7f8a0faa3\"\u003e\u003ccode\u003e822e3e4\u003c/code\u003e\u003c/a\u003e fix: make AxiosError.message property enumerable (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7392\"\u003e#7392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ef3711d1b3a3c1eb4f11dc43e8db38e9c5342448\"\u003e\u003ccode\u003eef3711d\u003c/code\u003e\u003c/a\u003e feat: implement prettier and fix all issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7385\"\u003e#7385\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.9.0...v1.13.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `mermaid` from 11.6.0 to 11.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mermaid-js/mermaid/releases\"\u003emermaid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003emermaid@11.13.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7352\"\u003e#7352\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/d6db0b039654f6e122c6098821bc75f2910915e3\"\u003e\u003ccode\u003ed6db0b0\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/remcohaszing\"\u003e\u003ccode\u003e@​remcohaszing\u003c/code\u003e\u003c/a\u003e! - feat: Export the \u003ccode\u003eAsyncIconLoader\u003c/code\u003e, \u003ccode\u003eSyncIconLoader\u003c/code\u003e, and \u003ccode\u003eIconLoader\u003c/code\u003e types.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/5932\"\u003e#5932\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/cdacb0b30171bd15223c008a56c09f7ece842940\"\u003e\u003ccode\u003ecdacb0b\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/exoego\"\u003e\u003ccode\u003e@​exoego\u003c/code\u003e\u003c/a\u003e! - feat: Add venn-beta diagram\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/6789\"\u003e#6789\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/73e9849f993cd766eecddf349e335a4473560f37\"\u003e\u003ccode\u003e73e9849\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/omkarht\"\u003e\u003ccode\u003e@​omkarht\u003c/code\u003e\u003c/a\u003e! - feat: Add half-arrowheads (solid \u0026amp; stick) and central connection support\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7387\"\u003e#7387\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/acce4db7a1bd8801666f1a9667a63e4010ec2020\"\u003e\u003ccode\u003eacce4db\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/exoego\"\u003e\u003ccode\u003e@​exoego\u003c/code\u003e\u003c/a\u003e! - feat: Add Ishikawa diagram (ishikawa-beta)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/6995\"\u003e#6995\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/9745f325cb9e1967640f0e85da193a2f820634f1\"\u003e\u003ccode\u003e9745f32\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/darshanr0107\"\u003e\u003ccode\u003e@​darshanr0107\u003c/code\u003e\u003c/a\u003e! - feat: Deprecate \u003ca href=\"https://mermaid.js.org/config/schema-docs/config-defs-flowchart-diagram-config.html#htmllabels\"\u003e\u003ccode\u003eflowchart.htmlLabels\u003c/code\u003e\u003c/a\u003e in favor of \u003ca href=\"https://mermaid.js.org/config/schema-docs/config.html#htmllabels\"\u003eroot-level \u003ccode\u003ehtmlLabels\u003c/code\u003e\u003c/a\u003e in Mermaid config\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/5814\"\u003e#5814\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/2dd29bee254a5b89c00eb0b0da1bcf7fe96ce46c\"\u003e\u003ccode\u003e2dd29be\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/kairi003\"\u003e\u003ccode\u003e@​kairi003\u003c/code\u003e\u003c/a\u003e! - feat: allow to put notes in namespaces on classDiagram\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7075\"\u003e#7075\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/96a766dcdbb7d6e3043344a2ee3f1b64ba7a62c3\"\u003e\u003ccode\u003e96a766d\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/darshanr0107\"\u003e\u003ccode\u003e@​darshanr0107\u003c/code\u003e\u003c/a\u003e! - fix: Prevent HTML tags from being escaped in sandbox label rendering\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/6843\"\u003e#6843\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/32723b2de13474d7d13e9292e6f801e9874936ab\"\u003e\u003ccode\u003e32723b2\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/saurabhg772244\"\u003e\u003ccode\u003e@​saurabhg772244\u003c/code\u003e\u003c/a\u003e! - fix: Support edge animation in hand drawn look\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7453\"\u003e#7453\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/a60e615bc31edeb1d623d096117812c0f721f2f8\"\u003e\u003ccode\u003ea60e615\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/darshanr0107\"\u003e\u003ccode\u003e@​darshanr0107\u003c/code\u003e\u003c/a\u003e! - fix: ER diagram edge label positioning\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/6989\"\u003e#6989\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/1a9d45abf0a991c40985021e8b523c32b46dd897\"\u003e\u003ccode\u003e1a9d45a\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/darshanr0107\"\u003e\u003ccode\u003e@​darshanr0107\u003c/code\u003e\u003c/a\u003e! - fix: Resolved parsing error where direction TD was not recognized within subgraphs\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7178\"\u003e#7178\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/96ca7c090f28eea458027e6871903d789575cfa1\"\u003e\u003ccode\u003e96ca7c0\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/omkarht\"\u003e\u003ccode\u003e@​omkarht\u003c/code\u003e\u003c/a\u003e! - fix(treemap): Fixed treemap classDef style application to properly apply user-defined styles\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7076\"\u003e#7076\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/60f633101cd2e55ee80ad2250ae57d4c970430e5\"\u003e\u003ccode\u003e60f6331\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/darshanr0107\"\u003e\u003ccode\u003e@​darshanr0107\u003c/code\u003e\u003c/a\u003e! - fix: Correct viewBox casing and make SVGs responsive\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7055\"\u003e#7055\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/fa15ce8502d2f1d72787998d9d944c5a98b992dd\"\u003e\u003ccode\u003efa15ce8\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/darshanr0107\"\u003e\u003ccode\u003e@​darshanr0107\u003c/code\u003e\u003c/a\u003e! - fix: Improve participant parsing and prevent recursive loops on invalid syntax\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7276\"\u003e#7276\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/33c7c7206400509537a28f15d0e817340c482cb4\"\u003e\u003ccode\u003e33c7c72\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/darshanr0107\"\u003e\u003ccode\u003e@​darshanr0107\u003c/code\u003e\u003c/a\u003e! - fix: respect \u003ccode\u003emarkdownAutoWrap: false\u003c/code\u003e to prevent text auto-wrapping in flowchart markdown labels with \u003ccode\u003ehtmlLabels\u003c/code\u003e enabled.\u003c/p\u003e\n\u003cp\u003eMarkdown labels with \u003ccode\u003emarkdownAutoWrap: false, htmlLabels: false\u003c/code\u003e set doesn't work\ncorrectly.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7416\"\u003e#7416\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/3c069b52859470dea89f45d5f859b1087b7e1fee\"\u003e\u003ccode\u003e3c069b5\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Crafter-Y\"\u003e\u003ccode\u003e@​Crafter-Y\u003c/code\u003e\u003c/a\u003e! - fix: architecture diagram lines should now have the correct length\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/6995\"\u003e#6995\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/9745f325cb9e1967640f0e85da193a2f820634f1\"\u003e\u003ccode\u003e9745f32\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/darshanr0107\"\u003e\u003ccode\u003e@​darshanr0107\u003c/code\u003e\u003c/a\u003e! - fix: Support the \u003ca href=\"https://mermaid.js.org/config/schema-docs/config.html#htmllabels\"\u003e\u003ccode\u003ehtmlLabels\u003c/code\u003e Mermaid config value\u003c/a\u003e whenever possible\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7293\"\u003e#7293\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/a408b5586fb57aac54da4606940779562078f91d\"\u003e\u003ccode\u003ea408b55\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/darshanr0107\"\u003e\u003ccode\u003e@​darshanr0107\u003c/code\u003e\u003c/a\u003e! - fix: Prevent browser hang when using multiline accDescr in XY charts\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/6119\"\u003e#6119\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/712c1ec1222a771b38cd3b8a5ddf9c2fc4e2cbcc\"\u003e\u003ccode\u003e712c1ec\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/NealGooch\"\u003e\u003ccode\u003e@​NealGooch\u003c/code\u003e\u003c/a\u003e! - fix: correct block positioning when nested blocks span multiple columns\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7424\"\u003e#7424\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/981a62e4ee6078d27a541db35df441734434d5c1\"\u003e\u003ccode\u003e981a62e\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/knsv\"\u003e\u003ccode\u003e@​knsv\u003c/code\u003e\u003c/a\u003e! - fix: correct BT orientation arc sweep flags in gitGraph drawArrow()\u003c/p\u003e\n\u003cp\u003eSwapped SVG arc sweep-flag values in the BT (bottom-to-top) orientation branches of \u003ccode\u003edrawArrow()\u003c/code\u003e so curves bend in the correct direction. Affects both rerouting and non-rerouting code paths for merge and non-merge arrows.\u003c/p\u003e\n\u003cp\u003eResolves \u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/issues/6593\"\u003e#6593\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/b1a5e9be56b58ae87e5341898c139c90bc35ed17\"\u003e\u003ccode\u003eb1a5e9b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/issues/7466\"\u003e#7466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/bdd7abdb177c38d0c77239d52cc6ca10344d89b2\"\u003e\u003ccode\u003ebdd7abd\u003c/code\u003e\u003c/a\u003e fix: use correct package name for elk\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/a900618c924616d89fad37d99795af7ebce5d478\"\u003e\u003ccode\u003ea900618\u003c/code\u003e\u003c/a\u003e dummy commit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/a60e615bc31edeb1d623d096117812c0f721f2f8\"\u003e\u003ccode\u003ea60e615\u003c/code\u003e\u003c/a\u003e Fix: ER diagram edge label positioning (\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/issues/7453\"\u003e#7453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/1d17c141417d4f90546b77dbebfe20f845d05b43\"\u003e\u003ccode\u003e1d17c14\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of \u003ca href=\"https://github.com/mermaid-js/mermaid\"\u003ehttps://github.com/mermaid-js/mermaid\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/500be12439bd2cd6a7dffdcc242f30f624543c38\"\u003e\u003ccode\u003e500be12\u003c/code\u003e\u003c/a\u003e chore: Update coupon\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/981fbb8bd8be584d443dbdc14c84a2718906421d\"\u003e\u003ccode\u003e981fbb8\u003c/code\u003e\u003c/a\u003e fix(gantt): restore readable outside-text for done tasks in dark mode (\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/issues/7456\"\u003e#7456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/0d5e35aed42eb9e0ae659c2d54795a0aafd832b7\"\u003e\u003ccode\u003e0d5e35a\u003c/code\u003e\u003c/a\u003e fix(elk): scope rounded edge curve to ELK layout only (\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/issues/7454\"\u003e#7454\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/de20da7be90faf54d472e225d3f53fcd11b665b6\"\u003e\u003ccode\u003ede20da7\u003c/code\u003e\u003c/a\u003e fix: plausible build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/fcdd95b61fa4e5c667fc6109b2489f5a5e7affc1\"\u003e\u003ccode\u003efcdd95b\u003c/code\u003e\u003c/a\u003e chore: Update plausible\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mermaid-js/mermaid/compare/mermaid@11.6.0...mermaid@11.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for mermaid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dompurify` from 3.2.4 to 3.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.3.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an engine requirement for Node 20 which caused hiccups, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.3.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a possible bypass caused by jsdom's faulty raw-text tag parsing, thanks multiple reporters\u003c/li\u003e\n\u003cli\u003eFixed a prototype pollution issue when working with custom elements, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a lenient config parsing in \u003ccode\u003e_isValidAttribute\u003c/code\u003e, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped and removed several dependencies, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the test suite after bumping dependencies, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated \u003ccode\u003eADD_FORBID_CONTENTS\u003c/code\u003e setting to extend default list, thanks \u003ca href=\"https://github.com/MariusRumpf\"\u003e\u003ccode\u003e@​MariusRumpf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated the ESM import syntax to be more correct, thanks \u003ca href=\"https://github.com/binhpv\"\u003e\u003ccode\u003e@​binhpv\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the SVG \u003ccode\u003emask-type\u003c/code\u003e attribute to default allow-list, thanks \u003ca href=\"https://github.com/prasadrajandran\"\u003e\u003ccode\u003e@​prasadrajandran\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded support for \u003ccode\u003eADD_ATTR\u003c/code\u003e and \u003ccode\u003eADD_TAGS\u003c/code\u003e to accept functions, thanks \u003ca href=\"https://github.com/nelstrom\"\u003e\u003ccode\u003e@​nelstrom\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue with the \u003ccode\u003eslot\u003c/code\u003e element being in both SVG and HTML allow-list, thanks \u003ca href=\"https://github.com/Wim-Valgaeren\"\u003e\u003ccode\u003e@​Wim-Valgaeren\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.2.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded new attributes and elements to default allow-list, thanks \u003ca href=\"https://github.com/elrion018\"\u003e\u003ccode\u003e@​elrion018\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003etagName\u003c/code\u003e parameter to custom element \u003ccode\u003eattributeNameCheck\u003c/code\u003e, thanks \u003ca href=\"https://github.com/nelstrom\"\u003e\u003ccode\u003e@​nelstrom\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better check for animated \u003ccode\u003ehref\u003c/code\u003e attributes, thanks \u003ca href=\"https://github.com/llamakko\"\u003e\u003ccode\u003e@​llamakko\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated and improved the bundled types, thanks \u003ca href=\"https://github.com/ssi02014\"\u003e\u003ccode\u003e@​ssi02014\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated several tests to better align with new browser encoding behaviors\u003c/li\u003e\n\u003cli\u003eImproved the handling of potentially risky content inside CDATA elements, thanks \u003ca href=\"https://github.com/securityMB\"\u003e\u003ccode\u003e@​securityMB\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/terjanq\"\u003e\u003ccode\u003e@​terjanq\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved the regular expression for raw-text elements to cover textareas, thanks \u003ca href=\"https://github.com/securityMB\"\u003e\u003ccode\u003e@​securityMB\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/terjanq\"\u003e\u003ccode\u003e@​terjanq\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.2.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several typos and removed clutter from our documentation, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ematrix:\u003c/code\u003e as an allowed URI scheme, thanks \u003ca href=\"https://github.com/kleinesfilmroellchen\"\u003e\u003ccode\u003e@​kleinesfilmroellchen\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better config hardening against prototype pollution, thanks \u003ca href=\"https://github.com/EffectRenan\"\u003e\u003ccode\u003e@​EffectRenan\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better handling of attribute removal, thanks \u003ca href=\"https://github.com/michalnieruchalski-tiugo\"\u003e\u003ccode\u003e@​michalnieruchalski-tiugo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better configuration for aggressive mXSS scrubbing behavior, thanks \u003ca href=\"https://github.com/BryanValverdeU\"\u003e\u003ccode\u003e@​BryanValverdeU\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved the script that caused the fake entry \u003ca href=\"https://security.snyk.io/vuln/SNYK-JS-DOMPURIFY-10176060\"\u003eCVE-2025-48050\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.2.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded a check to the mXSS detection regex to be more strict, thanks \u003ca href=\"https://github.com/masatokinugawa\"\u003e\u003ccode\u003e@​masatokinugawa\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded ESM type imports in source, removes patch function, thanks \u003ca href=\"https://github.com/donmccurdy\"\u003e\u003ccode\u003e@​donmccurdy\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded script to verify various TypeScript configurations, thanks \u003ca href=\"https://github.com/reduckted\"\u003e\u003ccode\u003e@​reduckted\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more modern browsers to the Karma launchers list\u003c/li\u003e\n\u003cli\u003eAdded Node 23.x to tested runtimes, removed Node 17.x\u003c/li\u003e\n\u003cli\u003eFixed the generation of source maps, thanks \u003ca href=\"https://github.com/reduckted\"\u003e\u003ccode\u003e@​reduckted\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an unexpected behavior with \u003ccode\u003eALLOWED_URI_REGEXP\u003c/code\u003e using the 'g' flag, thanks \u003ca href=\"https://github.com/hhk-png\"\u003e\u003ccode\u003e@​hhk-png\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a few typos in the README file\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/8bcbf73ae7eb56e7b4f1300b66cf543342c7ee27\"\u003e\u003ccode\u003e8bcbf73\u003c/code\u003e\u003c/a\u003e chore: Preparing 3.3.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5faddd60af7b4d612f32a0c6b44432b77c8c490c\"\u003e\u003ccode\u003e5faddd6\u003c/code\u003e\u003c/a\u003e fix: engine requirement (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1210\"\u003e#1210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/0f91e3add5c028bc4110c513b0c2571b284c35af\"\u003e\u003ccode\u003e0f91e3a\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/d5ff1a8c605df1df998c2e7df2c4c8ac762b0dea\"\u003e\u003ccode\u003ed5ff1a8\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:cure53/DOMPurify\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/c3efd489010366e755de9d65fd741888fd8b7462\"\u003e\u003ccode\u003ec3efd48\u003c/code\u003e\u003c/a\u003e fix: moved back from jsdom 28 to jsdom 20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/988b888108c8df911ef37e68d0e26c85ad90e885\"\u003e\u003ccode\u003e988b888\u003c/code\u003e\u003c/a\u003e fix: moved back from jsdom 28 to jsdom 20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/2726c74e9c6a0645127d1630e5ca49f64bc9fe67\"\u003e\u003ccode\u003e2726c74\u003c/code\u003e\u003c/a\u003e chore: Preparing 3.3.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6202c7e43e9df01ba606396aed60fbae5583f7a1\"\u003e\u003ccode\u003e6202c7e\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​tootallnate/once\u003c/code\u003e and jsdom (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1204\"\u003e#1204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/302b51de22535cc90235472c52e3401bedd46f80\"\u003e\u003ccode\u003e302b51d\u003c/code\u003e\u003c/a\u003e fix: Expanded the regex ever so slightly to also cover script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/cd85175da3c4614aeb0f1022f2a347e5e9bdd58b\"\u003e\u003ccode\u003ecd85175\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:cure53/DOMPurify\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.2.4...3.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `immutable` from 4.3.7 to 5.1.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/releases\"\u003eimmutable's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.1.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/li\u003e\n\u003cli\u003eUpgrade devtools and use immutable version by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2158\"\u003eimmutable-js/immutable-js#2158\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/immutable-js/immutable-js/compare/v5.1.4...v5.1.5\"\u003ehttps://github.com/immutable-js/immutable-js/compare/v5.1.4...v5.1.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.1.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate some files to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2125\"\u003eimmutable-js/immutable-js#2125\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIterator.ts\u003c/li\u003e\n\u003cli\u003ePairSorting.ts\u003c/li\u003e\n\u003cli\u003etoJS.ts\u003c/li\u003e\n\u003cli\u003eMath.ts\u003c/li\u003e\n\u003cli\u003eHash.ts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eExtract CollectionHelperMethods and convert to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2131\"\u003eimmutable-js/immutable-js#2131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse npm \u003ca href=\"https://docs.npmjs.com/trusted-publishers\"\u003etrusted publishing only\u003c/a\u003e to avoid token stealing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/a11y issues by \u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDoc add Map.get signature update by \u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(doc):minor-issues#2132 by \u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix algolia search by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2135\"\u003eimmutable-js/immutable-js#2135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTypo in OrderedMap by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2144\"\u003eimmutable-js/immutable-js#2144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: Sort all imports and activate eslint import rule by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2119\"\u003eimmutable-js/immutable-js#2119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/immutable-js/immutable-js/compare/v5.1.3...v5.1.4\"\u003ehttps://github.com/immutable-js/immutable-js/compare/v5.1.3...v5.1.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eTypeScript\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: allow readonly map entry constructor by \u003ca href=\"https://github.com/septs\"\u003e\u003ccode\u003e@​septs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2123\"\u003eimmutable-js/immutable-js#2123\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cp\u003eThere has been a huge amount of changes in the documentation, mainly migrate from an autogenerated documentation from .d.ts file, to a proper documentation in markdown.\nThe playground has been included on nearly all method examples.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md\"\u003eimmutable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate some files to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2125\"\u003eimmutable-js/immutable-js#2125\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIterator.ts\u003c/li\u003e\n\u003cli\u003ePairSorting.ts\u003c/li\u003e\n\u003cli\u003etoJS.ts\u003c/li\u003e\n\u003cli\u003eMath.ts\u003c/li\u003e\n\u003cli\u003eHash.ts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eExtract CollectionHelperMethods and convert to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2131\"\u003eimmutable-js/immutable-js#2131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse npm \u003ca href=\"https://docs.npmjs.com/trusted-publishers\"\u003etrusted publishing only\u003c/a\u003e to avoid token stealing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/a11y issues by \u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDoc add Map.get signature update by \u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(doc):minor-issues#2132 by \u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix algolia search by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2135\"\u003eimmutable-js/immutable-js#2135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTypo in OrderedMap by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2144\"\u003eimmutable-js/immutable-js#2144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: Sort all imports and activate eslint import rule by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2119\"\u003eimmutable-js/immutable-js#2119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.3\u003c/h2\u003e\n\u003ch3\u003eTypeScript\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: allow readonly map entry constructor by \u003ca href=\"https://github.com/septs\"\u003e\u003ccode\u003e@​septs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2123\"\u003eimmutable-js/immutable-js#2123\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cp\u003eThere has been a huge amount of changes in the documentation, mainly migrate from an autogenerated documentation from .d.ts file, to a proper documentation in markdown.\nThe playground has been included on nearly all method examples.\nWe added a page about browser extensions too: \u003ca href=\"https://immutable-js.com/browser-extension/\"\u003ehttps://immutable-js.com/browser-extension/\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ereplace rimraf by a node script by \u003ca href=...\n\n_Description has been truncated_","html_url":"https://github.com/ssushant0011/rspack/pull/8","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ssushant0011%2Frspack/issues/8","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8/packages"},{"uuid":"4113056660","node_id":"PR_kwDOP9kpyc7MYOJF","number":17,"state":"open","title":"Bump the npm_and_yarn group across 2 directories with 25 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-21T17:01:51.000Z","updated_at":"2026-03-21T17:16:27.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":25,"packages":[{"name":"ai","old_version":"5.0.28","new_version":"5.0.52","repository_url":"https://github.com/vercel/ai"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"next","old_version":"15.3.3","new_version":"15.5.14","repository_url":"https://github.com/vercel/next.js"},{"name":"glob","old_version":"11.0.2","new_version":"12.0.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"validator","old_version":"13.15.15","new_version":"13.15.22","repository_url":"https://github.com/validatorjs/validator.js"},{"name":"@modelcontextprotocol/sdk","old_version":"1.12.1","new_version":"1.27.1","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.2.0","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"bn.js","old_version":"4.12.2","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"4.0.3","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"mdast-util-to-hast","old_version":"13.2.0","new_version":"13.2.1","repository_url":"https://github.com/syntax-tree/mdast-util-to-hast"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"qs","old_version":"6.14.0","new_version":"6.15.0","repository_url":"https://github.com/ljharb/qs"},{"name":"rollup","old_version":"4.43.0","new_version":"4.59.1","repository_url":"https://github.com/rollup/rollup"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"3.0.9","new_version":"3.1.2","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.12","repository_url":"https://github.com/isaacs/node-tar"},{"name":"undici","old_version":"7.10.0","new_version":"7.24.5","repository_url":"https://github.com/nodejs/undici"},{"name":"zx","old_version":"7.2.3","new_version":"7.2.4","repository_url":"https://github.com/google/zx"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 23 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ai](https://github.com/vercel/ai) | `5.0.28` | `5.0.52` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [next](https://github.com/vercel/next.js) | `15.3.3` | `15.5.14` |\n| [glob](https://github.com/isaacs/node-glob) | `11.0.2` | `12.0.0` |\n| [validator](https://github.com/validatorjs/validator.js) | `13.15.15` | `13.15.22` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.12.1` | `1.27.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.2.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.2` | `4.12.3` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.3` | `4.0.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) | `13.2.0` | `13.2.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n| [rollup](https://github.com/rollup/rollup) | `4.43.0` | `4.59.1` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `3.0.9` | `3.1.2` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.12` |\n| [undici](https://github.com/nodejs/undici) | `7.10.0` | `7.24.5` |\n| [zx](https://github.com/google/zx) | `7.2.3` | `7.2.4` |\n\nBumps the npm_and_yarn group with 4 updates in the /apps/www directory: [ai](https://github.com/vercel/ai), [lodash](https://github.com/lodash/lodash), [next](https://github.com/vercel/next.js) and [glob](https://github.com/isaacs/node-glob).\n\nUpdates `ai` from 5.0.28 to 5.0.52\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63d5f669098343a49173d788fe1490127e882bd1\"\u003e\u003ccode\u003e63d5f66\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8895\"\u003e#8895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/930399bb9839a8baf3d349614106d78268775eed\"\u003e\u003ccode\u003e930399b\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): download files when intermediate file cannot be downloaded...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7ca78f19a51859de09171daa3b0cefcc9df90a16\"\u003e\u003ccode\u003e7ca78f1\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/gateway): Add new Qwen models to Gateway model string...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1cfc209a5f9f281565538f2880f9c6278ca6bf04\"\u003e\u003ccode\u003e1cfc209\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): \u003ccode\u003eOpenAILanguageModelOptions\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8858\"\u003e#8858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/347b7ecce9953ae427e7fcf5b0441a63a3d44431\"\u003e\u003ccode\u003e347b7ec\u003c/code\u003e\u003c/a\u003e ci: rename \u003ccode\u003ev5.0\u003c/code\u003e branch to \u003ccode\u003erelease-v*\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/85909a9f6448c7e6eb52d780abcca4f96679e719\"\u003e\u003ccode\u003e85909a9\u003c/code\u003e\u003c/a\u003e Backport: chore(ai): update test message (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8875\"\u003e#8875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c56822dd81d5d70bcd5ef230a875f96a224849a4\"\u003e\u003ccode\u003ec56822d\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the `UIMessageChu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1461adf5841cc3f164482fdff72b66b4b22bf866\"\u003e\u003ccode\u003e1461adf\u003c/code\u003e\u003c/a\u003e Backport: chore(examples): remove redundant OpenAI reasoning examples (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8871\"\u003e#8871\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6bd07df02d9f954b389e44da128fc6d1358462d9\"\u003e\u003ccode\u003e6bd07df\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8853\"\u003e#8853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a45d61aa32f2f319254c5e660731085bcd30f273\"\u003e\u003ccode\u003ea45d61a\u003c/code\u003e\u003c/a\u003e ci(release): remove incorrect changeset bump for \u003ccode\u003e@ai-sdk/baseten\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/compare/ai@5.0.28...ai@5.0.52\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 15.3.3 to 15.5.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(next/image): add lru disk cache and images.maximumDiskCacheSize (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91660\"\u003e#91660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix(pages-router): restore Content-Length and ETag for /_next/data/ JSON responses (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/90304\"\u003e#90304\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/lllomh\"\u003e\u003ccode\u003e@​lllomh\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003ev15.5.13\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: patch http-proxy to prevent request smuggling in rewrites (See: \u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ggv3-7p47-pfv8\"\u003eCVE-2026-29057\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/ztanner\"\u003e\u003ccode\u003e@​ztanner\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003ev15.5.12\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003efix unlock in publish-native\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis is a re-release of \u003ca href=\"https://github.com/vercel/next.js/releases/tag/v15.5.11\"\u003ev15.5.11\u003c/a\u003e applying the turbopack changes.\u003c/p\u003e\n\u003ch2\u003ev15.5.11\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTracing: Fix memory leak in span map (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/85529\"\u003e#85529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: ensure LRU cache items have minimum size of 1 to prevent unbounded growth (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89134\"\u003e#89134\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: fix NFT tracing of sharp 0.34 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/82340\"\u003e#82340\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: support pattern into exports field (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/82757\"\u003e#82757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNFT tracing fixes (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/84155\"\u003e#84155\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/vercel/next.js/issues/85323\"\u003e#85323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: validate CSS without computing all paths (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/83810\"\u003e#83810\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat: implement LRU cache with invocation ID scoping for minimal mode response cache (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89129\"\u003e#89129\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/timneutkens\"\u003e\u003ccode\u003e@​timneutkens\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mischnic\"\u003e\u003ccode\u003e@​mischnic\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ztanner\"\u003e\u003ccode\u003e@​ztanner\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/wyattjoh\"\u003e\u003ccode\u003e@​wyattjoh\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d7b012d787c01e0435f8cdf2a47211891668d13b\"\u003e\u003ccode\u003ed7b012d\u003c/code\u003e\u003c/a\u003e v15.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/2b0525123245da5b1b9d1abedc636c5fd3ee1d07\"\u003e\u003ccode\u003e2b05251\u003c/code\u003e\u003c/a\u003e [backport] feat(next/image): add lru disk cache and `images.maximumDiskCacheS...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/f88cee9604f0ec8ab869a2f94ced984194277b9e\"\u003e\u003ccode\u003ef88cee9\u003c/code\u003e\u003c/a\u003e Backport: Fix(pages-router): restore Content-Length and ETag for /_next/data/...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/cfd5f533b08df3038476dcd54f1d6d660d85f069\"\u003e\u003ccode\u003ecfd5f53\u003c/code\u003e\u003c/a\u003e v15.5.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/15f28911fd272041707dbf6b7c07d62642593be8\"\u003e\u003ccode\u003e15f2891\u003c/code\u003e\u003c/a\u003e [backport]: fix: patch http-proxy to prevent request smuggling in rewrites (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d23f41c42506005fe6978e076a1ccbf8979e4925\"\u003e\u003ccode\u003ed23f41c\u003c/code\u003e\u003c/a\u003e v15.5.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/8e75765a6544dc0e6b20aefeade7d33190ffcb7c\"\u003e\u003ccode\u003e8e75765\u003c/code\u003e\u003c/a\u003e fix unlock in publish-native\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/6cef992286e3050aeca46e0d506dc5bad4368fd2\"\u003e\u003ccode\u003e6cef992\u003c/code\u003e\u003c/a\u003e [backport] normalize CRLF line endings in jscodeshift tests on Windows (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/8800\"\u003e#8800\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7a9464553ac72f5b3f3acf17174a61b7b8a210a5\"\u003e\u003ccode\u003e7a94645\u003c/code\u003e\u003c/a\u003e Apply needs for publishRelease\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/bbfd4e313d4bc9024ec340d9de419a0e4357f898\"\u003e\u003ccode\u003ebbfd4e3\u003c/code\u003e\u003c/a\u003e v15.5.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v15.3.3...v15.5.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.2 to 12.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2b03ccaf9fc397b6054d639cd5fbe97104d36221\"\u003e\u003ccode\u003e2b03cca\u003c/code\u003e\u003c/a\u003e 12.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d56203dc19a4af5c8f8177a3b67e63a14a246458\"\u003e\u003ccode\u003ed56203d\u003c/code\u003e\u003c/a\u003e prettier config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bb521e5d188a8cbbe86d5cef3bf57a49fdee7c59\"\u003e\u003ccode\u003ebb521e5\u003c/code\u003e\u003c/a\u003e Remove --shell option where unsafe to use\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2551fb51440d402fa2120457bf460e546ee9964d\"\u003e\u003ccode\u003e2551fb5\u003c/code\u003e\u003c/a\u003e 11.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146\"\u003e\u003ccode\u003e47473c0\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bc33fe1c6a47abd497703d79ad96036e7891ff62\"\u003e\u003ccode\u003ebc33fe1\u003c/code\u003e\u003c/a\u003e skip tilde test on systems that lack tilde expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/59bf9ca211bda5636c4fe9e32d41530c90a4f30d\"\u003e\u003ccode\u003e59bf9ca\u003c/code\u003e\u003c/a\u003e fix notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/dde4fa66c87e24b37bb5be28ed10c6e12019edac\"\u003e\u003ccode\u003edde4fa6\u003c/code\u003e\u003c/a\u003e docs(README): add #anchor and improve \u003ccode\u003enote\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/0559b0ed13c0f8147cd2ac9d48bb49684caaf20e\"\u003e\u003ccode\u003e0559b0e\u003c/code\u003e\u003c/a\u003e docs: add better links to path-scurry docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c9773c249b4b9ed6b2447222c226f9d20c6ce916\"\u003e\u003ccode\u003ec9773c2\u003c/code\u003e\u003c/a\u003e fix: correct typos in \u003ccode\u003eREADME.md\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v11.0.2...v12.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `validator` from 13.15.15 to 13.15.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/releases\"\u003evalidator's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e13.15.22\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003evalidatorjs/validator.js#2622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e-- made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003evalidatorjs/validator.js#2616\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e13.15.20\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003evalidatorjs/validator.js#2563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003evalidatorjs/validator.js#2556\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003evalidatorjs/validator.js#2576\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003evalidatorjs/validator.js#2574\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003evalidatorjs/validator.js#2584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003evalidatorjs/validator.js#2581\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003evalidatorjs/validator.js#2608\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md\"\u003evalidator's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e13.15.22\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e13.15.20\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2b5c17dbe03f2ca9ad9122c597f81e86ce1a9a1\"\u003e\u003ccode\u003ef2b5c17\u003c/code\u003e\u003c/a\u003e maintenance: 2511 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2627\"\u003e#2627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/d457ecaf55b0f3d8bd379d82757425d0d13dd382\"\u003e\u003ccode\u003ed457eca\u003c/code\u003e\u003c/a\u003e fix(isLength): correctly handle Unicode variation selectors (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2616\"\u003e#2616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2e3633f22fd3016656789d100bc451d857e7488\"\u003e\u003ccode\u003ef2e3633\u003c/code\u003e\u003c/a\u003e docs: add install instructions to contibution guide (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2621\"\u003e#2621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cf401458b8733d981a3724d634c795a9d612b516\"\u003e\u003ccode\u003ecf40145\u003c/code\u003e\u003c/a\u003e fix: URL validation for hostnames with ports (no protocol) (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2622\"\u003e#2622\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/4af61243ba0ae93f29e7689040e188b5849ff1b0\"\u003e\u003ccode\u003e4af6124\u003c/code\u003e\u003c/a\u003e maintenance: 2510 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2585\"\u003e#2585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/30d4fe02c16d36ed471f12da658c4b5d843781e0\"\u003e\u003ccode\u003e30d4fe0\u003c/code\u003e\u003c/a\u003e 13.15.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cbef5088f02d36caf978f378bb845fe49bdc0809\"\u003e\u003ccode\u003ecbef508\u003c/code\u003e\u003c/a\u003e fix(isURL): improve protocol detection. Resolves CVE-2025-56200 (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2608\"\u003e#2608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/6f436be36945e460ee624bf72a935a06daded859\"\u003e\u003ccode\u003e6f436be\u003c/code\u003e\u003c/a\u003e Fix typo in validators.test.js (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2581\"\u003e#2581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/3c857088d58197453957a2b924dfedea328003b6\"\u003e\u003ccode\u003e3c85708\u003c/code\u003e\u003c/a\u003e Fix: correct French VAT (FR) validation regex and add tests (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2584\"\u003e#2584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/eee525cd117d24ac905b9432f3f5a27e96aa9719\"\u003e\u003ccode\u003eeee525c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2491\"\u003e#2491\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2573\"\u003e#2573\u003c/a\u003e Simplify isBase64 to prevent stack overflow (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2574\"\u003e#2574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~wikirik\"\u003ewikirik\u003c/a\u003e, a new releaser for validator since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.12.1 to 1.27.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e\u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.27.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: implement auth/pre-registration conformance scenario by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1545\"\u003emodelcontextprotocol/typescript-sdk#1545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add governance documentation for SEP-1730 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1547\"\u003emodelcontextprotocol/typescript-sdk#1547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: comprehensive feature documentation for SEP-1730 Tier 1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1548\"\u003emodelcontextprotocol/typescript-sdk#1548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent command injection in example URL opening (v1.x backport) by \u003ca href=\"https://github.com/maxisbey\"\u003e\u003ccode\u003e@​maxisbey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1579\"\u003emodelcontextprotocol/typescript-sdk#1579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: call onerror for silently swallowed transport errors by \u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.27.1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1581\"\u003emodelcontextprotocol/typescript-sdk#1581\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add conformance test infrastructure for v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1518\"\u003emodelcontextprotocol/typescript-sdk#1518\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: backport discoverOAuthServerInfo() and discovery caching to v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1533\"\u003emodelcontextprotocol/typescript-sdk#1533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add url property to RequestInfo interface by \u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] feat(tasks): add streaming methods for elicitation and sampling by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1528\"\u003emodelcontextprotocol/typescript-sdk#1528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version for v1.27.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1541\"\u003emodelcontextprotocol/typescript-sdk#1541\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.26.0\u003c/h2\u003e\n\u003cp\u003eAddresses \u0026quot;Sharing server/transport instances can leak cross-client response data\u0026quot; in this GHSA \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump v1.25.3 for backport fixes by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1412\"\u003emodelcontextprotocol/typescript-sdk#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by \u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) by \u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.26.0 by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1479\"\u003emodelcontextprotocol/typescript-sdk#1479\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v1.x backport] Use correct schema for client sampling validation when tools are present by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1407\"\u003emodelcontextprotocol/typescript-sdk#1407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent Hono from overriding global Response object (v1.x) by \u003ca href=\"https://github.com/mattzcarey\"\u003e\u003ccode\u003e@​mattzcarey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1411\"\u003emodelcontextprotocol/typescript-sdk#1411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4faa8c899c069a98f8a0c3f804ec1a50dc2bae64\"\u003e\u003ccode\u003e4faa8c8\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.27.1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1581\"\u003e#1581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/09a85a80439f0ca9e5556ac20bdec41461e35234\"\u003e\u003ccode\u003e09a85a8\u003c/code\u003e\u003c/a\u003e fix: call onerror for silently swallowed transport errors (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1580\"\u003e#1580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/e79d14ab6d8fbcb49543cab3917a60a89d0a6df9\"\u003e\u003ccode\u003ee79d14a\u003c/code\u003e\u003c/a\u003e fix: prevent command injection in example URL opening (v1.x backport) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1579\"\u003e#1579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/342ea394ca6e660e294162efdeafc411284bcc0d\"\u003e\u003ccode\u003e342ea39\u003c/code\u003e\u003c/a\u003e docs: comprehensive feature documentation for SEP-1730 Tier 1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1548\"\u003e#1548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/2084a22074d4c8fd54ddc8637783fb10c13edf90\"\u003e\u003ccode\u003e2084a22\u003c/code\u003e\u003c/a\u003e docs: add governance documentation for SEP-1730 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1547\"\u003e#1547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/f2d21458ccccd7cfaa1a2a171a262961591d4d0b\"\u003e\u003ccode\u003ef2d2145\u003c/code\u003e\u003c/a\u003e feat: implement auth/pre-registration conformance scenario (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1545\"\u003e#1545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/8cbc65848388cb0364122f5760cb6b01ff8a3654\"\u003e\u003ccode\u003e8cbc658\u003c/code\u003e\u003c/a\u003e chore: bump version for v1.27.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1541\"\u003e#1541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/5c16ae3339bfa1dd71b0dee1a534e1b6d8be658e\"\u003e\u003ccode\u003e5c16ae3\u003c/code\u003e\u003c/a\u003e [v1.x] feat(tasks): add streaming methods for elicitation and sampling (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1528\"\u003e#1528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/97ab379e4572ac8e38ff8b99891f29a69cfbb5bb\"\u003e\u003ccode\u003e97ab379\u003c/code\u003e\u003c/a\u003e feat: add url property to RequestInfo interface (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/825e9ab80332e7fac19d221f6aae352dc73172fe\"\u003e\u003ccode\u003e825e9ab\u003c/code\u003e\u003c/a\u003e feat: backport discoverOAuthServerInfo() and discovery caching to v1.x (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1533\"\u003e#1533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.12.1...v1.27.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~pcarleton\"\u003epcarleton\u003c/a\u003e, a new releaser for \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5d41e45073ed1a8a3b5e5a1bbfcd131e61295bf8\"\u003e\u003ccode\u003e5d41e45\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/49c2e73ed1cae4962ae38b33ab93a3548c2f5622\"\u003e\u003ccode\u003e49c2e73\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/2a2a0e6514357b9eda07c2f8afbd3f04727a7cd9\"\u003e\u003ccode\u003e2a2a0e6\u003c/code\u003e\u003c/a\u003e Skip invalid filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/65c90d949c0f8a9709759dff9e76bbe07061812b\"\u003e\u003ccode\u003e65c90d9\u003c/code\u003e\u003c/a\u003e Fix permissions for workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/593cb7831bec60d5590acc3eeb2e553f4a431167\"\u003e\u003ccode\u003e593cb78\u003c/code\u003e\u003c/a\u003e Set permissions for workflow jobs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/36adf110beabc9acdcad122149a2ea795a2b1a6c\"\u003e\u003ccode\u003e36adf11\u003c/code\u003e\u003c/a\u003e Remove deprecated CodeQL check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9da4af0e1f82fe372bedc1b7820f55c6eaf012e5\"\u003e\u003ccode\u003e9da4af0\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/699303975bea182b966f9f34a1ecbbebe92afcef\"\u003e\u003ccode\u003e6993039\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0b8f7560e11af817d70ff17f986b334ba2e99b81\"\u003e\u003ccode\u003e0b8f756\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/67a53f21623e4047d28d7a6f98f539f1adc9d1d0\"\u003e\u003ccode\u003e67a53f2\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.2 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.2...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 2.2.0 to 2.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README links by \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: release notes for the v1.20.4 release by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/674\"\u003eexpressjs/body-parser#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update URL-encoded parser description to include ISO-8859-1 encoding support by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/679\"\u003eexpressjs/body-parser#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use standard jsdoc tags everywhere by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/677\"\u003eexpressjs/body-parser#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/689\"\u003eexpressjs/body-parser#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/693\"\u003eexpressjs/body-parser#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.2.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/691\"\u003eexpressjs/body-parser#691\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\"\u003ehttps://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-13466\"\u003eCVE-2025-13466\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/593\"\u003eexpressjs/body-parser#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/594\"\u003eexpressjs/body-parser#594\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: type-is@^2.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/599\"\u003eexpressjs/body-parser#599\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/609\"\u003eexpressjs/body-parser#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/610\"\u003eexpressjs/body-parser#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/611\"\u003eexpressjs/body-parser#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/613\"\u003eexpressjs/body-parser#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/612\"\u003eexpressjs/body-parser#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add codeql github workflows scanning by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/614\"\u003eexpressjs/body-parser#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update CodeQL config to ignore the test directory by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/615\"\u003eexpressjs/body-parser#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/620\"\u003eexpressjs/body-parser#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/619\"\u003eexpressjs/body-parser#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): unpin devDependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/616\"\u003eexpressjs/body-parser#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/621\"\u003eexpressjs/body-parser#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/623\"\u003eexpressjs/body-parser#623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/624\"\u003eexpressjs/body-parser#624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/617\"\u003eexpressjs/body-parser#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/625\"\u003eexpressjs/body-parser#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/630\"\u003eexpressjs/body-parser#630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: move common request validation to read function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/600\"\u003eexpressjs/body-parser#600\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump iconv-lite by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/631\"\u003eexpressjs/body-parser#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: pull beta changelog forward into 2.0.0 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/629\"\u003eexpressjs/body-parser#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: optimize raw and text parsers with shared passthrough function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/634\"\u003eexpressjs/body-parser#634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/640\"\u003eexpressjs/body-parser#640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/639\"\u003eexpressjs/body-parser#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/636\"\u003eexpressjs/body-parser#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/637\"\u003eexpressjs/body-parser#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/638\"\u003eexpressjs/body-parser#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: raw-body@^3.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/641\"\u003eexpressjs/body-parser#641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.2.2 / 2026-01-07\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@^6.14.1\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.1 / 2025-11-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.1\u003c/li\u003e\n\u003cli\u003eiconv-lite@^0.7.0\n\u003cul\u003e\n\u003cli\u003eHandle split surrogate pairs when encoding UTF-8\u003c/li\u003e\n\u003cli\u003eAvoid false positives in \u003ccode\u003eencodingExists\u003c/code\u003e by using prototype-less objects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eraw-body@^3.0.1\u003c/li\u003e\n\u003cli\u003edebug@^4.4.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/3d248660b2e8b66732b232d7c758517fbf2420a6\"\u003e\u003ccode\u003e3d24866\u003c/code\u003e\u003c/a\u003e 2.2.2 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/8474a984c3ba36a1b4328ce019833b99caa0f08f\"\u003e\u003ccode\u003e8474a98\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/693\"\u003e#693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/03f17c2538552a57e6be537afca8c7587bd40aaa\"\u003e\u003ccode\u003e03f17c2\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/689\"\u003e#689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ea1f25e503c1b2f7ba6f8562724ae0fcd247fb75\"\u003e\u003ccode\u003eea1f25e\u003c/code\u003e\u003c/a\u003e docs: use standard jsdoc tags everywhere (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d7deef8ec61307fa28c22bc443cf8ed2f267945a\"\u003e\u003ccode\u003ed7deef8\u003c/code\u003e\u003c/a\u003e docs: update URL-encoded parser description to include ISO-8859-1 encoding su...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b6f52aabc65137c5227c8a462bddb761daeb96e7\"\u003e\u003ccode\u003eb6f52aa\u003c/code\u003e\u003c/a\u003e docs: release notes for the v1.20.4 release (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2965ca4af4883109cb2f651f4ce12da310902a0c\"\u003e\u003ccode\u003e2965ca4\u003c/code\u003e\u003c/a\u003e docs: update links (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d96b63da8d7445de317736471633bac83ec76cbb\"\u003e\u003ccode\u003ed96b63d\u003c/code\u003e\u003c/a\u003e 2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/659\"\u003e#659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63\"\u003e\u003ccode\u003eb204886\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2025-13466\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/e20e3512e085c1162e8ffe36ac65c705a8017251\"\u003e\u003ccode\u003ee20e351\u003c/code\u003e\u003c/a\u003e feat: remove \u003ccode\u003ehistory.md\u003c/code\u003e from being packaged on publish (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.0...v2.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 4.0.2 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 4.0.2 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev4.0.3 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5\"\u003e\u003ccode\u003ef06f3e4\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75\"\u003e\u003ccode\u003e0179a48\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683\"\u003e\u003ccode\u003e4568cae\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a\"\u003e\u003ccode\u003e4de0ffa\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~explodingcabbage\"\u003eexplodingcabbage\u003c/a\u003e, a new releaser for diff since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.3 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.4...v4.0.5\"\u003ev4.0.5\u003c/a\u003e - 2025-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set Symbol.toStringTag in the proper place \u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/68ff7dda8834d6de095a7008cef0e03bc252ca98\"\u003e\u003ccode\u003e68ff7dd\u003c/code\u003e\u003c/a\u003e v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e [Fix] set Symbol.toStringTag in the proper place\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e [Tests] Switch to newer v8 prediction library; enable node 24 testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=...\n\n_Description has been truncated_\n\n---\n\n🔄 This PR updates 25 npm dependencies across the monorepo, including major updates to Next.js (15.3.3 → 15.5.14), AI SDK (5.0.28 → 5.0.52), and lodash (4.17.21 → 4.17.23), along with security patches for multiple packages.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Framework Updates**: Next.js updated from 15.3.3 to 15.5.14 with performance improvements and security fixes\n- **AI SDK Enhancement**: Vercel AI SDK updated from 5.0.28 to 5.0.52 with new features and bug fixes\n- **Security Patches**: Multiple packages updated to address CVEs including validator.js, basic-ftp, and form-data\n- **Utility Libraries**: Lodash updated across 13 packages from 4.17.21 to 4.17.23 with prototype pollution fixes\n- **Development Tools**: Glob updated from 11.0.2 to 12.0.0 with breaking changes to CLI interface\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 25 Outdated Packages]\n    B --\u003e C[Security Updates]\n    B --\u003e D[Feature Updates]\n    B --\u003e E[Bug Fixes]\n    \n    C --\u003e F[validator.js CVE-2025-56200]\n    C --\u003e G[basic-ftp CVE-2026-27699]\n    C --\u003e H[form-data boundary security]\n    \n    D --\u003e I[Next.js 15.5.14 features]\n    D --\u003e J[AI SDK 5.0.52 enhancements]\n    \n    E --\u003e K[lodash prototype pollution]\n    E --\u003e L[Various stability fixes]\n    \n    F --\u003e M[Production Ready]\n    G --\u003e M\n    H --\u003e M\n    I --\u003e M\n    J --\u003e M\n    K --\u003e M\n    L --\u003e M\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple CVEs and security vulnerabilities across the dependency tree\n- **Performance Improvements**: Next.js updates include LRU caching, memory leak fixes, and Turbopack enhancements\n- **Developer Experience**: Updated AI SDK provides better tooling and API improvements for AI-powered features\n- **Stability**: Lodash updates fix prototype pollution issues affecting 13 packages in the monorepo\n- **Compatibility**: Most updates are backward compatible, though glob 12.0.0 removes unsafe CLI options\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/plate/pull/17","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Fplate/issues/17","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/17/packages"},{"uuid":"4110210891","node_id":"PR_kwDOP9kpyc7MQoiJ","number":16,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 25 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-20T21:29:04.000Z","updated_at":"2026-03-20T23:03:40.234Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":25,"packages":[{"name":"ai","old_version":"5.0.28","new_version":"5.0.52","repository_url":"https://github.com/vercel/ai"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"next","old_version":"15.3.3","new_version":"15.5.14","repository_url":"https://github.com/vercel/next.js"},{"name":"glob","old_version":"11.0.2","new_version":"12.0.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"validator","old_version":"13.15.15","new_version":"13.15.22","repository_url":"https://github.com/validatorjs/validator.js"},{"name":"@modelcontextprotocol/sdk","old_version":"1.12.1","new_version":"1.27.1","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.2.0","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"bn.js","old_version":"4.12.2","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"4.0.3","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"mdast-util-to-hast","old_version":"13.2.0","new_version":"13.2.1","repository_url":"https://github.com/syntax-tree/mdast-util-to-hast"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"qs","old_version":"6.14.0","new_version":"6.15.0","repository_url":"https://github.com/ljharb/qs"},{"name":"rollup","old_version":"4.43.0","new_version":"4.59.0","repository_url":"https://github.com/rollup/rollup"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"3.0.9","new_version":"3.1.2","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.12","repository_url":"https://github.com/isaacs/node-tar"},{"name":"undici","old_version":"7.10.0","new_version":"7.24.5","repository_url":"https://github.com/nodejs/undici"},{"name":"zx","old_version":"7.2.3","new_version":"7.2.4","repository_url":"https://github.com/google/zx"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 23 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ai](https://github.com/vercel/ai) | `5.0.28` | `5.0.52` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [next](https://github.com/vercel/next.js) | `15.3.3` | `15.5.14` |\n| [glob](https://github.com/isaacs/node-glob) | `11.0.2` | `12.0.0` |\n| [validator](https://github.com/validatorjs/validator.js) | `13.15.15` | `13.15.22` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.12.1` | `1.27.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.2.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.2` | `4.12.3` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.3` | `4.0.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) | `13.2.0` | `13.2.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n| [rollup](https://github.com/rollup/rollup) | `4.43.0` | `4.59.0` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `3.0.9` | `3.1.2` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.12` |\n| [undici](https://github.com/nodejs/undici) | `7.10.0` | `7.24.5` |\n| [zx](https://github.com/google/zx) | `7.2.3` | `7.2.4` |\n\n\nUpdates `ai` from 5.0.28 to 5.0.52\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63d5f669098343a49173d788fe1490127e882bd1\"\u003e\u003ccode\u003e63d5f66\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8895\"\u003e#8895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/930399bb9839a8baf3d349614106d78268775eed\"\u003e\u003ccode\u003e930399b\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): download files when intermediate file cannot be downloaded...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7ca78f19a51859de09171daa3b0cefcc9df90a16\"\u003e\u003ccode\u003e7ca78f1\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/gateway): Add new Qwen models to Gateway model string...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1cfc209a5f9f281565538f2880f9c6278ca6bf04\"\u003e\u003ccode\u003e1cfc209\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): \u003ccode\u003eOpenAILanguageModelOptions\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8858\"\u003e#8858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/347b7ecce9953ae427e7fcf5b0441a63a3d44431\"\u003e\u003ccode\u003e347b7ec\u003c/code\u003e\u003c/a\u003e ci: rename \u003ccode\u003ev5.0\u003c/code\u003e branch to \u003ccode\u003erelease-v*\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/85909a9f6448c7e6eb52d780abcca4f96679e719\"\u003e\u003ccode\u003e85909a9\u003c/code\u003e\u003c/a\u003e Backport: chore(ai): update test message (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8875\"\u003e#8875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c56822dd81d5d70bcd5ef230a875f96a224849a4\"\u003e\u003ccode\u003ec56822d\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the `UIMessageChu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1461adf5841cc3f164482fdff72b66b4b22bf866\"\u003e\u003ccode\u003e1461adf\u003c/code\u003e\u003c/a\u003e Backport: chore(examples): remove redundant OpenAI reasoning examples (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8871\"\u003e#8871\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6bd07df02d9f954b389e44da128fc6d1358462d9\"\u003e\u003ccode\u003e6bd07df\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8853\"\u003e#8853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a45d61aa32f2f319254c5e660731085bcd30f273\"\u003e\u003ccode\u003ea45d61a\u003c/code\u003e\u003c/a\u003e ci(release): remove incorrect changeset bump for \u003ccode\u003e@ai-sdk/baseten\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/compare/ai@5.0.28...ai@5.0.52\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 15.3.3 to 15.5.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(next/image): add lru disk cache and images.maximumDiskCacheSize (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91660\"\u003e#91660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix(pages-router): restore Content-Length and ETag for /_next/data/ JSON responses (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/90304\"\u003e#90304\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/lllomh\"\u003e\u003ccode\u003e@​lllomh\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003ev15.5.13\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: patch http-proxy to prevent request smuggling in rewrites (See: \u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ggv3-7p47-pfv8\"\u003eCVE-2026-29057\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/ztanner\"\u003e\u003ccode\u003e@​ztanner\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003ev15.5.12\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003efix unlock in publish-native\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis is a re-release of \u003ca href=\"https://github.com/vercel/next.js/releases/tag/v15.5.11\"\u003ev15.5.11\u003c/a\u003e applying the turbopack changes.\u003c/p\u003e\n\u003ch2\u003ev15.5.11\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTracing: Fix memory leak in span map (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/85529\"\u003e#85529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: ensure LRU cache items have minimum size of 1 to prevent unbounded growth (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89134\"\u003e#89134\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: fix NFT tracing of sharp 0.34 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/82340\"\u003e#82340\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: support pattern into exports field (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/82757\"\u003e#82757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNFT tracing fixes (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/84155\"\u003e#84155\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/vercel/next.js/issues/85323\"\u003e#85323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: validate CSS without computing all paths (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/83810\"\u003e#83810\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat: implement LRU cache with invocation ID scoping for minimal mode response cache (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89129\"\u003e#89129\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/timneutkens\"\u003e\u003ccode\u003e@​timneutkens\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mischnic\"\u003e\u003ccode\u003e@​mischnic\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ztanner\"\u003e\u003ccode\u003e@​ztanner\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/wyattjoh\"\u003e\u003ccode\u003e@​wyattjoh\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d7b012d787c01e0435f8cdf2a47211891668d13b\"\u003e\u003ccode\u003ed7b012d\u003c/code\u003e\u003c/a\u003e v15.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/2b0525123245da5b1b9d1abedc636c5fd3ee1d07\"\u003e\u003ccode\u003e2b05251\u003c/code\u003e\u003c/a\u003e [backport] feat(next/image): add lru disk cache and `images.maximumDiskCacheS...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/f88cee9604f0ec8ab869a2f94ced984194277b9e\"\u003e\u003ccode\u003ef88cee9\u003c/code\u003e\u003c/a\u003e Backport: Fix(pages-router): restore Content-Length and ETag for /_next/data/...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/cfd5f533b08df3038476dcd54f1d6d660d85f069\"\u003e\u003ccode\u003ecfd5f53\u003c/code\u003e\u003c/a\u003e v15.5.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/15f28911fd272041707dbf6b7c07d62642593be8\"\u003e\u003ccode\u003e15f2891\u003c/code\u003e\u003c/a\u003e [backport]: fix: patch http-proxy to prevent request smuggling in rewrites (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d23f41c42506005fe6978e076a1ccbf8979e4925\"\u003e\u003ccode\u003ed23f41c\u003c/code\u003e\u003c/a\u003e v15.5.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/8e75765a6544dc0e6b20aefeade7d33190ffcb7c\"\u003e\u003ccode\u003e8e75765\u003c/code\u003e\u003c/a\u003e fix unlock in publish-native\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/6cef992286e3050aeca46e0d506dc5bad4368fd2\"\u003e\u003ccode\u003e6cef992\u003c/code\u003e\u003c/a\u003e [backport] normalize CRLF line endings in jscodeshift tests on Windows (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/8800\"\u003e#8800\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7a9464553ac72f5b3f3acf17174a61b7b8a210a5\"\u003e\u003ccode\u003e7a94645\u003c/code\u003e\u003c/a\u003e Apply needs for publishRelease\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/bbfd4e313d4bc9024ec340d9de419a0e4357f898\"\u003e\u003ccode\u003ebbfd4e3\u003c/code\u003e\u003c/a\u003e v15.5.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v15.3.3...v15.5.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.2 to 12.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2b03ccaf9fc397b6054d639cd5fbe97104d36221\"\u003e\u003ccode\u003e2b03cca\u003c/code\u003e\u003c/a\u003e 12.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d56203dc19a4af5c8f8177a3b67e63a14a246458\"\u003e\u003ccode\u003ed56203d\u003c/code\u003e\u003c/a\u003e prettier config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bb521e5d188a8cbbe86d5cef3bf57a49fdee7c59\"\u003e\u003ccode\u003ebb521e5\u003c/code\u003e\u003c/a\u003e Remove --shell option where unsafe to use\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2551fb51440d402fa2120457bf460e546ee9964d\"\u003e\u003ccode\u003e2551fb5\u003c/code\u003e\u003c/a\u003e 11.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146\"\u003e\u003ccode\u003e47473c0\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bc33fe1c6a47abd497703d79ad96036e7891ff62\"\u003e\u003ccode\u003ebc33fe1\u003c/code\u003e\u003c/a\u003e skip tilde test on systems that lack tilde expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/59bf9ca211bda5636c4fe9e32d41530c90a4f30d\"\u003e\u003ccode\u003e59bf9ca\u003c/code\u003e\u003c/a\u003e fix notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/dde4fa66c87e24b37bb5be28ed10c6e12019edac\"\u003e\u003ccode\u003edde4fa6\u003c/code\u003e\u003c/a\u003e docs(README): add #anchor and improve \u003ccode\u003enote\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/0559b0ed13c0f8147cd2ac9d48bb49684caaf20e\"\u003e\u003ccode\u003e0559b0e\u003c/code\u003e\u003c/a\u003e docs: add better links to path-scurry docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c9773c249b4b9ed6b2447222c226f9d20c6ce916\"\u003e\u003ccode\u003ec9773c2\u003c/code\u003e\u003c/a\u003e fix: correct typos in \u003ccode\u003eREADME.md\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v11.0.2...v12.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `validator` from 13.15.15 to 13.15.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/releases\"\u003evalidator's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e13.15.22\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003evalidatorjs/validator.js#2622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e-- made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003evalidatorjs/validator.js#2616\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e13.15.20\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003evalidatorjs/validator.js#2563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003evalidatorjs/validator.js#2556\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003evalidatorjs/validator.js#2576\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003evalidatorjs/validator.js#2574\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003evalidatorjs/validator.js#2584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003evalidatorjs/validator.js#2581\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003evalidatorjs/validator.js#2608\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md\"\u003evalidator's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e13.15.22\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e13.15.20\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2b5c17dbe03f2ca9ad9122c597f81e86ce1a9a1\"\u003e\u003ccode\u003ef2b5c17\u003c/code\u003e\u003c/a\u003e maintenance: 2511 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2627\"\u003e#2627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/d457ecaf55b0f3d8bd379d82757425d0d13dd382\"\u003e\u003ccode\u003ed457eca\u003c/code\u003e\u003c/a\u003e fix(isLength): correctly handle Unicode variation selectors (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2616\"\u003e#2616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2e3633f22fd3016656789d100bc451d857e7488\"\u003e\u003ccode\u003ef2e3633\u003c/code\u003e\u003c/a\u003e docs: add install instructions to contibution guide (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2621\"\u003e#2621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cf401458b8733d981a3724d634c795a9d612b516\"\u003e\u003ccode\u003ecf40145\u003c/code\u003e\u003c/a\u003e fix: URL validation for hostnames with ports (no protocol) (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2622\"\u003e#2622\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/4af61243ba0ae93f29e7689040e188b5849ff1b0\"\u003e\u003ccode\u003e4af6124\u003c/code\u003e\u003c/a\u003e maintenance: 2510 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2585\"\u003e#2585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/30d4fe02c16d36ed471f12da658c4b5d843781e0\"\u003e\u003ccode\u003e30d4fe0\u003c/code\u003e\u003c/a\u003e 13.15.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cbef5088f02d36caf978f378bb845fe49bdc0809\"\u003e\u003ccode\u003ecbef508\u003c/code\u003e\u003c/a\u003e fix(isURL): improve protocol detection. Resolves CVE-2025-56200 (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2608\"\u003e#2608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/6f436be36945e460ee624bf72a935a06daded859\"\u003e\u003ccode\u003e6f436be\u003c/code\u003e\u003c/a\u003e Fix typo in validators.test.js (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2581\"\u003e#2581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/3c857088d58197453957a2b924dfedea328003b6\"\u003e\u003ccode\u003e3c85708\u003c/code\u003e\u003c/a\u003e Fix: correct French VAT (FR) validation regex and add tests (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2584\"\u003e#2584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/eee525cd117d24ac905b9432f3f5a27e96aa9719\"\u003e\u003ccode\u003eeee525c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2491\"\u003e#2491\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2573\"\u003e#2573\u003c/a\u003e Simplify isBase64 to prevent stack overflow (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2574\"\u003e#2574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~wikirik\"\u003ewikirik\u003c/a\u003e, a new releaser for validator since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.12.1 to 1.27.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e\u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.27.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: implement auth/pre-registration conformance scenario by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1545\"\u003emodelcontextprotocol/typescript-sdk#1545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add governance documentation for SEP-1730 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1547\"\u003emodelcontextprotocol/typescript-sdk#1547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: comprehensive feature documentation for SEP-1730 Tier 1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1548\"\u003emodelcontextprotocol/typescript-sdk#1548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent command injection in example URL opening (v1.x backport) by \u003ca href=\"https://github.com/maxisbey\"\u003e\u003ccode\u003e@​maxisbey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1579\"\u003emodelcontextprotocol/typescript-sdk#1579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: call onerror for silently swallowed transport errors by \u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.27.1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1581\"\u003emodelcontextprotocol/typescript-sdk#1581\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add conformance test infrastructure for v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1518\"\u003emodelcontextprotocol/typescript-sdk#1518\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: backport discoverOAuthServerInfo() and discovery caching to v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1533\"\u003emodelcontextprotocol/typescript-sdk#1533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add url property to RequestInfo interface by \u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] feat(tasks): add streaming methods for elicitation and sampling by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1528\"\u003emodelcontextprotocol/typescript-sdk#1528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version for v1.27.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1541\"\u003emodelcontextprotocol/typescript-sdk#1541\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.26.0\u003c/h2\u003e\n\u003cp\u003eAddresses \u0026quot;Sharing server/transport instances can leak cross-client response data\u0026quot; in this GHSA \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump v1.25.3 for backport fixes by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1412\"\u003emodelcontextprotocol/typescript-sdk#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by \u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) by \u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.26.0 by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1479\"\u003emodelcontextprotocol/typescript-sdk#1479\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v1.x backport] Use correct schema for client sampling validation when tools are present by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1407\"\u003emodelcontextprotocol/typescript-sdk#1407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent Hono from overriding global Response object (v1.x) by \u003ca href=\"https://github.com/mattzcarey\"\u003e\u003ccode\u003e@​mattzcarey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1411\"\u003emodelcontextprotocol/typescript-sdk#1411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4faa8c899c069a98f8a0c3f804ec1a50dc2bae64\"\u003e\u003ccode\u003e4faa8c8\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.27.1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1581\"\u003e#1581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/09a85a80439f0ca9e5556ac20bdec41461e35234\"\u003e\u003ccode\u003e09a85a8\u003c/code\u003e\u003c/a\u003e fix: call onerror for silently swallowed transport errors (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1580\"\u003e#1580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/e79d14ab6d8fbcb49543cab3917a60a89d0a6df9\"\u003e\u003ccode\u003ee79d14a\u003c/code\u003e\u003c/a\u003e fix: prevent command injection in example URL opening (v1.x backport) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1579\"\u003e#1579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/342ea394ca6e660e294162efdeafc411284bcc0d\"\u003e\u003ccode\u003e342ea39\u003c/code\u003e\u003c/a\u003e docs: comprehensive feature documentation for SEP-1730 Tier 1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1548\"\u003e#1548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/2084a22074d4c8fd54ddc8637783fb10c13edf90\"\u003e\u003ccode\u003e2084a22\u003c/code\u003e\u003c/a\u003e docs: add governance documentation for SEP-1730 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1547\"\u003e#1547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/f2d21458ccccd7cfaa1a2a171a262961591d4d0b\"\u003e\u003ccode\u003ef2d2145\u003c/code\u003e\u003c/a\u003e feat: implement auth/pre-registration conformance scenario (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1545\"\u003e#1545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/8cbc65848388cb0364122f5760cb6b01ff8a3654\"\u003e\u003ccode\u003e8cbc658\u003c/code\u003e\u003c/a\u003e chore: bump version for v1.27.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1541\"\u003e#1541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/5c16ae3339bfa1dd71b0dee1a534e1b6d8be658e\"\u003e\u003ccode\u003e5c16ae3\u003c/code\u003e\u003c/a\u003e [v1.x] feat(tasks): add streaming methods for elicitation and sampling (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1528\"\u003e#1528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/97ab379e4572ac8e38ff8b99891f29a69cfbb5bb\"\u003e\u003ccode\u003e97ab379\u003c/code\u003e\u003c/a\u003e feat: add url property to RequestInfo interface (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/825e9ab80332e7fac19d221f6aae352dc73172fe\"\u003e\u003ccode\u003e825e9ab\u003c/code\u003e\u003c/a\u003e feat: backport discoverOAuthServerInfo() and discovery caching to v1.x (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1533\"\u003e#1533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.12.1...v1.27.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~pcarleton\"\u003epcarleton\u003c/a\u003e, a new releaser for \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5d41e45073ed1a8a3b5e5a1bbfcd131e61295bf8\"\u003e\u003ccode\u003e5d41e45\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/49c2e73ed1cae4962ae38b33ab93a3548c2f5622\"\u003e\u003ccode\u003e49c2e73\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/2a2a0e6514357b9eda07c2f8afbd3f04727a7cd9\"\u003e\u003ccode\u003e2a2a0e6\u003c/code\u003e\u003c/a\u003e Skip invalid filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/65c90d949c0f8a9709759dff9e76bbe07061812b\"\u003e\u003ccode\u003e65c90d9\u003c/code\u003e\u003c/a\u003e Fix permissions for workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/593cb7831bec60d5590acc3eeb2e553f4a431167\"\u003e\u003ccode\u003e593cb78\u003c/code\u003e\u003c/a\u003e Set permissions for workflow jobs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/36adf110beabc9acdcad122149a2ea795a2b1a6c\"\u003e\u003ccode\u003e36adf11\u003c/code\u003e\u003c/a\u003e Remove deprecated CodeQL check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9da4af0e1f82fe372bedc1b7820f55c6eaf012e5\"\u003e\u003ccode\u003e9da4af0\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/699303975bea182b966f9f34a1ecbbebe92afcef\"\u003e\u003ccode\u003e6993039\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0b8f7560e11af817d70ff17f986b334ba2e99b81\"\u003e\u003ccode\u003e0b8f756\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/67a53f21623e4047d28d7a6f98f539f1adc9d1d0\"\u003e\u003ccode\u003e67a53f2\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.2 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.2...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 2.2.0 to 2.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README links by \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: release notes for the v1.20.4 release by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/674\"\u003eexpressjs/body-parser#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update URL-encoded parser description to include ISO-8859-1 encoding support by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/679\"\u003eexpressjs/body-parser#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use standard jsdoc tags everywhere by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/677\"\u003eexpressjs/body-parser#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/689\"\u003eexpressjs/body-parser#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/693\"\u003eexpressjs/body-parser#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.2.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/691\"\u003eexpressjs/body-parser#691\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\"\u003ehttps://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-13466\"\u003eCVE-2025-13466\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/593\"\u003eexpressjs/body-parser#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/594\"\u003eexpressjs/body-parser#594\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: type-is@^2.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/599\"\u003eexpressjs/body-parser#599\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/609\"\u003eexpressjs/body-parser#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/610\"\u003eexpressjs/body-parser#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/611\"\u003eexpressjs/body-parser#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/613\"\u003eexpressjs/body-parser#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/612\"\u003eexpressjs/body-parser#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add codeql github workflows scanning by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/614\"\u003eexpressjs/body-parser#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update CodeQL config to ignore the test directory by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/615\"\u003eexpressjs/body-parser#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/620\"\u003eexpressjs/body-parser#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/619\"\u003eexpressjs/body-parser#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): unpin devDependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/616\"\u003eexpressjs/body-parser#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/621\"\u003eexpressjs/body-parser#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/623\"\u003eexpressjs/body-parser#623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/624\"\u003eexpressjs/body-parser#624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/617\"\u003eexpressjs/body-parser#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/625\"\u003eexpressjs/body-parser#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/630\"\u003eexpressjs/body-parser#630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: move common request validation to read function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/600\"\u003eexpressjs/body-parser#600\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump iconv-lite by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/631\"\u003eexpressjs/body-parser#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: pull beta changelog forward into 2.0.0 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/629\"\u003eexpressjs/body-parser#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: optimize raw and text parsers with shared passthrough function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/634\"\u003eexpressjs/body-parser#634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/640\"\u003eexpressjs/body-parser#640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/639\"\u003eexpressjs/body-parser#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/636\"\u003eexpressjs/body-parser#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/637\"\u003eexpressjs/body-parser#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/638\"\u003eexpressjs/body-parser#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: raw-body@^3.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/641\"\u003eexpressjs/body-parser#641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.2.2 / 2026-01-07\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@^6.14.1\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.1 / 2025-11-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.1\u003c/li\u003e\n\u003cli\u003eiconv-lite@^0.7.0\n\u003cul\u003e\n\u003cli\u003eHandle split surrogate pairs when encoding UTF-8\u003c/li\u003e\n\u003cli\u003eAvoid false positives in \u003ccode\u003eencodingExists\u003c/code\u003e by using prototype-less objects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eraw-body@^3.0.1\u003c/li\u003e\n\u003cli\u003edebug@^4.4.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/3d248660b2e8b66732b232d7c758517fbf2420a6\"\u003e\u003ccode\u003e3d24866\u003c/code\u003e\u003c/a\u003e 2.2.2 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/8474a984c3ba36a1b4328ce019833b99caa0f08f\"\u003e\u003ccode\u003e8474a98\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/693\"\u003e#693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/03f17c2538552a57e6be537afca8c7587bd40aaa\"\u003e\u003ccode\u003e03f17c2\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/689\"\u003e#689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ea1f25e503c1b2f7ba6f8562724ae0fcd247fb75\"\u003e\u003ccode\u003eea1f25e\u003c/code\u003e\u003c/a\u003e docs: use standard jsdoc tags everywhere (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d7deef8ec61307fa28c22bc443cf8ed2f267945a\"\u003e\u003ccode\u003ed7deef8\u003c/code\u003e\u003c/a\u003e docs: update URL-encoded parser description to include ISO-8859-1 encoding su...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b6f52aabc65137c5227c8a462bddb761daeb96e7\"\u003e\u003ccode\u003eb6f52aa\u003c/code\u003e\u003c/a\u003e docs: release notes for the v1.20.4 release (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2965ca4af4883109cb2f651f4ce12da310902a0c\"\u003e\u003ccode\u003e2965ca4\u003c/code\u003e\u003c/a\u003e docs: update links (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d96b63da8d7445de317736471633bac83ec76cbb\"\u003e\u003ccode\u003ed96b63d\u003c/code\u003e\u003c/a\u003e 2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/659\"\u003e#659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63\"\u003e\u003ccode\u003eb204886\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2025-13466\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/e20e3512e085c1162e8ffe36ac65c705a8017251\"\u003e\u003ccode\u003ee20e351\u003c/code\u003e\u003c/a\u003e feat: remove \u003ccode\u003ehistory.md\u003c/code\u003e from being packaged on publish (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.0...v2.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 4.0.2 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 4.0.2 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev4.0.3 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5\"\u003e\u003ccode\u003ef06f3e4\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75\"\u003e\u003ccode\u003e0179a48\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683\"\u003e\u003ccode\u003e4568cae\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a\"\u003e\u003ccode\u003e4de0ffa\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~explodingcabbage\"\u003eexplodingcabbage\u003c/a\u003e, a new releaser for diff since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.3 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.4...v4.0.5\"\u003ev4.0.5\u003c/a\u003e - 2025-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set Symbol.toStringTag in the proper place \u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/68ff7dda8834d6de095a7008cef0e03bc252ca98\"\u003e\u003ccode\u003e68ff7dd\u003c/code\u003e\u003c/a\u003e v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e [Fix] set Symbol.toStringTag in the proper place\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e [Tests] Switch to newer v8 prediction library; enable node 24 testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19...\n\n_Description has been truncated_\n\n---\n\n🔄 This PR updates 25 npm dependencies across the monorepo, including major version bumps for Next.js (15.3.3 → 15.5.14), glob (11.0.2 → 12.0.0), and AI SDK (5.0.28 → 5.0.52), along with security patches for lodash and validator.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Framework Updates**: Next.js updated from 15.3.3 to 15.5.14, bringing performance improvements and bug fixes including memory leak fixes and LRU cache enhancements\n- **Security Patches**: lodash updated from 4.17.21 to 4.17.23 with prototype pollution prevention, validator updated with CVE-2025-56200 fix for URL validation\n- **AI SDK Enhancement**: AI package updated from 5.0.28 to 5.0.52 with new features and bug fixes across multiple packages\n- **Build Tool Updates**: glob updated to v12.0.0 (major version) removing unsafe shell options, nanoid updated for improved security\n- **Dependency Consistency**: lodash version standardized across 15 different packages in the monorepo\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 25 Updates]\n    B --\u003e C[Security Updates]\n    B --\u003e D[Feature Updates]\n    B --\u003e E[Major Version Updates]\n    \n    C --\u003e F[lodash: Prototype Pollution Fix]\n    C --\u003e G[validator: URL Validation CVE Fix]\n    C --\u003e H[form-data: Crypto Random Boundaries]\n    \n    D --\u003e I[AI SDK: New Features]\n    D --\u003e J[Next.js: Performance Improvements]\n    \n    E --\u003e K[glob: v12 Breaking Changes]\n    E --\u003e L[Remove Unsafe Shell Options]\n    \n    F --\u003e M[Apply Across 15 Packages]\n    G --\u003e N[Enhanced Security Posture]\n    I --\u003e O[Improved AI Functionality]\n    J --\u003e P[Better App Performance]\n```\n\n### Impact\n- **Security Enhancement**: Multiple CVE fixes including prototype pollution prevention in lodash and URL validation improvements in validator\n- **Performance Improvements**: Next.js updates include memory leak fixes, LRU cache optimizations, and Turbopack enhancements for faster builds\n- **Breaking Changes**: glob v12 removes unsafe shell execution options, requiring review of any CLI usage patterns\n- **Consistency**: Standardized lodash version across all packages ensures uniform behavior and security posture\n- **AI Capabilities**: Updated AI SDK brings latest features and bug fixes for enhanced AI functionality\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/plate/pull/16","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Fplate/issues/16","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/16/packages"},{"uuid":"4077354341","node_id":"PR_kwDOP9kpyc7KrPaN","number":15,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 25 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-15T02:03:23.000Z","updated_at":"2026-03-15T02:06:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":25,"packages":[{"name":"ai","old_version":"5.0.28","new_version":"5.0.52","repository_url":"https://github.com/vercel/ai"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"next","old_version":"15.3.3","new_version":"15.5.10","repository_url":"https://github.com/vercel/next.js"},{"name":"glob","old_version":"11.0.2","new_version":"12.0.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"validator","old_version":"13.15.15","new_version":"13.15.22","repository_url":"https://github.com/validatorjs/validator.js"},{"name":"@modelcontextprotocol/sdk","old_version":"1.12.1","new_version":"1.27.1","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.2.0","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"bn.js","old_version":"4.12.2","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.1","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"4.0.3","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"mdast-util-to-hast","old_version":"13.2.0","new_version":"13.2.1","repository_url":"https://github.com/syntax-tree/mdast-util-to-hast"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"qs","old_version":"6.14.0","new_version":"6.15.0","repository_url":"https://github.com/ljharb/qs"},{"name":"rollup","old_version":"4.43.0","new_version":"4.59.0","repository_url":"https://github.com/rollup/rollup"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"3.0.9","new_version":"3.1.2","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"undici","old_version":"7.10.0","new_version":"7.24.3","repository_url":"https://github.com/nodejs/undici"},{"name":"zx","old_version":"7.2.3","new_version":"7.2.4","repository_url":"https://github.com/google/zx"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 23 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ai](https://github.com/vercel/ai) | `5.0.28` | `5.0.52` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [next](https://github.com/vercel/next.js) | `15.3.3` | `15.5.10` |\n| [glob](https://github.com/isaacs/node-glob) | `11.0.2` | `12.0.0` |\n| [validator](https://github.com/validatorjs/validator.js) | `13.15.15` | `13.15.22` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.12.1` | `1.27.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.2.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.2` | `4.12.3` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.1` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.3` | `4.0.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) | `13.2.0` | `13.2.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n| [rollup](https://github.com/rollup/rollup) | `4.43.0` | `4.59.0` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `3.0.9` | `3.1.2` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.11` |\n| [undici](https://github.com/nodejs/undici) | `7.10.0` | `7.24.3` |\n| [zx](https://github.com/google/zx) | `7.2.3` | `7.2.4` |\n\n\nUpdates `ai` from 5.0.28 to 5.0.52\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63d5f669098343a49173d788fe1490127e882bd1\"\u003e\u003ccode\u003e63d5f66\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8895\"\u003e#8895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/930399bb9839a8baf3d349614106d78268775eed\"\u003e\u003ccode\u003e930399b\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): download files when intermediate file cannot be downloaded...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7ca78f19a51859de09171daa3b0cefcc9df90a16\"\u003e\u003ccode\u003e7ca78f1\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/gateway): Add new Qwen models to Gateway model string...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1cfc209a5f9f281565538f2880f9c6278ca6bf04\"\u003e\u003ccode\u003e1cfc209\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): \u003ccode\u003eOpenAILanguageModelOptions\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8858\"\u003e#8858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/347b7ecce9953ae427e7fcf5b0441a63a3d44431\"\u003e\u003ccode\u003e347b7ec\u003c/code\u003e\u003c/a\u003e ci: rename \u003ccode\u003ev5.0\u003c/code\u003e branch to \u003ccode\u003erelease-v*\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/85909a9f6448c7e6eb52d780abcca4f96679e719\"\u003e\u003ccode\u003e85909a9\u003c/code\u003e\u003c/a\u003e Backport: chore(ai): update test message (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8875\"\u003e#8875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c56822dd81d5d70bcd5ef230a875f96a224849a4\"\u003e\u003ccode\u003ec56822d\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the `UIMessageChu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1461adf5841cc3f164482fdff72b66b4b22bf866\"\u003e\u003ccode\u003e1461adf\u003c/code\u003e\u003c/a\u003e Backport: chore(examples): remove redundant OpenAI reasoning examples (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8871\"\u003e#8871\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6bd07df02d9f954b389e44da128fc6d1358462d9\"\u003e\u003ccode\u003e6bd07df\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8853\"\u003e#8853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a45d61aa32f2f319254c5e660731085bcd30f273\"\u003e\u003ccode\u003ea45d61a\u003c/code\u003e\u003c/a\u003e ci(release): remove incorrect changeset bump for \u003ccode\u003e@ai-sdk/baseten\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/compare/ai@5.0.28...ai@5.0.52\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 15.3.3 to 15.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.10\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472\"\u003ehttps://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23864\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23864\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.4.11\u003c/h2\u003e\n\u003cp\u003ePlease see this \u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23864\"\u003echangelog\u003c/a\u003e for more information about this security patch.\u003c/p\u003e\n\u003ch2\u003ev15.3.9\u003c/h2\u003e\n\u003cp\u003ePlease see this \u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23864\"\u003echangelog\u003c/a\u003e for more information about this security patch.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/60a2aa97b6692d3a56e483f0ff93febaf6f33fd6\"\u003e\u003ccode\u003e60a2aa9\u003c/code\u003e\u003c/a\u003e v15.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/e5b834d208fe0edf64aa26b5d76dcf6a176500ec\"\u003e\u003ccode\u003ee5b834d\u003c/code\u003e\u003c/a\u003e fetch(next/image): reduce maximumResponseBody from 300MB to 50MB (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/88588\"\u003e#88588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/39a2f6a8d13dfa50cee843f93241c8c1dbaf801e\"\u003e\u003ccode\u003e39a2f6a\u003c/code\u003e\u003c/a\u003e feat(next/image)!: add \u003ccode\u003eimages.maximumResponseBody\u003c/code\u003e config (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/88183\"\u003e#88183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/bf9f0843edab3a7cf9d4c85b315bc33c87b282ce\"\u003e\u003ccode\u003ebf9f084\u003c/code\u003e\u003c/a\u003e Sync DoS mitigations for React Flight\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c5de33e93ccccaf3bee60cf50603e2152f9886e1\"\u003e\u003ccode\u003ec5de33e\u003c/code\u003e\u003c/a\u003e v15.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/dd233994aeb24e906cdb9aedca5447cdef401792\"\u003e\u003ccode\u003edd23399\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/facebook/react/issues/35351\"\u003efacebook/react#35351\u003c/a\u003e for 15.5.8 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/87086\"\u003e#87086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7526cd6f24300726964eaba78927fe2a9c3fed5e\"\u003e\u003ccode\u003e7526cd6\u003c/code\u003e\u003c/a\u003e v15.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/1e9ec4133af3657964833bfcc9abb0ee73fb19f0\"\u003e\u003ccode\u003e1e9ec41\u003c/code\u003e\u003c/a\u003e Update React Version (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/41\"\u003e#41\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/16141e5df9ce51136ba42988b574981f89d01081\"\u003e\u003ccode\u003e16141e5\u003c/code\u003e\u003c/a\u003e Update React Version (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/30\"\u003e#30\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/e01e589e181d66d48c57698238b8b7f59218dfef\"\u003e\u003ccode\u003ee01e589\u003c/code\u003e\u003c/a\u003e Backport Next.js changes to v15.5.8 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/23\"\u003e#23\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v15.3.3...v15.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.2 to 12.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2b03ccaf9fc397b6054d639cd5fbe97104d36221\"\u003e\u003ccode\u003e2b03cca\u003c/code\u003e\u003c/a\u003e 12.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d56203dc19a4af5c8f8177a3b67e63a14a246458\"\u003e\u003ccode\u003ed56203d\u003c/code\u003e\u003c/a\u003e prettier config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bb521e5d188a8cbbe86d5cef3bf57a49fdee7c59\"\u003e\u003ccode\u003ebb521e5\u003c/code\u003e\u003c/a\u003e Remove --shell option where unsafe to use\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2551fb51440d402fa2120457bf460e546ee9964d\"\u003e\u003ccode\u003e2551fb5\u003c/code\u003e\u003c/a\u003e 11.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146\"\u003e\u003ccode\u003e47473c0\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bc33fe1c6a47abd497703d79ad96036e7891ff62\"\u003e\u003ccode\u003ebc33fe1\u003c/code\u003e\u003c/a\u003e skip tilde test on systems that lack tilde expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/59bf9ca211bda5636c4fe9e32d41530c90a4f30d\"\u003e\u003ccode\u003e59bf9ca\u003c/code\u003e\u003c/a\u003e fix notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/dde4fa66c87e24b37bb5be28ed10c6e12019edac\"\u003e\u003ccode\u003edde4fa6\u003c/code\u003e\u003c/a\u003e docs(README): add #anchor and improve \u003ccode\u003enote\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/0559b0ed13c0f8147cd2ac9d48bb49684caaf20e\"\u003e\u003ccode\u003e0559b0e\u003c/code\u003e\u003c/a\u003e docs: add better links to path-scurry docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c9773c249b4b9ed6b2447222c226f9d20c6ce916\"\u003e\u003ccode\u003ec9773c2\u003c/code\u003e\u003c/a\u003e fix: correct typos in \u003ccode\u003eREADME.md\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v11.0.2...v12.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `validator` from 13.15.15 to 13.15.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/releases\"\u003evalidator's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e13.15.22\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003evalidatorjs/validator.js#2622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e-- made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003evalidatorjs/validator.js#2616\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e13.15.20\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003evalidatorjs/validator.js#2563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003evalidatorjs/validator.js#2556\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003evalidatorjs/validator.js#2576\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003evalidatorjs/validator.js#2574\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003evalidatorjs/validator.js#2584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003evalidatorjs/validator.js#2581\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003evalidatorjs/validator.js#2608\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md\"\u003evalidator's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e13.15.22\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e13.15.20\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2b5c17dbe03f2ca9ad9122c597f81e86ce1a9a1\"\u003e\u003ccode\u003ef2b5c17\u003c/code\u003e\u003c/a\u003e maintenance: 2511 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2627\"\u003e#2627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/d457ecaf55b0f3d8bd379d82757425d0d13dd382\"\u003e\u003ccode\u003ed457eca\u003c/code\u003e\u003c/a\u003e fix(isLength): correctly handle Unicode variation selectors (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2616\"\u003e#2616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2e3633f22fd3016656789d100bc451d857e7488\"\u003e\u003ccode\u003ef2e3633\u003c/code\u003e\u003c/a\u003e docs: add install instructions to contibution guide (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2621\"\u003e#2621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cf401458b8733d981a3724d634c795a9d612b516\"\u003e\u003ccode\u003ecf40145\u003c/code\u003e\u003c/a\u003e fix: URL validation for hostnames with ports (no protocol) (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2622\"\u003e#2622\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/4af61243ba0ae93f29e7689040e188b5849ff1b0\"\u003e\u003ccode\u003e4af6124\u003c/code\u003e\u003c/a\u003e maintenance: 2510 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2585\"\u003e#2585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/30d4fe02c16d36ed471f12da658c4b5d843781e0\"\u003e\u003ccode\u003e30d4fe0\u003c/code\u003e\u003c/a\u003e 13.15.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cbef5088f02d36caf978f378bb845fe49bdc0809\"\u003e\u003ccode\u003ecbef508\u003c/code\u003e\u003c/a\u003e fix(isURL): improve protocol detection. Resolves CVE-2025-56200 (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2608\"\u003e#2608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/6f436be36945e460ee624bf72a935a06daded859\"\u003e\u003ccode\u003e6f436be\u003c/code\u003e\u003c/a\u003e Fix typo in validators.test.js (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2581\"\u003e#2581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/3c857088d58197453957a2b924dfedea328003b6\"\u003e\u003ccode\u003e3c85708\u003c/code\u003e\u003c/a\u003e Fix: correct French VAT (FR) validation regex and add tests (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2584\"\u003e#2584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/eee525cd117d24ac905b9432f3f5a27e96aa9719\"\u003e\u003ccode\u003eeee525c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2491\"\u003e#2491\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2573\"\u003e#2573\u003c/a\u003e Simplify isBase64 to prevent stack overflow (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2574\"\u003e#2574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~wikirik\"\u003ewikirik\u003c/a\u003e, a new releaser for validator since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.12.1 to 1.27.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e\u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.27.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: implement auth/pre-registration conformance scenario by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1545\"\u003emodelcontextprotocol/typescript-sdk#1545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add governance documentation for SEP-1730 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1547\"\u003emodelcontextprotocol/typescript-sdk#1547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: comprehensive feature documentation for SEP-1730 Tier 1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1548\"\u003emodelcontextprotocol/typescript-sdk#1548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent command injection in example URL opening (v1.x backport) by \u003ca href=\"https://github.com/maxisbey\"\u003e\u003ccode\u003e@​maxisbey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1579\"\u003emodelcontextprotocol/typescript-sdk#1579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: call onerror for silently swallowed transport errors by \u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.27.1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1581\"\u003emodelcontextprotocol/typescript-sdk#1581\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add conformance test infrastructure for v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1518\"\u003emodelcontextprotocol/typescript-sdk#1518\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: backport discoverOAuthServerInfo() and discovery caching to v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1533\"\u003emodelcontextprotocol/typescript-sdk#1533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add url property to RequestInfo interface by \u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] feat(tasks): add streaming methods for elicitation and sampling by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1528\"\u003emodelcontextprotocol/typescript-sdk#1528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version for v1.27.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1541\"\u003emodelcontextprotocol/typescript-sdk#1541\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.26.0\u003c/h2\u003e\n\u003cp\u003eAddresses \u0026quot;Sharing server/transport instances can leak cross-client response data\u0026quot; in this GHSA \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump v1.25.3 for backport fixes by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1412\"\u003emodelcontextprotocol/typescript-sdk#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by \u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) by \u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.26.0 by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1479\"\u003emodelcontextprotocol/typescript-sdk#1479\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v1.x backport] Use correct schema for client sampling validation when tools are present by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1407\"\u003emodelcontextprotocol/typescript-sdk#1407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent Hono from overriding global Response object (v1.x) by \u003ca href=\"https://github.com/mattzcarey\"\u003e\u003ccode\u003e@​mattzcarey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1411\"\u003emodelcontextprotocol/typescript-sdk#1411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4faa8c899c069a98f8a0c3f804ec1a50dc2bae64\"\u003e\u003ccode\u003e4faa8c8\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.27.1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1581\"\u003e#1581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/09a85a80439f0ca9e5556ac20bdec41461e35234\"\u003e\u003ccode\u003e09a85a8\u003c/code\u003e\u003c/a\u003e fix: call onerror for silently swallowed transport errors (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1580\"\u003e#1580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/e79d14ab6d8fbcb49543cab3917a60a89d0a6df9\"\u003e\u003ccode\u003ee79d14a\u003c/code\u003e\u003c/a\u003e fix: prevent command injection in example URL opening (v1.x backport) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1579\"\u003e#1579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/342ea394ca6e660e294162efdeafc411284bcc0d\"\u003e\u003ccode\u003e342ea39\u003c/code\u003e\u003c/a\u003e docs: comprehensive feature documentation for SEP-1730 Tier 1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1548\"\u003e#1548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/2084a22074d4c8fd54ddc8637783fb10c13edf90\"\u003e\u003ccode\u003e2084a22\u003c/code\u003e\u003c/a\u003e docs: add governance documentation for SEP-1730 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1547\"\u003e#1547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/f2d21458ccccd7cfaa1a2a171a262961591d4d0b\"\u003e\u003ccode\u003ef2d2145\u003c/code\u003e\u003c/a\u003e feat: implement auth/pre-registration conformance scenario (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1545\"\u003e#1545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/8cbc65848388cb0364122f5760cb6b01ff8a3654\"\u003e\u003ccode\u003e8cbc658\u003c/code\u003e\u003c/a\u003e chore: bump version for v1.27.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1541\"\u003e#1541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/5c16ae3339bfa1dd71b0dee1a534e1b6d8be658e\"\u003e\u003ccode\u003e5c16ae3\u003c/code\u003e\u003c/a\u003e [v1.x] feat(tasks): add streaming methods for elicitation and sampling (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1528\"\u003e#1528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/97ab379e4572ac8e38ff8b99891f29a69cfbb5bb\"\u003e\u003ccode\u003e97ab379\u003c/code\u003e\u003c/a\u003e feat: add url property to RequestInfo interface (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/825e9ab80332e7fac19d221f6aae352dc73172fe\"\u003e\u003ccode\u003e825e9ab\u003c/code\u003e\u003c/a\u003e feat: backport discoverOAuthServerInfo() and discovery caching to v1.x (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1533\"\u003e#1533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.12.1...v1.27.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~pcarleton\"\u003epcarleton\u003c/a\u003e, a new releaser for \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5d41e45073ed1a8a3b5e5a1bbfcd131e61295bf8\"\u003e\u003ccode\u003e5d41e45\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/49c2e73ed1cae4962ae38b33ab93a3548c2f5622\"\u003e\u003ccode\u003e49c2e73\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/2a2a0e6514357b9eda07c2f8afbd3f04727a7cd9\"\u003e\u003ccode\u003e2a2a0e6\u003c/code\u003e\u003c/a\u003e Skip invalid filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/65c90d949c0f8a9709759dff9e76bbe07061812b\"\u003e\u003ccode\u003e65c90d9\u003c/code\u003e\u003c/a\u003e Fix permissions for workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/593cb7831bec60d5590acc3eeb2e553f4a431167\"\u003e\u003ccode\u003e593cb78\u003c/code\u003e\u003c/a\u003e Set permissions for workflow jobs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/36adf110beabc9acdcad122149a2ea795a2b1a6c\"\u003e\u003ccode\u003e36adf11\u003c/code\u003e\u003c/a\u003e Remove deprecated CodeQL check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9da4af0e1f82fe372bedc1b7820f55c6eaf012e5\"\u003e\u003ccode\u003e9da4af0\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/699303975bea182b966f9f34a1ecbbebe92afcef\"\u003e\u003ccode\u003e6993039\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0b8f7560e11af817d70ff17f986b334ba2e99b81\"\u003e\u003ccode\u003e0b8f756\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/67a53f21623e4047d28d7a6f98f539f1adc9d1d0\"\u003e\u003ccode\u003e67a53f2\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.2 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.2...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 2.2.0 to 2.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README links by \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: release notes for the v1.20.4 release by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/674\"\u003eexpressjs/body-parser#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update URL-encoded parser description to include ISO-8859-1 encoding support by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/679\"\u003eexpressjs/body-parser#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use standard jsdoc tags everywhere by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/677\"\u003eexpressjs/body-parser#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/689\"\u003eexpressjs/body-parser#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/693\"\u003eexpressjs/body-parser#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.2.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/691\"\u003eexpressjs/body-parser#691\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\"\u003ehttps://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-13466\"\u003eCVE-2025-13466\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/593\"\u003eexpressjs/body-parser#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/594\"\u003eexpressjs/body-parser#594\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: type-is@^2.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/599\"\u003eexpressjs/body-parser#599\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/609\"\u003eexpressjs/body-parser#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/610\"\u003eexpressjs/body-parser#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/611\"\u003eexpressjs/body-parser#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/613\"\u003eexpressjs/body-parser#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/612\"\u003eexpressjs/body-parser#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add codeql github workflows scanning by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/614\"\u003eexpressjs/body-parser#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update CodeQL config to ignore the test directory by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/615\"\u003eexpressjs/body-parser#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/620\"\u003eexpressjs/body-parser#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/619\"\u003eexpressjs/body-parser#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): unpin devDependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/616\"\u003eexpressjs/body-parser#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/621\"\u003eexpressjs/body-parser#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/623\"\u003eexpressjs/body-parser#623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/624\"\u003eexpressjs/body-parser#624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/617\"\u003eexpressjs/body-parser#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/625\"\u003eexpressjs/body-parser#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/630\"\u003eexpressjs/body-parser#630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: move common request validation to read function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/600\"\u003eexpressjs/body-parser#600\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump iconv-lite by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/631\"\u003eexpressjs/body-parser#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: pull beta changelog forward into 2.0.0 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/629\"\u003eexpressjs/body-parser#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: optimize raw and text parsers with shared passthrough function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/634\"\u003eexpressjs/body-parser#634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/640\"\u003eexpressjs/body-parser#640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/639\"\u003eexpressjs/body-parser#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/636\"\u003eexpressjs/body-parser#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/637\"\u003eexpressjs/body-parser#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/638\"\u003eexpressjs/body-parser#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: raw-body@^3.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/641\"\u003eexpressjs/body-parser#641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.2.2 / 2026-01-07\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@^6.14.1\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.1 / 2025-11-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.1\u003c/li\u003e\n\u003cli\u003eiconv-lite@^0.7.0\n\u003cul\u003e\n\u003cli\u003eHandle split surrogate pairs when encoding UTF-8\u003c/li\u003e\n\u003cli\u003eAvoid false positives in \u003ccode\u003eencodingExists\u003c/code\u003e by using prototype-less objects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eraw-body@^3.0.1\u003c/li\u003e\n\u003cli\u003edebug@^4.4.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/3d248660b2e8b66732b232d7c758517fbf2420a6\"\u003e\u003ccode\u003e3d24866\u003c/code\u003e\u003c/a\u003e 2.2.2 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/8474a984c3ba36a1b4328ce019833b99caa0f08f\"\u003e\u003ccode\u003e8474a98\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/693\"\u003e#693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/03f17c2538552a57e6be537afca8c7587bd40aaa\"\u003e\u003ccode\u003e03f17c2\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/689\"\u003e#689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ea1f25e503c1b2f7ba6f8562724ae0fcd247fb75\"\u003e\u003ccode\u003eea1f25e\u003c/code\u003e\u003c/a\u003e docs: use standard jsdoc tags everywhere (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d7deef8ec61307fa28c22bc443cf8ed2f267945a\"\u003e\u003ccode\u003ed7deef8\u003c/code\u003e\u003c/a\u003e docs: update URL-encoded parser description to include ISO-8859-1 encoding su...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b6f52aabc65137c5227c8a462bddb761daeb96e7\"\u003e\u003ccode\u003eb6f52aa\u003c/code\u003e\u003c/a\u003e docs: release notes for the v1.20.4 release (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2965ca4af4883109cb2f651f4ce12da310902a0c\"\u003e\u003ccode\u003e2965ca4\u003c/code\u003e\u003c/a\u003e docs: update links (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d96b63da8d7445de317736471633bac83ec76cbb\"\u003e\u003ccode\u003ed96b63d\u003c/code\u003e\u003c/a\u003e 2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/659\"\u003e#659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63\"\u003e\u003ccode\u003eb204886\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2025-13466\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/e20e3512e085c1162e8ffe36ac65c705a8017251\"\u003e\u003ccode\u003ee20e351\u003c/code\u003e\u003c/a\u003e feat: remove \u003ccode\u003ehistory.md\u003c/code\u003e from being packaged on publish (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.0...v2.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 4.0.2 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 4.0.2 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev4.0.3 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5\"\u003e\u003ccode\u003ef06f3e4\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75\"\u003e\u003ccode\u003e0179a48\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683\"\u003e\u003ccode\u003e4568cae\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a\"\u003e\u003ccode\u003e4de0ffa\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~explodingcabbage\"\u003eexplodingcabbage\u003c/a\u003e, a new releaser for diff since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/d3418c718160eae69dbc0405dce75f7849019e1e\"\u003e\u003ccode\u003ed3418c7\u003c/code\u003e\u003c/a\u003e 3.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606\"\u003e\u003ccode\u003e7eb65d8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/88\"\u003e#88\u003c/a\u003e from WebReflection/avoid-recusrion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/7774aae45d3775c842abe9d071fd009171a5fc0c\"\u003e\u003ccode\u003e7774aae\u003c/code\u003e\u003c/a\u003e Avoid recursion on parse due possible shenanigans\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.3 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.4...v4.0.5\"\u003ev4.0.5\u003c/a\u003e - 2025-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set Symbol.toStringTag in the proper place \u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/68ff7dda8834d6de095a7008cef0e03bc252ca98\"\u003e\u003ccode\u003e68ff7dd\u003c/code\u003e\u003c/a\u003e v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e [Fix] set Symbol.toStringTag in the proper place\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e [Tests] Switch to newer v8 prediction library; enable node 24 testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e [Tests] fix linting errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `immutable` from 5.1.2 to 4.3.8\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md\"\u003eimmutable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e,\nand this project adheres to \u003ca href=\"https://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\nDates are formatted as YYYY-MM-DD.\u003c/p\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003ch2\u003e5.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate some files to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2125\"\u003eimmutable-js/immutable-js#2125\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIterator.ts\u003c/li\u003e\n\u003cli\u003ePairSorting.ts\u003c/li\u003e\n\u003cli\u003etoJS.ts\u003c/li\u003e\n\u003cli\u003eMath.ts\u003c/li\u003e\n\u003cli\u003eHash.ts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eExtract CollectionHelperMethods and convert to TS by \u003ca href=\"https://github....\n\n_Description has been truncated_\n\n---\n\n🔄 This PR is an automated dependency update that bumps 25 npm packages across the monorepo, including major updates to Next.js (15.3.3 → 15.5.10), AI SDK (5.0.28 → 5.0.52), and lodash (4.17.21 → 4.17.23), along with numerous security patches and bug fixes.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Framework Updates**: Next.js updated from 15.3.3 to 15.5.10, bringing security fixes for CVE-2025-59471, CVE-2025-59472, and CVE-2026-23864\n- **AI SDK Enhancement**: Vercel AI SDK updated from 5.0.28 to 5.0.52 with new features and bug fixes across multiple packages\n- **Security Patches**: Multiple packages received security updates including lodash (prototype pollution fix), validator (CVE-2025-56200), and basic-ftp (CVE-2026-27699)\n- **Utility Libraries**: Updates to glob (11.0.2 → 12.0.0), nanoid (5.1.5 → 5.1.6), and various other utility packages\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 25 Outdated Packages]\n    B --\u003e C[Security Vulnerabilities Found]\n    B --\u003e D[Feature Updates Available]\n    C --\u003e E[Apply Security Patches]\n    D --\u003e F[Update Framework Versions]\n    E --\u003e G[Update package.json Files]\n    F --\u003e G\n    G --\u003e H[Maintain Compatibility]\n    H --\u003e I[Generate PR with Changes]\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple CVEs including prototype pollution, URL validation issues, and file path traversal vulnerabilities\n- **Framework Improvements**: Next.js updates include image optimization improvements and React Flight DoS mitigations\n- **Developer Experience**: Updated AI SDK provides better tooling and bug fixes for AI-powered features\n- **Maintenance**: Keeps dependencies current while maintaining backward compatibility across the monorepo\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/plate/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Fplate/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"},{"uuid":"4074837818","node_id":"PR_kwDOPocb8s7Kjgj5","number":14,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 3 directories with 9 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-14T10:15:17.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-14T06:17:18.000Z","updated_at":"2026-03-14T10:15:18.000Z","time_to_close":14279,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":9,"packages":[{"name":"rollup","old_version":"4.49.0","new_version":"4.59.0","repository_url":"https://github.com/rollup/rollup"},{"name":"vite","old_version":"6.3.5","new_version":"8.0.0","repository_url":"https://github.com/vitejs/vite"},{"name":"zx","old_version":"8.8.1","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"playwright","old_version":"1.55.0","new_version":"1.55.1","repository_url":"https://github.com/microsoft/playwright"},{"name":"happy-dom","old_version":"18.0.1","new_version":"20.8.4","repository_url":"https://github.com/capricorn86/happy-dom"},{"name":"fastify","old_version":"5.5.0","new_version":"5.8.1","repository_url":"https://github.com/fastify/fastify"},{"name":"axios","old_version":"1.11.0","new_version":"1.13.5","repository_url":"https://github.com/axios/axios"},{"name":"immutable","old_version":"5.1.3","new_version":"5.1.5","repository_url":"https://github.com/immutable-js/immutable-js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [rollup](https://github.com/rollup/rollup) | `4.49.0` | `4.59.0` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.3.5` | `8.0.0` |\n| [zx](https://github.com/google/zx) | `8.8.1` | `8.8.5` |\n| [playwright](https://github.com/microsoft/playwright) | `1.55.0` | `1.55.1` |\n| [happy-dom](https://github.com/capricorn86/happy-dom) | `18.0.1` | `20.8.4` |\n| [fastify](https://github.com/fastify/fastify) | `5.5.0` | `5.8.1` |\n| [axios](https://github.com/axios/axios) | `1.11.0` | `1.13.5` |\n| [immutable](https://github.com/immutable-js/immutable-js) | `5.1.3` | `5.1.5` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/vitest directory: [happy-dom](https://github.com/capricorn86/happy-dom).\nBumps the npm_and_yarn group with 2 updates in the /test/core directory: [axios](https://github.com/axios/axios) and [immutable](https://github.com/immutable-js/immutable-js).\n\nUpdates `rollup` from 4.49.0 to 4.59.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/releases\"\u003erollup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.59.0\u003c/h2\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6276\"\u003e#6276\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6275\"\u003e#6275\u003c/a\u003e: Validate bundle stays within output dir (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.58.0\u003c/h2\u003e\n\u003ch2\u003e4.58.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-20\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlso support \u003ccode\u003e__NO_SIDE_EFFECTS__\u003c/code\u003e annotation before variable declarations declaring function expressions (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6272\"\u003e#6272\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6256\"\u003e#6256\u003c/a\u003e: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (\u003ca href=\"https://github.com/njg7194\"\u003e\u003ccode\u003e@​njg7194\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6259\"\u003e#6259\u003c/a\u003e: docs: Correct typo and improve sentence structure in docs for \u003ccode\u003eoutput.experimentalMinChunkSize\u003c/code\u003e (\u003ca href=\"https://github.com/millerick\"\u003e\u003ccode\u003e@​millerick\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6260\"\u003e#6260\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v47 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6261\"\u003e#6261\u003c/a\u003e: fix(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6262\"\u003e#6262\u003c/a\u003e: Avoid unnecessary cloning of the code string (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6263\"\u003e#6263\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6265\"\u003e#6265\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6267\"\u003e#6267\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6268\"\u003e#6268\u003c/a\u003e: chore(deps): update dependency eslint-plugin-unicorn to v63 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6269\"\u003e#6269\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6270\"\u003e#6270\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6272\"\u003e#6272\u003c/a\u003e: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.57.1\u003c/h2\u003e\n\u003ch2\u003e4.57.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-01-30\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix heap corruption issue in Windows (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6251\"\u003e#6251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure exports of a dynamic import are fully included when called from a try...catch (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6254\"\u003e#6254\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6251\"\u003e#6251\u003c/a\u003e: fix: Isolate and cache \u003ccode\u003eprocess.report.getReport()\u003c/code\u003e calls in a child process for robust environment detection (\u003ca href=\"https://github.com/alan-agius4\"\u003e\u003ccode\u003e@​alan-agius4\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/blob/master/CHANGELOG.md\"\u003erollup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6276\"\u003e#6276\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6275\"\u003e#6275\u003c/a\u003e: Validate bundle stays within output dir (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.58.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-20\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlso support \u003ccode\u003e__NO_SIDE_EFFECTS__\u003c/code\u003e annotation before variable declarations declaring function expressions (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6272\"\u003e#6272\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6256\"\u003e#6256\u003c/a\u003e: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (\u003ca href=\"https://github.com/njg7194\"\u003e\u003ccode\u003e@​njg7194\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6259\"\u003e#6259\u003c/a\u003e: docs: Correct typo and improve sentence structure in docs for \u003ccode\u003eoutput.experimentalMinChunkSize\u003c/code\u003e (\u003ca href=\"https://github.com/millerick\"\u003e\u003ccode\u003e@​millerick\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6260\"\u003e#6260\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v47 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6261\"\u003e#6261\u003c/a\u003e: fix(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6262\"\u003e#6262\u003c/a\u003e: Avoid unnecessary cloning of the code string (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6263\"\u003e#6263\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6265\"\u003e#6265\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6267\"\u003e#6267\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6268\"\u003e#6268\u003c/a\u003e: chore(deps): update dependency eslint-plugin-unicorn to v63 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6269\"\u003e#6269\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6270\"\u003e#6270\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6272\"\u003e#6272\u003c/a\u003e: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.57.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-01-30\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix heap corruption issue in Windows (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6251\"\u003e#6251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure exports of a dynamic import are fully included when called from a try...catch (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6254\"\u003e#6254\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6251\"\u003e#6251\u003c/a\u003e: fix: Isolate and cache \u003ccode\u003eprocess.report.getReport()\u003c/code\u003e calls in a child process for robust environment detection (\u003ca href=\"https://github.com/alan-agius4\"\u003e\u003ccode\u003e@​alan-agius4\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6252\"\u003e#6252\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6253\"\u003e#6253\u003c/a\u003e: chore(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6254\"\u003e#6254\u003c/a\u003e: Fully include dynamic imports in a try-catch (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/ae846957f109690a866cc3e4c073613c338d3476\"\u003e\u003ccode\u003eae84695\u003c/code\u003e\u003c/a\u003e 4.59.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/b39616e9175b3d9fc3977c99153174c490805a93\"\u003e\u003ccode\u003eb39616e\u003c/code\u003e\u003c/a\u003e Update audit-resolve\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/c60770d7aaf750e512c1b2774989ea4596e660b2\"\u003e\u003ccode\u003ec60770d\u003c/code\u003e\u003c/a\u003e Validate bundle stays within output dir (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6275\"\u003e#6275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/33f39c1f205ea2eadaf4b589e493453e2baa3662\"\u003e\u003ccode\u003e33f39c1\u003c/code\u003e\u003c/a\u003e 4.58.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/b61c40803b717854c1c28937e8098e5ad3c7b8ca\"\u003e\u003ccode\u003eb61c408\u003c/code\u003e\u003c/a\u003e forward NO_SIDE_EFFECTS annotations to function expressions in variable decla...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/7f00689ec90e2cafb11c26eefbcac62343c936f6\"\u003e\u003ccode\u003e7f00689\u003c/code\u003e\u003c/a\u003e Extend agent instructions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/e7b2b85af0901244ecc141b9d792c6db6b527ea4\"\u003e\u003ccode\u003ee7b2b85\u003c/code\u003e\u003c/a\u003e chore(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6270\"\u003e#6270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/2aa5da9baf82211b8207d268c8751630cb766970\"\u003e\u003ccode\u003e2aa5da9\u003c/code\u003e\u003c/a\u003e fix(deps): update minor/patch updates (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6267\"\u003e#6267\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/4319837c5448d0c10d89e9ded118888deec2eeec\"\u003e\u003ccode\u003e4319837\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6269\"\u003e#6269\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/c3b6b4bdc4f2ed978fa233132a526957e6513233\"\u003e\u003ccode\u003ec3b6b4b\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency eslint-plugin-unicorn to v63 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6268\"\u003e#6268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rollup/rollup/compare/v4.49.0...v4.59.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for rollup since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 6.3.5 to 8.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ecreate-vite@8.0.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/create-vite@8.0.0/packages/create-vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eplugin-legacy@8.0.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/plugin-legacy@8.0.0/packages/plugin-legacy/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.18\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.18/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.17\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.17/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.16\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.16/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.15\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.15/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.14\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.14/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.13\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.13/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.12\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.12/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.11\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.11/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.10\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.10/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.9\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.9/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.8\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.8/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.7/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.6\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.6/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.5\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.5/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v8.0.0-beta.18...v8.0.0\"\u003e8.0.0\u003c/a\u003e (2026-03-12)\u003c/h2\u003e\n\u003cp\u003e\u003cimg src=\"https://github.com/vitejs/vite/blob/main/docs/public/og-image-announcing-vite8.webp\" alt=\"Vite 8 is here!\" /\u003e\u003c/p\u003e\n\u003cp\u003eToday, we're thrilled to announce the release of the next Vite major:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://vite.dev/blog/announcing-vite8.html\"\u003eVite 8.0 announcement blog post\u003c/a\u003e\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://vite.dev/\"\u003eDocs\u003c/a\u003e (translations: \u003ca href=\"https://cn.vite.dev/\"\u003e简体中文\u003c/a\u003e, \u003ca href=\"https://ja.vite.dev/\"\u003e日本語\u003c/a\u003e, \u003ca href=\"https://es.vite.dev/\"\u003eEspañol\u003c/a\u003e, \u003ca href=\"https://pt.vite.dev/\"\u003ePortuguês\u003c/a\u003e, \u003ca href=\"https://ko.vite.dev/\"\u003e한국어\u003c/a\u003e, \u003ca href=\"https://de.vite.dev/\"\u003eDeutsch\u003c/a\u003e, \u003ca href=\"https://fa.vite.dev/\"\u003eفارسی\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://vite.dev/guide/migration.html\"\u003eMigration Guide\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove \u003ccode\u003eimport.meta.hot.accept\u003c/code\u003e resolution fallback (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21382\"\u003e#21382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate default browser target (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21193\"\u003e#21193\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ethe epic \u003ccode\u003erolldown-vite\u003c/code\u003e merge (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21189\"\u003e#21189\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-rc.9 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21813\"\u003e#21813\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f05be0eabf5c045b8892d463081da3c8fbf5a5ae\"\u003ef05be0e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ewarn when \u003ccode\u003evite-tsconfig-paths\u003c/code\u003e plugin is detected (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21781\"\u003e#21781\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ada493e4214ef2028b96583550443a386be2e2ae\"\u003eada493e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecss:\u003c/strong\u003e support es2025 build target for lightningcss (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21769\"\u003e#21769\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/08906e76f2fc0e55c8aea6243f6203ce0c78f106\"\u003e08906e7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eforward browser console logs and errors to dev server terminal (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20916\"\u003e#20916\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/2540ed06d0b6f93829d2d764b6a02f7dbfd14923\"\u003e2540ed0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-rc.8 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21790\"\u003e#21790\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/a0c950e30945cc97fb2381a2affac086730fa31e\"\u003ea0c950e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eexport \u003ccode\u003eVisitor\u003c/code\u003e and \u003ccode\u003eESTree\u003c/code\u003e from \u003ccode\u003erolldown/utils\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21664\"\u003e#21664\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/45de31e5ffcc514832aec96fa6e09a189c26d684\"\u003e45de31e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-rc.6 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21714\"\u003e#21714\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/37a65f8c31b5baeb4dadecfd4da98f81bae4202e\"\u003e37a65f8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euse util.inspect for CLI error display (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21668\"\u003e#21668\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5f425a9126ad1a483f482970bef8c29a0e721a3c\"\u003e5f425a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-rc.5 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21660\"\u003e#21660\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/b3ddbc54ee5b836852b09811c8e920b2b2cde7cb\"\u003eb3ddbc5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-rc.4 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21617\"\u003e#21617\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/1ee5c7f796c24d7319fbd5258bbdce4968859efe\"\u003e1ee5c7f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewasm:\u003c/strong\u003e add SSR support for \u003ccode\u003e.wasm?init\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21102\"\u003e#21102\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/216a3b53c610918027a7713a0d5495628f77d306\"\u003e216a3b5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eintegrate devtools (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21331\"\u003e#21331\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/acbf507bcb05f9cd9525c765431b3e0ed97328e4\"\u003eacbf507\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-rc.3 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21554\"\u003e#21554\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/43358e97cd6485513f25ee11133333cba05841e3\"\u003e43358e9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emanifest:\u003c/strong\u003e add \u003ccode\u003eassets\u003c/code\u003e field for standalone CSS entry points (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21015\"\u003e#21015\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f289b9b0ce7821b1554b878d083c426e7a695b59\"\u003ef289b9b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-rc.2 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21512\"\u003e#21512\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fa136a9e68921f3ca396e0870193fe805fbfb7b4\"\u003efa136a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebundled-dev:\u003c/strong\u003e support worker in initial bundle (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21415\"\u003e#21415\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f3d31499c714fe5c5acf8355520624c662f9d79f\"\u003ef3d3149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edev:\u003c/strong\u003e detect port conflicts on wildcard hosts (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21381\"\u003e#21381\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/b0dd5a993fd2f95c8cb2190a3ca4296bc9e06359\"\u003eb0dd5a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eshortcuts case insensitive (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21224\"\u003e#21224\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/7796aded764bca987abfec8ab0ad0438c5a5e7eb\"\u003e7796ade\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-rc.1 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21463\"\u003e#21463\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ff9dd7fef0d3c898e317fca84a629828f3e28936\"\u003eff9dd7f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ewarn if \u003ccode\u003eenvPrefix\u003c/code\u003e contains spaces (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21292\"\u003e#21292\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/9fcde3c870896a62fbca19be8ee14efab9393f4a\"\u003e9fcde3c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-beta.60 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21408\"\u003e#21408\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c33aa7cfd142a0dd38ed89589fc7b04cf8866791\"\u003ec33aa7c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-beta.59 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21374\"\u003e#21374\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/00379439fa62383460b056d587d0366597c19ab4\"\u003e0037943\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003eignoreOutdatedRequests\u003c/code\u003e option to \u003ccode\u003eoptimizeDeps\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21364\"\u003e#21364\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/b2e75aabe93e3219f40fa5ad8755d53cdd2439b5\"\u003eb2e75aa\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd ios to default esbuild targets (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21342\"\u003e#21342\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/daae6e9f5dd223258a9e7a9a7fa22c8a4564902f\"\u003edaae6e9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-beta.58 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21354\"\u003e#21354\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ba40cef16d20590f7115d4d628d9b79fa0783473\"\u003eba40cef\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-beta.57 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21335\"\u003e#21335\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/d5412ef4c472bc5fef4ed69cfee4ef4a929c6be9\"\u003ed5412ef\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecss:\u003c/strong\u003e support es2024 build target for lightningcss (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21294\"\u003e#21294\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/bd33b8e08768fdcef0b09e3eefa649fdcafdd397\"\u003ebd33b8e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-beta.56 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21323\"\u003e#21323\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/9847a634cf36de2e6ac0043ffd22cefb1b5951bd\"\u003e9847a63\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eintroduce v2 native plugins and enable it by default (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21268\"\u003e#21268\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/42f2ab3aec7cd0e03e195611b1e1ddabbedc9d61\"\u003e42f2ab3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003essr:\u003c/strong\u003e avoid errors when rewriting already rewritten stacktrace (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21269\"\u003e#21269\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/98d9a33274d9ac90780786afa612d916feddf2e3\"\u003e98d9a33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-beta.55 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21300\"\u003e#21300\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/2c8db858d7081e898f63ce9569c3f19a91a10956\"\u003e2c8db85\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-beta.54 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21267\"\u003e#21267\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c75117213cb1d2d13554fbc26a75e8df191c27eb\"\u003ec751172\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ea68a8868c7ee249213057f8a81c3f92a9839dde\"\u003e\u003ccode\u003eea68a88\u003c/code\u003e\u003c/a\u003e chore(deps): update rolldown-related dependencies (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20810\"\u003e#20810\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/693d25510aba3322e8e689764df8c3b18db04a98\"\u003e\u003ccode\u003e693d255\u003c/code\u003e\u003c/a\u003e release: v7.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/98a3484733443ee529870477a6ab6a03572e3cbc\"\u003e\u003ccode\u003e98a3484\u003c/code\u003e\u003c/a\u003e fix(hmr): wait for \u003ccode\u003eimport.meta.hot.prune\u003c/code\u003e callbacks to complete before runni...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/9f32b1dc710991c53a9f665c8d0d6945f342bf92\"\u003e\u003ccode\u003e9f32b1d\u003c/code\u003e\u003c/a\u003e fix(hmr): trigger prune event when import is removed from non hmr module (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20\"\u003e#20\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/9f2247c066cac75746356c9391845235445a154b\"\u003e\u003ccode\u003e9f2247c\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20811\"\u003e#20811\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/105abe87c412cf0f83859ba41fed869221cbb3e0\"\u003e\u003ccode\u003e105abe8\u003c/code\u003e\u003c/a\u003e fix(glob): handle glob imports from folders starting with dot (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20800\"\u003e#20800\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/4c4583ce7a13306e0853901570c5d95517fe81da\"\u003e\u003ccode\u003e4c4583c\u003c/code\u003e\u003c/a\u003e fix(build): fix ssr environment \u003ccode\u003eemitAssets: true\u003c/code\u003e when `sharedConfigBuild: t...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/9bc9d1258f550e9d8f5e530cd27aecb1bee32bdb\"\u003e\u003ccode\u003e9bc9d12\u003c/code\u003e\u003c/a\u003e fix(client): use CSP nonce when rendering error overlay (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20791\"\u003e#20791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/54377f70ad72d56a2c5b4f36a812b5991573d5b1\"\u003e\u003ccode\u003e54377f7\u003c/code\u003e\u003c/a\u003e release: v7.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/88af2ae7df77160e7d11a9fa147a4967c8499f13\"\u003e\u003ccode\u003e88af2ae\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20773\"\u003e#20773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/create-vite@8.0.0/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for vite since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 8.8.1 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.8.1...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `playwright` from 1.55.0 to 1.55.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/playwright/releases\"\u003eplaywright's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.55.1\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37479\"\u003emicrosoft/playwright#37479\u003c/a\u003e - [Bug]: Upgrade Chromium to 140.0.7339.186.\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37147\"\u003emicrosoft/playwright#37147\u003c/a\u003e - [Regression]: Internal error: step id not found.\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37146\"\u003emicrosoft/playwright#37146\u003c/a\u003e - [Regression]: HTML reporter displays a broken chip link when there are no projects.\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/pull/37137\"\u003emicrosoft/playwright#37137\u003c/a\u003e - Revert \u0026quot;fix(a11y): track inert elements as hidden\u0026quot;.\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/pull/37532\"\u003emicrosoft/playwright#37532\u003c/a\u003e - chore: do not use -k option\u003c/p\u003e\n\u003ch2\u003eBrowser Versions\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChromium 140.0.7339.186\u003c/li\u003e\n\u003cli\u003eMozilla Firefox 141.0\u003c/li\u003e\n\u003cli\u003eWebKit 26.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis version was also tested against the following stable channels:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eGoogle Chrome 139\u003c/li\u003e\n\u003cli\u003eMicrosoft Edge 139\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/ae51df7a35888f663553ab4e9c45d6cb6335397f\"\u003e\u003ccode\u003eae51df7\u003c/code\u003e\u003c/a\u003e chore: mark v1.55.1 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37530\"\u003e#37530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/86dde294ce7fc9dd62d2f7ce5afd0c79cff50140\"\u003e\u003ccode\u003e86dde29\u003c/code\u003e\u003c/a\u003e feat(chromium): roll to r1193 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37529\"\u003e#37529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/86328bc9f43da2fe2b9aba2822c79f8b4c0c7f72\"\u003e\u003ccode\u003e86328bc\u003c/code\u003e\u003c/a\u003e chore: do not use -k option (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37532\"\u003e#37532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/63799ba68340fde11445d4f48c12515c28dcc92a\"\u003e\u003ccode\u003e63799ba\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37214\"\u003e#37214\u003c/a\u003e): docs: fix method names in release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/21e29a42ab090d7848a3c3255f05335ba0db424d\"\u003e\u003ccode\u003e21e29a4\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37153\"\u003e#37153\u003c/a\u003e): fix(html): don't display a chip with empty content with ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/ba62e6ab0d25f7415ffdf121e4e186aadb213be5\"\u003e\u003ccode\u003eba62e6a\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37149\"\u003e#37149\u003c/a\u003e): fix(test): attaching in boxed fixture\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/25bb073f2697c98995871d40828604b0836c29b7\"\u003e\u003ccode\u003e25bb073\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37137\"\u003e#37137\u003c/a\u003e): Revert \u0026quot;fix(a11y): track inert elements as hidden (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/36947\"\u003e#36947\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/microsoft/playwright/compare/v1.55.0...v1.55.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `happy-dom` from 18.0.1 to 20.8.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/capricorn86/happy-dom/releases\"\u003ehappy-dom's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev20.8.4\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReplace ConsoleConstructor import with indexed access type - By \u003cstrong\u003e\u003ca href=\"https://github.com/YevheniiKotyrlo\"\u003e\u003ccode\u003e@​YevheniiKotyrlo\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1845\"\u003e#1845\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.8.3\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow error if event is not of type \u003ccode\u003eEvent\u003c/code\u003e in \u003ccode\u003eEventTarget.dispatchEvent()\u003c/code\u003e - By \u003cstrong\u003e\u003ca href=\"https://github.com/capricorn86\"\u003e\u003ccode\u003e@​capricorn86\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2054\"\u003e#2054\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.8.2\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eResets \u003ccode\u003eEvent.cancelBubble\u003c/code\u003e and \u003ccode\u003eEvent.defaultPrevented\u003c/code\u003e when calling \u003ccode\u003eEvent.initEvent()\u003c/code\u003e - By \u003cstrong\u003e\u003ca href=\"https://github.com/capricorn86\"\u003e\u003ccode\u003e@​capricorn86\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2090\"\u003e#2090\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.8.1\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMake \u0026quot;inert\u0026quot; attribute block focus interactions - By \u003cstrong\u003e\u003ca href=\"https://github.com/coffeeandwork\"\u003e\u003ccode\u003e@​coffeeandwork\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1422\"\u003e#1422\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.8.0\u003c/h2\u003e\n\u003ch3\u003e:art: Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdds support for setPointerCapture, hasPointerCapture, and releasePointerCapture to Element - By \u003cstrong\u003e\u003ca href=\"https://github.com/coffeeandwork\"\u003e\u003ccode\u003e@​coffeeandwork\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1733\"\u003e#1733\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.7.2\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eProperly decode CSS escape sequences in attribute selector values - By \u003cstrong\u003e\u003ca href=\"https://github.com/silverwind\"\u003e\u003ccode\u003e@​silverwind\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.7.1\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes issue related to parsing direct descendants (\u003ccode\u003e\u0026gt;\u003c/code\u003e) and universal (\u003ccode\u003e*\u003c/code\u003e) query selectors - By \u003cstrong\u003e\u003ca href=\"https://github.com/Cherry\"\u003e\u003ccode\u003e@​Cherry\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2078\"\u003e#2078\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.7.0\u003c/h2\u003e\n\u003ch3\u003e:art: Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdds support for \u003ccode\u003eWindow.getScreenDetails()\u003c/code\u003e - By \u003cstrong\u003e\u003ca href=\"https://github.com/TrevorBurnham\"\u003e\u003ccode\u003e@​TrevorBurnham\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1923\"\u003e#1923\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExtends \u003ccode\u003eScreen\u003c/code\u003e from \u003ccode\u003eEventTarget\u003c/code\u003e - By \u003cstrong\u003e\u003ca href=\"https://github.com/TrevorBurnham\"\u003e\u003ccode\u003e@​TrevorBurnham\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1923\"\u003e#1923\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.6.5\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd clearImmediate to Jest environment global scope - By \u003cstrong\u003e\u003ca href=\"https://github.com/TrevorBurnham\"\u003e\u003ccode\u003e@​TrevorBurnham\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1927\"\u003e#1927\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.6.4\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNormalize invalid input type attribute to \u0026quot;text\u0026quot; per HTML spec - By \u003cstrong\u003e\u003ca href=\"https://github.com/atzzCokeK\"\u003e\u003ccode\u003e@​atzzCokeK\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2053\"\u003e#2053\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.6.3\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRefactors query selector parser to be able to handle complex rules - By \u003cstrong\u003e\u003ca href=\"https://github.com/capricorn86\"\u003e\u003ccode\u003e@​capricorn86\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1910\"\u003e#1910\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixes issue related to using query selector for attribute in XML document - By \u003cstrong\u003e\u003ca href=\"https://github.com/capricorn86\"\u003e\u003ccode\u003e@​capricorn86\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1912\"\u003e#1912\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixes issue with using quotes within quotes for attribute query selector (e.g. \u003ccode\u003e[data-value=\u0026quot;it's a test\u0026quot;]\u003c/code\u003e) - By \u003cstrong\u003e\u003ca href=\"https://github.com/capricorn86\"\u003e\u003ccode\u003e@​capricorn86\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2034\"\u003e#2034\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.6.2\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate entities package version to resolve missing export for vue and vue-compat v3.5 - By \u003cstrong\u003e\u003ca href=\"https://github.com/acollins1991\"\u003e\u003ccode\u003e@​acollins1991\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2066\"\u003e#2066\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/82a0888cb2c87a6123e05424b528f8e8c9b3e426\"\u003e\u003ccode\u003e82a0888\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1845\"\u003e#1845\u003c/a\u003e Replace ConsoleConstructor import with indexed access type (\u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2095\"\u003e#2095\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/5998eeaea5455cda9556675c6b92bea7ec85642b\"\u003e\u003ccode\u003e5998eea\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2054\"\u003e#2054\u003c/a\u003e Throw error if event is not of type Event in dispatchEvent (\u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2092\"\u003e#2092\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/7a11238eace2fab69eb6bff13c2eeb0b7f7caa40\"\u003e\u003ccode\u003e7a11238\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2090\"\u003e#2090\u003c/a\u003e Resets cancelBubble and defaultPrevented when calling initEvent ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/7d27984affe0dcfc2827d1568fa6b950905a8482\"\u003e\u003ccode\u003e7d27984\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1422\"\u003e#1422\u003c/a\u003e Make inert attribute block focus interactions (\u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/53e4ec974a8c8f66db7cd55c9553e7e8281185bf\"\u003e\u003ccode\u003e53e4ec9\u003c/code\u003e\u003c/a\u003e feat: \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1733\"\u003e#1733\u003c/a\u003e Adds support for setPointerCapture, hasPointerCapture, and rele...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/1c73c3f7bbd0f6693af89386ba10ea8b506546c1\"\u003e\u003ccode\u003e1c73c3f\u003c/code\u003e\u003c/a\u003e fix: Properly decode CSS escape sequences in attribute selector values (\u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2080\"\u003e#2080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/7fa06b306bc6f7679d430ecfd8eee33c14c2be87\"\u003e\u003ccode\u003e7fa06b3\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2078\"\u003e#2078\u003c/a\u003e Fixes direct descendants \u0026gt; and universal * query selectors  (\u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2079\"\u003e#2079\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/4e0d1e331e07fcbf9b63baf50854b9a996b7fa1e\"\u003e\u003ccode\u003e4e0d1e3\u003c/code\u003e\u003c/a\u003e feat: \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1923\"\u003e#1923\u003c/a\u003e Adds support for getScreenDetails() (\u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2041\"\u003e#2041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/78a2ff462c034d4531634c01afe5cf14da6fa732\"\u003e\u003ccode\u003e78a2ff4\u003c/code\u003e\u003c/a\u003e chore: \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1867\"\u003e#1867\u003c/a\u003e Add regression test for TreeWalker sibling traversal (\u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2026\"\u003e#2026\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/46bab6775978d3dde1c4fdcd60d3a10090a3a850\"\u003e\u003ccode\u003e46bab67\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1927\"\u003e#1927\u003c/a\u003e Add clearImmediate to Jest environment global scope (\u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2029\"\u003e#2029\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/capricorn86/happy-dom/compare/v18.0.1...v20.8.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.5.0 to 5.8.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eFixes \u0026quot;Missing End Anchor in \u0026quot;subtypeNameReg\u0026quot; Allows Malformed Content-Types to Pass Validation\u0026quot;: \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-573f-x89g-hqp9\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-573f-x89g-hqp9\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eCVE-2026-3419\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.0...v5.8.1\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.0...v5.8.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(request): add host security warning references by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6476\"\u003efastify/fastify#6476\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix note style by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6487\"\u003efastify/fastify#6487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: rename deploy website ci by \u003ca href=\"https://github.com/Eomm\"\u003e\u003ccode\u003e@​Eomm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6492\"\u003efastify/fastify#6492\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: support pino v9 and v10 by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6496\"\u003efastify/fastify#6496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update logger types and fix TODO comment by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6470\"\u003efastify/fastify#6470\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(test-types): migrate dummy-plugin to FastifyPluginAsync by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6472\"\u003efastify/fastify#6472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix markdown typo in README.md by \u003ca href=\"https://github.com/droppingbeans\"\u003e\u003ccode\u003e@​droppingbeans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6491\"\u003efastify/fastify#6491\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: cover non-numeric content-length client error path by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6500\"\u003efastify/fastify#6500\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: remove tests-checker workflow by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6481\"\u003efastify/fastify#6481\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: remove stale.yml file by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6504\"\u003efastify/fastify#6504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(security): remove hackerone references; change note style by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6501\"\u003efastify/fastify#6501\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: rename \u003ccode\u003e@​sinclair/typebox\u003c/code\u003e to typebox by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6494\"\u003efastify/fastify#6494\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(links-check): add external link checker using linkinator-action by \u003ca href=\"https://github.com/umxr\"\u003e\u003ccode\u003e@​umxr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6386\"\u003efastify/fastify#6386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade borp to v1.0.0 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6510\"\u003efastify/fastify#6510\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add OpenJS CNA reference to SECURITY.md by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6516\"\u003efastify/fastify#6516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: avoid mutating shared routerOptions across instances by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6515\"\u003efastify/fastify#6515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(types): accept async route hooks in shorthand options by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6514\"\u003efastify/fastify#6514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Improve shutdown lifecycle documentation by \u003ca href=\"https://github.com/kibertoad\"\u003e\u003ccode\u003e@​kibertoad\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6517\"\u003efastify/fastify#6517\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove unused \u003ccode\u003etsconfig.eslint.json\u003c/code\u003e by \u003ca href=\"https://github.com/mrazauskas\"\u003e\u003ccode\u003e@​mrazauskas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6524\"\u003efastify/fastify#6524\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: First-class support for handler-level timeouts by \u003ca href=\"https://github.com/kibertoad\"\u003e\u003ccode\u003e@​kibertoad\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6521\"\u003efastify/fastify#6521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(security): clarify insecureHTTPParser threat model scope by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6533\"\u003efastify/fastify#6533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6511\"\u003efastify/fastify#6511\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify anyOf nullable coercion behavior with primitive types by \u003ca href=\"https://github.com/slegarraga\"\u003e\u003ccode\u003e@​slegarraga\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6531\"\u003efastify/fastify#6531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: remove format placeholder from FST_ERR_CTP_INVALID_MEDIA_TYPE message by \u003ca href=\"https://github.com/super-mcgin\"\u003e\u003ccode\u003e@​super-mcgin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6528\"\u003efastify/fastify#6528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(reference/hooks): fix note style by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6538\"\u003efastify/fastify#6538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump lycheeverse/lychee-action from 2.7.0 to 2.8.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6539\"\u003efastify/fastify#6539\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.2 to 4.8.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6540\"\u003efastify/fastify#6540\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.20.0 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6542\"\u003efastify/fastify#6542\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: remove broken links and add ecosystem link validator by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6421\"\u003efastify/fastify#6421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(validate-ecoystem-links): add job level permission by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6545\"\u003efastify/fastify#6545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6543\"\u003efastify/fastify#6543\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/droppingbeans\"\u003e\u003ccode\u003e@​droppingbeans\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6491\"\u003efastify/fastify#6491\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/umxr\"\u003e\u003ccode\u003e@​umxr\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6386\"\u003efastify/fastify#6386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slegarraga\"\u003e\u003ccode\u003e@​slegarraga\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6531\"\u003efastify/fastify#6531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/super-mcgin\"\u003e\u003ccode\u003e@​super-mcgin\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6528\"\u003efastify/fastify#6528\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.7.4...v5.8.0\"\u003ehttps://github.com/fastify/fastify/compare/v5.7.4...v5.8.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/073ff8132f350aaa53935231019499e983cb9794\"\u003e\u003ccode\u003e073ff81\u003c/code\u003e\u003c/a\u003e Bumped v5.8.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/67f6c9b32cb3623d3c9470cc17ed830dd2f083d7\"\u003e\u003ccode\u003e67f6c9b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/161578a366edd40ef6d7eb06bfd57bc2b55f37b6\"\u003e\u003ccode\u003e161578a\u003c/code\u003e\u003c/a\u003e chore: sync version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/9b06a781f90d5a8d5ac5fc43eb2fddc392864681\"\u003e\u003ccode\u003e9b06a78\u003c/code\u003e\u003c/a\u003e Bumped v5.8.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/bbdfe82ae891199ba0d2b49326b7ddce5f103ab3\"\u003e\u003ccode\u003ebbdfe82\u003c/code\u003e\u003c/a\u003e style: remove trailing whitespace (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6543\"\u003e#6543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/cd58ed45d3c3b25cae3cfaa27e9c76a1c8865d0f\"\u003e\u003ccode\u003ecd58ed4\u003c/code\u003e\u003c/a\u003e ci(validate-ecoystem-links): add job level permission (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6545\"\u003e#6545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/2590592da900172e04526f36dfe4dac617022469\"\u003e\u003ccode\u003e2590592\u003c/code\u003e\u003c/a\u003e ci: remove broken links and add ecosystem link validator (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6421\"\u003e#6421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/09b55b6ca6a3244df9f02b02157db41777198d4f\"\u003e\u003ccode\u003e09b55b6\u003c/code\u003e\u003c/a\u003e chore: Bump markdownlint-cli2 from 0.20.0 to 0.21.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6542\"\u003e#6542\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/43c4e386c374c56a7de326e20f51eb7a71c0edda\"\u003e\u003ccode\u003e43c4e38\u003c/code\u003e\u003c/a\u003e chore: Bump actions/dependency-review-action from 4.8.2 to 4.8.3 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6540\"\u003e#6540\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3b4057303e63172ed8a4dde8d35f6ce1f7a5eb58\"\u003e\u003ccode\u003e3b40573\u003c/code\u003e\u003c/a\u003e chore: Bump lycheeverse/lychee-action from 2.7.0 to 2.8.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6539\"\u003e#6539\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify/compare/v5.5.0...v5.8.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.11.0 to 1.13.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.13.5\u003c/h2\u003e\n\u003ch2\u003eRelease 1.13.5\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eSecurity:\u003c/strong\u003e Fixed a potential \u003cstrong\u003eDenial of Service\u003c/strong\u003e issue involving the \u003ccode\u003e__proto__\u003c/code\u003e key in \u003ccode\u003emergeConfig\u003c/code\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7369\"\u003e#7369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBug fix:\u003c/strong\u003e Resolved an issue where \u003ccode\u003eAxiosError\u003c/code\u003e could be missing the \u003ccode\u003estatus\u003c/code\u003e field on and after \u003cstrong\u003ev1.13.3\u003c/strong\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7368\"\u003e#7368\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003ch4\u003eSecurity\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix Denial of Service via \u003ccode\u003e__proto__\u003c/code\u003e key in \u003ccode\u003emergeConfig\u003c/code\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7369\"\u003e#7369\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix/5657. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7313\"\u003e#7313\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003estatus\u003c/code\u003e is present in \u003ccode\u003eAxiosError\u003c/code\u003e on and after v1.13.3. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7368\"\u003e#7368\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFeatures / Improvements\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdd input validation to \u003ccode\u003eisAbsoluteURL\u003c/code\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7326\"\u003e#7326\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRefactor: bump minor package versions. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7356\"\u003e#7356\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eDocumentation\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eClarify object-check comment. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7323\"\u003e#7323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix deprecated \u003ccode\u003eBuffer\u003c/code\u003e constructor usage and README formatting. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7371\"\u003e#7371\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCI / Maintenance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eChore: fix issues with YAML. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7355\"\u003e#7355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCI: update workflow YAMLs. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7372\"\u003e#7372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCI: fix run condition. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7373\"\u003e#7373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDev deps: bump \u003ccode\u003ekarma-sourcemap-loader\u003c/code\u003e from 0.3.8 to 0.4.0. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7360\"\u003e#7360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore(release): prepare release 1.13.5. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7379\"\u003e#7379\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sachin11063\"\u003e\u003ccode\u003e@​sachin11063\u003c/code\u003e\u003c/a\u003e (first contribution — PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7323\"\u003e#7323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asmitha-16\"\u003e\u003ccode\u003e@​asmitha-16\u003c/code\u003e\u003c/a\u003e (first contribution — PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7326\"\u003e#7326\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog:\u003c/strong\u003e \u003ca href=\"https://github.com/axios/axios/compare/v1.13.4...v1.13.5\"\u003ehttps://github.com/axios/axios/compare/v1.13.4...v1.13.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.13.4\u003c/h2\u003e\n\u003ch2\u003eOverview\u003c/h2\u003e\n\u003cp\u003eThe release addresses issues discovered in v1.13.3 and includes significant CI/CD improvements.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/axios/axios/compare/v1.13.3...v1.13.4\"\u003ev1.13.3...v1.13.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's New in v1.13.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003efix: issues with version 1.13.3\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7352\"\u003e#7352\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/ee90dfc28abffbb61e24974b2bd3139a4a40ac76\"\u003eee90dfc\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eFixed issues discovered in v1.13.3 release\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.13.2...v1.13.3\"\u003e1.13.3\u003c/a\u003e (2026-01-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ehttp2:\u003c/strong\u003e Use port 443 for HTTPS connections by default. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7256\"\u003e#7256\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d7e60653460480ffacecf85383012ca1baa6263e\"\u003ed7e6065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003einterceptor:\u003c/strong\u003e handle the error in the same interceptor (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6269\"\u003e#6269\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/5945e40bb171d4ac4fc195df276cf952244f0f89\"\u003e5945e40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emain field in package.json should correspond to cjs artifacts (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5756\"\u003e#5756\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7373fbff24cd92ce650d99ff6f7fe08c2e2a0a04\"\u003e7373fbf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epackage.json:\u003c/strong\u003e add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5754\"\u003e#5754\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/b89217e3e91de17a3d55e2b8f39ceb0e9d8aeda8\"\u003eb89217e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esilentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7257\"\u003e#7257\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7d19335e43d6754a1a9a66e424f7f7da259895bf\"\u003e7d19335\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eturn AxiosError into a native error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5394\"\u003e#5394\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5558\"\u003e#5558\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/1c6a86dd2c0623ee1af043a8491dbc96d40e883b\"\u003e1c6a86d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e add handlers to AxiosInterceptorManager interface (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5551\"\u003e#5551\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/8d1271b49fc226ed7defd07cd577bd69a55bb13a\"\u003e8d1271b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e restore AxiosError.cause type from unknown to Error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7327\"\u003e#7327\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d8233d9e8e9a64bfba9bbe01d475ba417510b82b\"\u003ed8233d9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eunclear error message is thrown when specifying an empty proxy authorization (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6314\"\u003e#6314\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/6ef867e684adf7fb2343e3b29a79078a3c76dc29\"\u003e6ef867e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eundefined\u003c/code\u003e as a value in AxiosRequestConfig (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5560\"\u003e#5560\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/095033c626895ecdcda2288050b63dcf948db3bd\"\u003e095033c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd automatic minor and patch upgrades to dependabot (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6053\"\u003e#6053\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/65a7584eda6164980ddb8cf5372f0afa2a04c1ed\"\u003e65a7584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd Node.js coverage script using c8 (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/7289\"\u003e#7289\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7294\"\u003e#7294\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/ec9d94e9f88da13e9219acadf65061fb38ce080a\"\u003eec9d94e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded copilot instructions (\u003ca href=\"https://github.com/axios/axios/commit/3f83143bfe617eec17f9d7dcf8bafafeeae74c26\"\u003e3f83143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with frozen prototypes (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6265\"\u003e#6265\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/860e03396a536e9b926dacb6570732489c9d7012\"\u003e860e033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenhance pipeFileToResponse with error handling (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7169\"\u003e#7169\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/88d78842541610692a04282233933d078a8a2552\"\u003e88d7884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Intellisense for string literals in a widened union (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6134\"\u003e#6134\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/f73474d02c5aa957b2daeecee65508557fd3c6e5\"\u003ef73474d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com//redirect.github.com/microsoft/TypeScript/issues/33471/issues/issuecomment-1376364329\"\u003emicrosoft/TypeScript#33471\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eReverts\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRevert \u0026quot;fix: silentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/a...\n\n_Description has been truncated_","html_url":"https://github.com/trizist/vitest/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/trizist%2Fvitest/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"},{"uuid":"4074006236","node_id":"PR_kwDOQTMM3s7Kgzte","number":20,"state":"open","title":"Bump the npm_and_yarn group across 18 directories with 21 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-14T00:10:42.000Z","updated_at":"2026-03-14T00:11:37.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":21,"packages":[{"name":"undici","old_version":"7.9.0","new_version":"7.24.1","repository_url":"https://github.com/nodejs/undici"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"9.0.5","new_version":"9.0.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"9.0.3","new_version":"9.0.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"7.4.6","new_version":"7.4.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"5.1.6","new_version":"5.1.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"10.0.1","new_version":"10.2.4","repository_url":"https://github.com/isaacs/minimatch"},{"name":"webpack","old_version":"5.100.0","new_version":"5.105.4","repository_url":"https://github.com/webpack/webpack"},{"name":"zx","old_version":"8.7.0","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"@tootallnate/once","old_version":"3.0.0","new_version":"3.0.1","repository_url":"https://github.com/TooTallNate/once"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"form-data","old_version":"4.0.0","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"braces","old_version":"2.3.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"svgo","old_version":"2.8.0","new_version":"2.8.2","repository_url":"https://github.com/svg/svgo"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [undici](https://github.com/nodejs/undici) | `7.9.0` | `7.24.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.3` | `9.0.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `7.4.6` | `7.4.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `10.0.1` | `10.2.4` |\n| [webpack](https://github.com/webpack/webpack) | `5.100.0` | `5.105.4` |\n| [zx](https://github.com/google/zx) | `8.7.0` | `8.8.5` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `3.0.0` | `3.0.1` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.5` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [braces](https://github.com/micromatch/braces) | `2.3.2` | `3.0.3` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [svgo](https://github.com/svg/svgo) | `2.8.0` | `2.8.2` |\n\nBumps the npm_and_yarn group with 6 updates in the /build directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [minimatch](https://github.com/isaacs/minimatch) | `10.0.3` | `10.2.4` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.17.1` | `8.18.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.0` | `4.5.4` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n\nBumps the npm_and_yarn group with 3 updates in the /build/npm/gyp directory: [glob](https://github.com/isaacs/node-glob), [minimatch](https://github.com/isaacs/minimatch) and [tar](https://github.com/isaacs/node-tar).\nBumps the npm_and_yarn group with 1 update in the /extensions/css-language-features directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 1 update in the /extensions/git directory: [file-type](https://github.com/sindresorhus/file-type).\nBumps the npm_and_yarn group with 1 update in the /extensions/html-language-features directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 1 update in the /extensions/json-language-features directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 2 updates in the /extensions/markdown-language-features directory: [minimatch](https://github.com/isaacs/minimatch) and [dompurify](https://github.com/cure53/DOMPurify).\nBumps the npm_and_yarn group with 1 update in the /extensions/mermaid-chat-features directory: [dompurify](https://github.com/cure53/DOMPurify).\nBumps the npm_and_yarn group with 1 update in the /extensions/notebook-renderers directory: [@tootallnate/once](https://github.com/TooTallNate/once).\nBumps the npm_and_yarn group with 2 updates in the /extensions/npm directory: [minimatch](https://github.com/isaacs/minimatch) and [js-yaml](https://github.com/nodeca/js-yaml).\nBumps the npm_and_yarn group with 1 update in the /extensions/vscode-api-tests directory: [node-forge](https://github.com/digitalbazaar/forge).\nBumps the npm_and_yarn group with 2 updates in the /remote directory: [undici](https://github.com/nodejs/undici) and [@tootallnate/once](https://github.com/TooTallNate/once).\nBumps the npm_and_yarn group with 1 update in the /test/automation directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 1 update in the /test/integration/browser directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 5 updates in the /test/mcp directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.18.1` | `1.26.0` |\n| [@playwright/mcp](https://github.com/microsoft/playwright-mcp) | `0.0.37` | `0.0.40` |\n\nBumps the npm_and_yarn group with 1 update in the /test/monaco directory: [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 2 updates in the /test/smoke directory: [minimatch](https://github.com/isaacs/minimatch) and [form-data](https://github.com/form-data/form-data).\n\nUpdates `undici` from 7.9.0 to 7.24.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodejs/undici/releases\"\u003eundici's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.24.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: \u003cstrong\u003eproto\u003c/strong\u003e pollution by \u003ca href=\"https://github.com/rahulyadav5524\"\u003e\u003ccode\u003e@​rahulyadav5524\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4885\"\u003enodejs/undici#4885\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v7.24.0...v7.24.1\"\u003ehttps://github.com/nodejs/undici/compare/v7.24.0...v7.24.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.24.0\u003c/h2\u003e\n\u003ch1\u003eUndici v7.24.0 Security Release Notes\u003c/h1\u003e\n\u003cp\u003eThis release addresses multiple security vulnerabilities in Undici.\u003c/p\u003e\n\u003ch2\u003eUpgrade guidance\u003c/h2\u003e\n\u003cp\u003eAll users on v7 should upgrade to \u003cstrong\u003ev7.24.0\u003c/strong\u003e or later.\u003c/p\u003e\n\u003ch2\u003eFixed advisories\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm\"\u003eGHSA-2mjp-6q6p-2qxm\u003c/a\u003e / CVE-2026-1525 (Medium)\u003cbr /\u003e\nInconsistent interpretation of HTTP requests (request/response smuggling class issue).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj\"\u003eGHSA-f269-vfmq-vjvj\u003c/a\u003e / CVE-2026-1528 (High)\u003cbr /\u003e\nMalicious WebSocket 64-bit frame length handling could crash the client.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h\"\u003eGHSA-phc3-fgpg-7m6h\u003c/a\u003e / CVE-2026-2581 (Medium)\u003cbr /\u003e\nUnbounded memory consumption in deduplication interceptor response buffering (DoS risk).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq\"\u003eGHSA-4992-7rv2-5pvq\u003c/a\u003e / CVE-2026-1527 (Medium)\u003cbr /\u003e\nCRLF injection via the \u003ccode\u003eupgrade\u003c/code\u003e option.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8\"\u003eGHSA-v9p9-hfj2-hcw8\u003c/a\u003e / CVE-2026-2229 (High)\u003cbr /\u003e\nUnhandled exception from invalid \u003ccode\u003eserver_max_window_bits\u003c/code\u003e in WebSocket permessage-deflate negotiation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q\"\u003eGHSA-vrm6-8vpv-qv8q\u003c/a\u003e / CVE-2026-1526 (High)\u003cbr /\u003e\nUnbounded memory consumption in WebSocket permessage-deflate decompression.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAffected and patched ranges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-1525: affected \u003ccode\u003e7.0.0 \u0026lt; 7.24.0\u003c/code\u003e, patched \u003ccode\u003e7.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1528: affected \u003ccode\u003e7.0.0 \u0026lt; 7.24.0\u003c/code\u003e, patched \u003ccode\u003e7.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-2581: affected \u003ccode\u003e\u0026gt;= 7.17.0 \u0026lt; 7.24.0\u003c/code\u003e, patched \u003ccode\u003e7.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1527: affected \u003ccode\u003e7.0.0 \u0026lt; 7.24.0\u003c/code\u003e, patched \u003ccode\u003e7.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-2229: affected \u003ccode\u003e7.0.0 \u0026lt; 7.24.0\u003c/code\u003e, patched \u003ccode\u003e7.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1526: affected \u003ccode\u003e7.0.0 \u0026lt; 7.24.0\u003c/code\u003e, patched \u003ccode\u003e7.24.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eReferences\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub Security Advisories: \u003ca href=\"https://github.com/nodejs/undici/security/advisories\"\u003ehttps://github.com/nodejs/undici/security/advisories\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1525: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1525\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1528: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1528\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1528\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/23e3cd362ba6beb3988e6a9a63000336dd219591\"\u003e\u003ccode\u003e23e3cd3\u003c/code\u003e\u003c/a\u003e Bumped v7.24.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/3aedaa8d5f701da767616df2dced7d4daa7c1566\"\u003e\u003ccode\u003e3aedaa8\u003c/code\u003e\u003c/a\u003e remove PLAN.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/0d7ec33ff37563d3e7c98d11d7bca736f330d156\"\u003e\u003ccode\u003e0d7ec33\u003c/code\u003e\u003c/a\u003e fix: \u003cstrong\u003eproto\u003c/strong\u003e pollution (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4885\"\u003e#4885\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/07a39067a0485c1953196f500d945fe09378a176\"\u003e\u003ccode\u003e07a3906\u003c/code\u003e\u003c/a\u003e Bumped v7.24.0 (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4887\"\u003e#4887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/74495c63ab23ef39be99983ed6de81df5d203d45\"\u003e\u003ccode\u003e74495c6\u003c/code\u003e\u003c/a\u003e fix: reject duplicate content-length and host headers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/84235c62e0fe7494cec13f81d5732db0859df417\"\u003e\u003ccode\u003e84235c6\u003c/code\u003e\u003c/a\u003e Fix websocket 64-bit length overflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/77594f923cef4c27ee0bad365e7b4c44a199edae\"\u003e\u003ccode\u003e77594f9\u003c/code\u003e\u003c/a\u003e fix: validate upgrade header to prevent CRLF injection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/cb79c5704ac47e42ce01a72269994fc70e377536\"\u003e\u003ccode\u003ecb79c57\u003c/code\u003e\u003c/a\u003e fix: validate server_max_window_bits range in permessage-deflate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/4147ce21277b3566d02d3be789e5f7a490089db2\"\u003e\u003ccode\u003e4147ce2\u003c/code\u003e\u003c/a\u003e Merge commit '2ee00cb3'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/2ee00cb322c76b0bf56829462d7c1dc53d1cbe3d\"\u003e\u003ccode\u003e2ee00cb\u003c/code\u003e\u003c/a\u003e fix(websocket): add maxDecompressedMessageSize limit for permessage-deflate\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodejs/undici/compare/v7.9.0...v7.24.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for undici since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 9.0.5 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 9.0.3 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 7.4.6 to 7.4.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 5.1.6 to 5.1.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 10.0.1 to 10.2.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack` from 5.100.0 to 5.105.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/releases\"\u003ewebpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.105.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eModule.getSourceBasicTypes\u003c/code\u003e to distinguish basic source types and clarify how modules with non-basic source types like \u003ccode\u003eremote\u003c/code\u003e still produce JavaScript output. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20546\"\u003e#20546\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003ecreateRequire\u003c/code\u003e in expressions. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20549\"\u003e#20549\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed types for multi stats. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20556\"\u003e#20556\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove empty needless js output for normal css module. (by \u003ca href=\"https://github.com/JSerFeng\"\u003e\u003ccode\u003e@​JSerFeng\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20162\"\u003e#20162\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate \u003ccode\u003eenhanced-resolve\u003c/code\u003e to support new features for \u003ccode\u003etsconfig.json\u003c/code\u003e. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20555\"\u003e#20555\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNarrows export presence guard detection to explicit existence checks on namespace imports only, i.e. patterns like \u0026quot;x\u0026quot; in ns. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20561\"\u003e#20561\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.105.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eContext modules now handle rejections correctly. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20455\"\u003e#20455\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnly mark asset modules as side-effect-free when \u003ccode\u003eexperimental.futureDefaults\u003c/code\u003e is set to true, so asset-copying use cases (e.g. \u003ccode\u003eimport \u0026quot;./x.png\u0026quot;\u003c/code\u003e) won’t break unless the option is enabled. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20535\"\u003e#20535\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd the missing \u003cstrong\u003ewebpack_exports\u003c/strong\u003e declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20463\"\u003e#20463\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed HMR failure for CSS modules with \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e when exportType !== \u0026quot;link\u0026quot;. When exportType is not \u0026quot;link\u0026quot;, CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e CSS to work correctly during hot module replacement. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20514\"\u003e#20514\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20454\"\u003e#20454\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDo not crash when a referenced chunk is not a runtime chunk. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20461\"\u003e#20461\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some types. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20412\"\u003e#20412\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20510\"\u003e#20510\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded \u003ccode\u003ecreateRequire\u003c/code\u003e support for ECMA modules. (by \u003ca href=\"https://github.com/stefanbinoj\"\u003e\u003ccode\u003e@​stefanbinoj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20497\"\u003e#20497\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded category for CJS reexport dependency to fix issues with ECMA modules. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20444\"\u003e#20444\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImplement immutable bytes for \u003ccode\u003ebytes\u003c/code\u003e import attribute to match tc39 spec. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20481\"\u003e#20481\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed deterministic search for graph roots regardless of edge order. (by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20452\"\u003e#20452\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.105.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eWebpackPluginInstance\u003c/code\u003e type regression. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20440\"\u003e#20440\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.105.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/blob/main/CHANGELOG.md\"\u003ewebpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.105.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eModule.getSourceBasicTypes\u003c/code\u003e to distinguish basic source types and clarify how modules with non-basic source types like \u003ccode\u003eremote\u003c/code\u003e still produce JavaScript output. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20546\"\u003e#20546\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003ecreateRequire\u003c/code\u003e in expressions. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20549\"\u003e#20549\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed types for multi stats. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20556\"\u003e#20556\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove empty needless js output for normal css module. (by \u003ca href=\"https://github.com/JSerFeng\"\u003e\u003ccode\u003e@​JSerFeng\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20162\"\u003e#20162\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate \u003ccode\u003eenhanced-resolve\u003c/code\u003e to support new features for \u003ccode\u003etsconfig.json\u003c/code\u003e. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20555\"\u003e#20555\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNarrows export presence guard detection to explicit existence checks on namespace imports only, i.e. patterns like \u0026quot;x\u0026quot; in ns. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20561\"\u003e#20561\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.105.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eContext modules now handle rejections correctly. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20455\"\u003e#20455\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnly mark asset modules as side-effect-free when \u003ccode\u003eexperimental.futureDefaults\u003c/code\u003e is set to true, so asset-copying use cases (e.g. \u003ccode\u003eimport \u0026quot;./x.png\u0026quot;\u003c/code\u003e) won’t break unless the option is enabled. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20535\"\u003e#20535\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd the missing \u003cstrong\u003ewebpack_exports\u003c/strong\u003e declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20463\"\u003e#20463\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed HMR failure for CSS modules with \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e when exportType !== \u0026quot;link\u0026quot;. When exportType is not \u0026quot;link\u0026quot;, CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e CSS to work correctly during hot module replacement. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20514\"\u003e#20514\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20454\"\u003e#20454\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDo not crash when a referenced chunk is not a runtime chunk. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20461\"\u003e#20461\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some types. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20412\"\u003e#20412\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20510\"\u003e#20510\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded \u003ccode\u003ecreateRequire\u003c/code\u003e support for ECMA modules. (by \u003ca href=\"https://github.com/stefanbinoj\"\u003e\u003ccode\u003e@​stefanbinoj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20497\"\u003e#20497\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded category for CJS reexport dependency to fix issues with ECMA modules. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20444\"\u003e#20444\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImplement immutable bytes for \u003ccode\u003ebytes\u003c/code\u003e import attribute to match tc39 spec. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20481\"\u003e#20481\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed deterministic search for graph roots regardless of edge order. (by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20452\"\u003e#20452\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.105.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eWebpackPluginInstance\u003c/code\u003e type regression. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20440\"\u003e#20440\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/27c13b44c861908793f160f9f7413b32543c0522\"\u003e\u003ccode\u003e27c13b4\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20550\"\u003e#20550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/9b2f41ee98e01a9265c430d2c52fa6a9db0e177a\"\u003e\u003ccode\u003e9b2f41e\u003c/code\u003e\u003c/a\u003e chore: bump terser plugin (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20569\"\u003e#20569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/eafe0605b018dd4e19a46d45fb5d72442772aff1\"\u003e\u003ccode\u003eeafe060\u003c/code\u003e\u003c/a\u003e fix: narrow the export presence guard detection (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20561\"\u003e#20561\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/75d605cb57b23257ee88f99ada7938273ea3a1ff\"\u003e\u003ccode\u003e75d605c\u003c/code\u003e\u003c/a\u003e refactor: add AppendOnlyStackedSet iteration support and tests (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20560\"\u003e#20560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/afa607d0967f6b0259bfe9f62d99ef97db64bdac\"\u003e\u003ccode\u003eafa607d\u003c/code\u003e\u003c/a\u003e refactor: remove unused code (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20562\"\u003e#20562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/40989026fa542ceffa2821e5d25ae0d87c0bd09b\"\u003e\u003ccode\u003e4098902\u003c/code\u003e\u003c/a\u003e test: add source files for web-webworker and web-webworker-auto-public-path (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/f97be67fdd3c59acff2c0da7dd9f04835b037e4c\"\u003e\u003ccode\u003ef97be67\u003c/code\u003e\u003c/a\u003e refactor: fix duplicated word in Compilation JSDoc (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20547\"\u003e#20547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/9d76fff9f645d194c293f12dadf029173e9ed1d1\"\u003e\u003ccode\u003e9d76fff\u003c/code\u003e\u003c/a\u003e refactor: add Module.getSourceBasicTypes for basic JS type detection (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20546\"\u003e#20546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/a3d7839376784b2e44987b77f7d6bcc2ed3a0bdc\"\u003e\u003ccode\u003ea3d7839\u003c/code\u003e\u003c/a\u003e fix: types for multi stats (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20556\"\u003e#20556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/b8e9b057bebccf6268d9b348bc23b056c66a067b\"\u003e\u003ccode\u003eb8e9b05\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003eenhanced-resolve\u003c/code\u003e to support new features for \u003ccode\u003etsconfig.json\u003c/code\u003e (#...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpack/webpack/compare/v5.100.0...v5.105.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for webpack since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 8.7.0 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.7.0...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tootallnate/once` from 3.0.0 to 3.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/releases\"\u003e\u003ccode\u003e@​tootallnate/once\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e28dbc5d: Fix promise hang when \u003ccode\u003eAbortSignal\u003c/code\u003e is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/blob/master/CHANGELOG.md\"\u003e\u003ccode\u003e@​tootallnate/once\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e28dbc5d: Fix promise hang when \u003ccode\u003eAbortSignal\u003c/code\u003e is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b31c7623e18b128325a05da02aa0832ee289b893\"\u003e\u003ccode\u003eb31c762\u003c/code\u003e\u003c/a\u003e Fix publish?\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/d2f7407721c023426c1af0712dbd71a3ca91d899\"\u003e\u003ccode\u003ed2f7407\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/TooTallNate/once/issues/9\"\u003e#9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/081645cb260aa86a55e5bffad2f1b52155cee8ea\"\u003e\u003ccode\u003e081645c\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/f01fa45d958113c60f54bf7f83e460741d811a47\"\u003e\u003ccode\u003ef01fa45\u003c/code\u003e\u003c/a\u003e Fix Release job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/28dbc5d7f9342ddfb6014ca5f3dc4206048db9cb\"\u003e\u003ccode\u003e28dbc5d\u003c/code\u003e\u003c/a\u003e Add Changesets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/e66503b7f028a9fe7d22e2547d17cea71be05937\"\u003e\u003ccode\u003ee66503b\u003c/code\u003e\u003c/a\u003e Use pnpm in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/6ec8b43f617a6feeb78ab98a4eb999123b664d2b\"\u003e\u003ccode\u003e6ec8b43\u003c/code\u003e\u003c/a\u003e Fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b9f43cc5259bee2952d91ad3cdbd201a82df448a\"\u003e\u003ccode\u003eb9f43cc\u003c/code\u003e\u003c/a\u003e Fix promise hang when \u003ccode\u003eAbortSignal\u003c/code\u003e is aborted\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/a8c9dc3b7a241f992ebcde5b6b76ad5f97ce99af\"\u003e\u003ccode\u003ea8c9dc3\u003c/code\u003e\u003c/a\u003e Add pnpm-lock.yaml file\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/TooTallNate/once/compare/3.0.0...v3.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​tootallnate/once\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 3.0.1 to 3.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.3...v3.0.4\"\u003ev3.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/f5e7eb024bc3fc7e2074ff80f143a4f4cbc1dbda\"\u003e\u003ccode\u003ef5e7eb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/1a78b5dd05e508d67e97764d812ac7c6d92ea88d\"\u003e\u003ccode\u003e1a78b5d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/b22a64ef94ba4f3f6ff7d1ac72a54cca128567df\"\u003e\u003ccode\u003eb22a64e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/11d9f7338f18a59b431832a3562b49baece0a432\"\u003e\u003ccode\u003e11d9f73\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.2...v3.0.3\"\u003ev3.0.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/7fecefe4ba8f775634aff86a698776ad95ecffb5\"\u003e\u003ccode\u003e7fecefe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003ecross-spawn\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003epuppeteer\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/8261fcb8bf5944d30ae3bd04b91b71d6a9932ef4\"\u003e\u003ccode\u003e8261fcb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b82f59093cdbadb4b7ec0922d33ae7ab048b82ff\"\u003e\u003ccode\u003eb82f590\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/e5df7f24383342264bd73dee3274818a40d04065\"\u003e\u003ccode\u003ee5df7f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5a5bafee894fead10da49e1fa2b084e17f2e1034\"\u003e\u003ccode\u003e5a5bafe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.2\"\u003ev3.0.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] clean up ignores \u003ca href=\"https://github.com/form-data/form-data/commit/3217b3ded8e382e51171d5c74c6038a21cc54440\"\u003e\u003ccode\u003e3217b3d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: move util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e) \u003ca href=\"https://github.com/form-data/form-data/commit/edb555a811f6f7e4668db4831551cf41c1de1cac\"\u003e\u003ccode\u003eedb555a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/9c82fcdf0858b2764060a87803a55375ffbee6ed\"\u003e\u003ccode\u003e9c82fcd\u003c/code\u003e\u003c/a\u003e v3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e [meta] remove local commit hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/002b9b0c4862576305292ac44f7be25ec7ccea0e\"\u003e\u003ccode\u003e002b9b0\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e [Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.0 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.3...v3.0.4\"\u003ev3.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/f5e7eb024bc3fc7e2074ff80f143a4f4cbc1dbda\"\u003e\u003ccode\u003ef5e7eb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/1a78b5dd05e508d67e97764d812ac7c6d92ea88d\"\u003e\u003ccode\u003e1a78b5d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/b22a64ef94ba4f3f6ff7d1ac72a54cca128567df\"\u003e\u003ccode\u003eb22a64e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/11d9f7338f18a59b431832a3562b49baece0a432\"\u003e\u003ccode\u003e11d9f73\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.2...v3.0.3\"\u003ev3.0.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/7fecefe4ba8f775634aff86a698776ad95ecffb5\"\u003e\u003ccode\u003e7fecefe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003ecross-spawn\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003epuppeteer\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/8261fcb8bf5944d30ae3bd04b91b71d6a9932ef4\"\u003e\u003ccode\u003e8261fcb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b82f59093cdbadb4b7ec0922d33ae7ab048b82ff\"\u003e\u003ccode\u003eb82f590\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/e5df7f24383342264bd73dee3274818a40d04065\"\u003e\u003ccode\u003ee5df7f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5a5bafee894fead10da49e1fa2b084e17f2e1034\"\u003e\u003ccode\u003e5a5bafe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.2\"\u003ev3.0.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] clean up ignores \u003ca href=\"https://github.com/form-data/form-data/commit/3217b3ded8e382e51171d5c74c6038a21cc54440\"\u003e\u003ccode\u003e3217b3d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: move util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e) \u003ca href=\"https://github.com/form-data/form-data/commit/edb555a811f6f7e4668db4831551cf41c1de1cac\"\u003e\u003ccode\u003eedb555a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/9c82fcdf0858b2764060a87803a55375ffbee6ed\"\u003e\u003ccode\u003e9c82fcd\u003c/code\u003e\u003c/a\u003e v3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e [meta] remove local commit hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/002b9b0c4862576305292ac44f7be25ec7ccea0e\"\u003e\u003ccode\u003e002b9b0\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e [Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `braces` from 2.3.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/braces/blob/master/CHANGELOG.md\"\u003ebraces's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog ...\n\n_Description has been truncated_","html_url":"https://github.com/ctrivette96-tech/vscode/pull/20","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ctrivette96-tech%2Fvscode/issues/20","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/20/packages"},{"uuid":"4073722463","node_id":"PR_kwDOP9kpyc7Kf4rL","number":14,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 24 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-13T22:40:25.000Z","updated_at":"2026-03-13T22:42:36.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":24,"packages":[{"name":"ai","old_version":"5.0.28","new_version":"5.0.52","repository_url":"https://github.com/vercel/ai"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"next","old_version":"15.3.3","new_version":"15.5.10","repository_url":"https://github.com/vercel/next.js"},{"name":"glob","old_version":"11.0.2","new_version":"12.0.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"validator","old_version":"13.15.15","new_version":"13.15.22","repository_url":"https://github.com/validatorjs/validator.js"},{"name":"@modelcontextprotocol/sdk","old_version":"1.12.1","new_version":"1.27.1","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.2.0","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"bn.js","old_version":"4.12.2","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"form-data","old_version":"4.0.3","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"mdast-util-to-hast","old_version":"13.2.0","new_version":"13.2.1","repository_url":"https://github.com/syntax-tree/mdast-util-to-hast"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"qs","old_version":"6.14.0","new_version":"6.15.0","repository_url":"https://github.com/ljharb/qs"},{"name":"rollup","old_version":"4.43.0","new_version":"4.59.0","repository_url":"https://github.com/rollup/rollup"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"3.0.9","new_version":"3.1.2","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"undici","old_version":"7.10.0","new_version":"7.24.1","repository_url":"https://github.com/nodejs/undici"},{"name":"zx","old_version":"7.2.3","new_version":"7.2.4","repository_url":"https://github.com/google/zx"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 22 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ai](https://github.com/vercel/ai) | `5.0.28` | `5.0.52` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [next](https://github.com/vercel/next.js) | `15.3.3` | `15.5.10` |\n| [glob](https://github.com/isaacs/node-glob) | `11.0.2` | `12.0.0` |\n| [validator](https://github.com/validatorjs/validator.js) | `13.15.15` | `13.15.22` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.12.1` | `1.27.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.2.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.2` | `4.12.3` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.3` | `4.0.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) | `13.2.0` | `13.2.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n| [rollup](https://github.com/rollup/rollup) | `4.43.0` | `4.59.0` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `3.0.9` | `3.1.2` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.11` |\n| [undici](https://github.com/nodejs/undici) | `7.10.0` | `7.24.1` |\n| [zx](https://github.com/google/zx) | `7.2.3` | `7.2.4` |\n\n\nUpdates `ai` from 5.0.28 to 5.0.52\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63d5f669098343a49173d788fe1490127e882bd1\"\u003e\u003ccode\u003e63d5f66\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8895\"\u003e#8895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/930399bb9839a8baf3d349614106d78268775eed\"\u003e\u003ccode\u003e930399b\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): download files when intermediate file cannot be downloaded...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7ca78f19a51859de09171daa3b0cefcc9df90a16\"\u003e\u003ccode\u003e7ca78f1\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/gateway): Add new Qwen models to Gateway model string...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1cfc209a5f9f281565538f2880f9c6278ca6bf04\"\u003e\u003ccode\u003e1cfc209\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): \u003ccode\u003eOpenAILanguageModelOptions\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8858\"\u003e#8858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/347b7ecce9953ae427e7fcf5b0441a63a3d44431\"\u003e\u003ccode\u003e347b7ec\u003c/code\u003e\u003c/a\u003e ci: rename \u003ccode\u003ev5.0\u003c/code\u003e branch to \u003ccode\u003erelease-v*\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/85909a9f6448c7e6eb52d780abcca4f96679e719\"\u003e\u003ccode\u003e85909a9\u003c/code\u003e\u003c/a\u003e Backport: chore(ai): update test message (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8875\"\u003e#8875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c56822dd81d5d70bcd5ef230a875f96a224849a4\"\u003e\u003ccode\u003ec56822d\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the `UIMessageChu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1461adf5841cc3f164482fdff72b66b4b22bf866\"\u003e\u003ccode\u003e1461adf\u003c/code\u003e\u003c/a\u003e Backport: chore(examples): remove redundant OpenAI reasoning examples (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8871\"\u003e#8871\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6bd07df02d9f954b389e44da128fc6d1358462d9\"\u003e\u003ccode\u003e6bd07df\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8853\"\u003e#8853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a45d61aa32f2f319254c5e660731085bcd30f273\"\u003e\u003ccode\u003ea45d61a\u003c/code\u003e\u003c/a\u003e ci(release): remove incorrect changeset bump for \u003ccode\u003e@ai-sdk/baseten\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/compare/ai@5.0.28...ai@5.0.52\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 15.3.3 to 15.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.10\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472\"\u003ehttps://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23864\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23864\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.4.11\u003c/h2\u003e\n\u003cp\u003ePlease see this \u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23864\"\u003echangelog\u003c/a\u003e for more information about this security patch.\u003c/p\u003e\n\u003ch2\u003ev15.3.9\u003c/h2\u003e\n\u003cp\u003ePlease see this \u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23864\"\u003echangelog\u003c/a\u003e for more information about this security patch.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/60a2aa97b6692d3a56e483f0ff93febaf6f33fd6\"\u003e\u003ccode\u003e60a2aa9\u003c/code\u003e\u003c/a\u003e v15.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/e5b834d208fe0edf64aa26b5d76dcf6a176500ec\"\u003e\u003ccode\u003ee5b834d\u003c/code\u003e\u003c/a\u003e fetch(next/image): reduce maximumResponseBody from 300MB to 50MB (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/88588\"\u003e#88588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/39a2f6a8d13dfa50cee843f93241c8c1dbaf801e\"\u003e\u003ccode\u003e39a2f6a\u003c/code\u003e\u003c/a\u003e feat(next/image)!: add \u003ccode\u003eimages.maximumResponseBody\u003c/code\u003e config (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/88183\"\u003e#88183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/bf9f0843edab3a7cf9d4c85b315bc33c87b282ce\"\u003e\u003ccode\u003ebf9f084\u003c/code\u003e\u003c/a\u003e Sync DoS mitigations for React Flight\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c5de33e93ccccaf3bee60cf50603e2152f9886e1\"\u003e\u003ccode\u003ec5de33e\u003c/code\u003e\u003c/a\u003e v15.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/dd233994aeb24e906cdb9aedca5447cdef401792\"\u003e\u003ccode\u003edd23399\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/facebook/react/issues/35351\"\u003efacebook/react#35351\u003c/a\u003e for 15.5.8 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/87086\"\u003e#87086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7526cd6f24300726964eaba78927fe2a9c3fed5e\"\u003e\u003ccode\u003e7526cd6\u003c/code\u003e\u003c/a\u003e v15.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/1e9ec4133af3657964833bfcc9abb0ee73fb19f0\"\u003e\u003ccode\u003e1e9ec41\u003c/code\u003e\u003c/a\u003e Update React Version (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/41\"\u003e#41\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/16141e5df9ce51136ba42988b574981f89d01081\"\u003e\u003ccode\u003e16141e5\u003c/code\u003e\u003c/a\u003e Update React Version (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/30\"\u003e#30\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/e01e589e181d66d48c57698238b8b7f59218dfef\"\u003e\u003ccode\u003ee01e589\u003c/code\u003e\u003c/a\u003e Backport Next.js changes to v15.5.8 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/23\"\u003e#23\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v15.3.3...v15.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.2 to 12.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2b03ccaf9fc397b6054d639cd5fbe97104d36221\"\u003e\u003ccode\u003e2b03cca\u003c/code\u003e\u003c/a\u003e 12.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d56203dc19a4af5c8f8177a3b67e63a14a246458\"\u003e\u003ccode\u003ed56203d\u003c/code\u003e\u003c/a\u003e prettier config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bb521e5d188a8cbbe86d5cef3bf57a49fdee7c59\"\u003e\u003ccode\u003ebb521e5\u003c/code\u003e\u003c/a\u003e Remove --shell option where unsafe to use\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2551fb51440d402fa2120457bf460e546ee9964d\"\u003e\u003ccode\u003e2551fb5\u003c/code\u003e\u003c/a\u003e 11.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146\"\u003e\u003ccode\u003e47473c0\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bc33fe1c6a47abd497703d79ad96036e7891ff62\"\u003e\u003ccode\u003ebc33fe1\u003c/code\u003e\u003c/a\u003e skip tilde test on systems that lack tilde expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/59bf9ca211bda5636c4fe9e32d41530c90a4f30d\"\u003e\u003ccode\u003e59bf9ca\u003c/code\u003e\u003c/a\u003e fix notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/dde4fa66c87e24b37bb5be28ed10c6e12019edac\"\u003e\u003ccode\u003edde4fa6\u003c/code\u003e\u003c/a\u003e docs(README): add #anchor and improve \u003ccode\u003enote\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/0559b0ed13c0f8147cd2ac9d48bb49684caaf20e\"\u003e\u003ccode\u003e0559b0e\u003c/code\u003e\u003c/a\u003e docs: add better links to path-scurry docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c9773c249b4b9ed6b2447222c226f9d20c6ce916\"\u003e\u003ccode\u003ec9773c2\u003c/code\u003e\u003c/a\u003e fix: correct typos in \u003ccode\u003eREADME.md\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v11.0.2...v12.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `validator` from 13.15.15 to 13.15.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/releases\"\u003evalidator's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e13.15.22\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003evalidatorjs/validator.js#2622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e-- made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003evalidatorjs/validator.js#2616\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e13.15.20\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003evalidatorjs/validator.js#2563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003evalidatorjs/validator.js#2556\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003evalidatorjs/validator.js#2576\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003evalidatorjs/validator.js#2574\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003evalidatorjs/validator.js#2584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003evalidatorjs/validator.js#2581\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003evalidatorjs/validator.js#2608\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md\"\u003evalidator's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e13.15.22\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e13.15.20\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2b5c17dbe03f2ca9ad9122c597f81e86ce1a9a1\"\u003e\u003ccode\u003ef2b5c17\u003c/code\u003e\u003c/a\u003e maintenance: 2511 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2627\"\u003e#2627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/d457ecaf55b0f3d8bd379d82757425d0d13dd382\"\u003e\u003ccode\u003ed457eca\u003c/code\u003e\u003c/a\u003e fix(isLength): correctly handle Unicode variation selectors (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2616\"\u003e#2616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2e3633f22fd3016656789d100bc451d857e7488\"\u003e\u003ccode\u003ef2e3633\u003c/code\u003e\u003c/a\u003e docs: add install instructions to contibution guide (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2621\"\u003e#2621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cf401458b8733d981a3724d634c795a9d612b516\"\u003e\u003ccode\u003ecf40145\u003c/code\u003e\u003c/a\u003e fix: URL validation for hostnames with ports (no protocol) (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2622\"\u003e#2622\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/4af61243ba0ae93f29e7689040e188b5849ff1b0\"\u003e\u003ccode\u003e4af6124\u003c/code\u003e\u003c/a\u003e maintenance: 2510 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2585\"\u003e#2585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/30d4fe02c16d36ed471f12da658c4b5d843781e0\"\u003e\u003ccode\u003e30d4fe0\u003c/code\u003e\u003c/a\u003e 13.15.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cbef5088f02d36caf978f378bb845fe49bdc0809\"\u003e\u003ccode\u003ecbef508\u003c/code\u003e\u003c/a\u003e fix(isURL): improve protocol detection. Resolves CVE-2025-56200 (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2608\"\u003e#2608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/6f436be36945e460ee624bf72a935a06daded859\"\u003e\u003ccode\u003e6f436be\u003c/code\u003e\u003c/a\u003e Fix typo in validators.test.js (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2581\"\u003e#2581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/3c857088d58197453957a2b924dfedea328003b6\"\u003e\u003ccode\u003e3c85708\u003c/code\u003e\u003c/a\u003e Fix: correct French VAT (FR) validation regex and add tests (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2584\"\u003e#2584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/eee525cd117d24ac905b9432f3f5a27e96aa9719\"\u003e\u003ccode\u003eeee525c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2491\"\u003e#2491\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2573\"\u003e#2573\u003c/a\u003e Simplify isBase64 to prevent stack overflow (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2574\"\u003e#2574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~wikirik\"\u003ewikirik\u003c/a\u003e, a new releaser for validator since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.12.1 to 1.27.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e\u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.27.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: implement auth/pre-registration conformance scenario by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1545\"\u003emodelcontextprotocol/typescript-sdk#1545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add governance documentation for SEP-1730 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1547\"\u003emodelcontextprotocol/typescript-sdk#1547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: comprehensive feature documentation for SEP-1730 Tier 1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1548\"\u003emodelcontextprotocol/typescript-sdk#1548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent command injection in example URL opening (v1.x backport) by \u003ca href=\"https://github.com/maxisbey\"\u003e\u003ccode\u003e@​maxisbey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1579\"\u003emodelcontextprotocol/typescript-sdk#1579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: call onerror for silently swallowed transport errors by \u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.27.1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1581\"\u003emodelcontextprotocol/typescript-sdk#1581\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add conformance test infrastructure for v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1518\"\u003emodelcontextprotocol/typescript-sdk#1518\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: backport discoverOAuthServerInfo() and discovery caching to v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1533\"\u003emodelcontextprotocol/typescript-sdk#1533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add url property to RequestInfo interface by \u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] feat(tasks): add streaming methods for elicitation and sampling by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1528\"\u003emodelcontextprotocol/typescript-sdk#1528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version for v1.27.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1541\"\u003emodelcontextprotocol/typescript-sdk#1541\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.26.0\u003c/h2\u003e\n\u003cp\u003eAddresses \u0026quot;Sharing server/transport instances can leak cross-client response data\u0026quot; in this GHSA \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump v1.25.3 for backport fixes by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1412\"\u003emodelcontextprotocol/typescript-sdk#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by \u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) by \u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.26.0 by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1479\"\u003emodelcontextprotocol/typescript-sdk#1479\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v1.x backport] Use correct schema for client sampling validation when tools are present by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1407\"\u003emodelcontextprotocol/typescript-sdk#1407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent Hono from overriding global Response object (v1.x) by \u003ca href=\"https://github.com/mattzcarey\"\u003e\u003ccode\u003e@​mattzcarey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1411\"\u003emodelcontextprotocol/typescript-sdk#1411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4faa8c899c069a98f8a0c3f804ec1a50dc2bae64\"\u003e\u003ccode\u003e4faa8c8\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.27.1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1581\"\u003e#1581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/09a85a80439f0ca9e5556ac20bdec41461e35234\"\u003e\u003ccode\u003e09a85a8\u003c/code\u003e\u003c/a\u003e fix: call onerror for silently swallowed transport errors (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1580\"\u003e#1580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/e79d14ab6d8fbcb49543cab3917a60a89d0a6df9\"\u003e\u003ccode\u003ee79d14a\u003c/code\u003e\u003c/a\u003e fix: prevent command injection in example URL opening (v1.x backport) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1579\"\u003e#1579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/342ea394ca6e660e294162efdeafc411284bcc0d\"\u003e\u003ccode\u003e342ea39\u003c/code\u003e\u003c/a\u003e docs: comprehensive feature documentation for SEP-1730 Tier 1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1548\"\u003e#1548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/2084a22074d4c8fd54ddc8637783fb10c13edf90\"\u003e\u003ccode\u003e2084a22\u003c/code\u003e\u003c/a\u003e docs: add governance documentation for SEP-1730 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1547\"\u003e#1547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/f2d21458ccccd7cfaa1a2a171a262961591d4d0b\"\u003e\u003ccode\u003ef2d2145\u003c/code\u003e\u003c/a\u003e feat: implement auth/pre-registration conformance scenario (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1545\"\u003e#1545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/8cbc65848388cb0364122f5760cb6b01ff8a3654\"\u003e\u003ccode\u003e8cbc658\u003c/code\u003e\u003c/a\u003e chore: bump version for v1.27.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1541\"\u003e#1541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/5c16ae3339bfa1dd71b0dee1a534e1b6d8be658e\"\u003e\u003ccode\u003e5c16ae3\u003c/code\u003e\u003c/a\u003e [v1.x] feat(tasks): add streaming methods for elicitation and sampling (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1528\"\u003e#1528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/97ab379e4572ac8e38ff8b99891f29a69cfbb5bb\"\u003e\u003ccode\u003e97ab379\u003c/code\u003e\u003c/a\u003e feat: add url property to RequestInfo interface (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/825e9ab80332e7fac19d221f6aae352dc73172fe\"\u003e\u003ccode\u003e825e9ab\u003c/code\u003e\u003c/a\u003e feat: backport discoverOAuthServerInfo() and discovery caching to v1.x (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1533\"\u003e#1533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.12.1...v1.27.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~pcarleton\"\u003epcarleton\u003c/a\u003e, a new releaser for \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5d41e45073ed1a8a3b5e5a1bbfcd131e61295bf8\"\u003e\u003ccode\u003e5d41e45\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/49c2e73ed1cae4962ae38b33ab93a3548c2f5622\"\u003e\u003ccode\u003e49c2e73\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/2a2a0e6514357b9eda07c2f8afbd3f04727a7cd9\"\u003e\u003ccode\u003e2a2a0e6\u003c/code\u003e\u003c/a\u003e Skip invalid filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/65c90d949c0f8a9709759dff9e76bbe07061812b\"\u003e\u003ccode\u003e65c90d9\u003c/code\u003e\u003c/a\u003e Fix permissions for workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/593cb7831bec60d5590acc3eeb2e553f4a431167\"\u003e\u003ccode\u003e593cb78\u003c/code\u003e\u003c/a\u003e Set permissions for workflow jobs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/36adf110beabc9acdcad122149a2ea795a2b1a6c\"\u003e\u003ccode\u003e36adf11\u003c/code\u003e\u003c/a\u003e Remove deprecated CodeQL check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9da4af0e1f82fe372bedc1b7820f55c6eaf012e5\"\u003e\u003ccode\u003e9da4af0\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/699303975bea182b966f9f34a1ecbbebe92afcef\"\u003e\u003ccode\u003e6993039\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0b8f7560e11af817d70ff17f986b334ba2e99b81\"\u003e\u003ccode\u003e0b8f756\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/67a53f21623e4047d28d7a6f98f539f1adc9d1d0\"\u003e\u003ccode\u003e67a53f2\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.2 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.2...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 2.2.0 to 2.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README links by \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: release notes for the v1.20.4 release by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/674\"\u003eexpressjs/body-parser#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update URL-encoded parser description to include ISO-8859-1 encoding support by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/679\"\u003eexpressjs/body-parser#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use standard jsdoc tags everywhere by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/677\"\u003eexpressjs/body-parser#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/689\"\u003eexpressjs/body-parser#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/693\"\u003eexpressjs/body-parser#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.2.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/691\"\u003eexpressjs/body-parser#691\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\"\u003ehttps://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-13466\"\u003eCVE-2025-13466\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/593\"\u003eexpressjs/body-parser#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/594\"\u003eexpressjs/body-parser#594\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: type-is@^2.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/599\"\u003eexpressjs/body-parser#599\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/609\"\u003eexpressjs/body-parser#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/610\"\u003eexpressjs/body-parser#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/611\"\u003eexpressjs/body-parser#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/613\"\u003eexpressjs/body-parser#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/612\"\u003eexpressjs/body-parser#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add codeql github workflows scanning by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/614\"\u003eexpressjs/body-parser#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update CodeQL config to ignore the test directory by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/615\"\u003eexpressjs/body-parser#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/620\"\u003eexpressjs/body-parser#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/619\"\u003eexpressjs/body-parser#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): unpin devDependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/616\"\u003eexpressjs/body-parser#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/621\"\u003eexpressjs/body-parser#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/623\"\u003eexpressjs/body-parser#623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/624\"\u003eexpressjs/body-parser#624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/617\"\u003eexpressjs/body-parser#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/625\"\u003eexpressjs/body-parser#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/630\"\u003eexpressjs/body-parser#630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: move common request validation to read function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/600\"\u003eexpressjs/body-parser#600\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump iconv-lite by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/631\"\u003eexpressjs/body-parser#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: pull beta changelog forward into 2.0.0 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/629\"\u003eexpressjs/body-parser#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: optimize raw and text parsers with shared passthrough function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/634\"\u003eexpressjs/body-parser#634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/640\"\u003eexpressjs/body-parser#640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/639\"\u003eexpressjs/body-parser#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/636\"\u003eexpressjs/body-parser#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/637\"\u003eexpressjs/body-parser#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/638\"\u003eexpressjs/body-parser#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: raw-body@^3.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/641\"\u003eexpressjs/body-parser#641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.2.2 / 2026-01-07\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@^6.14.1\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.1 / 2025-11-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.1\u003c/li\u003e\n\u003cli\u003eiconv-lite@^0.7.0\n\u003cul\u003e\n\u003cli\u003eHandle split surrogate pairs when encoding UTF-8\u003c/li\u003e\n\u003cli\u003eAvoid false positives in \u003ccode\u003eencodingExists\u003c/code\u003e by using prototype-less objects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eraw-body@^3.0.1\u003c/li\u003e\n\u003cli\u003edebug@^4.4.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/3d248660b2e8b66732b232d7c758517fbf2420a6\"\u003e\u003ccode\u003e3d24866\u003c/code\u003e\u003c/a\u003e 2.2.2 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/8474a984c3ba36a1b4328ce019833b99caa0f08f\"\u003e\u003ccode\u003e8474a98\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/693\"\u003e#693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/03f17c2538552a57e6be537afca8c7587bd40aaa\"\u003e\u003ccode\u003e03f17c2\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/689\"\u003e#689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ea1f25e503c1b2f7ba6f8562724ae0fcd247fb75\"\u003e\u003ccode\u003eea1f25e\u003c/code\u003e\u003c/a\u003e docs: use standard jsdoc tags everywhere (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d7deef8ec61307fa28c22bc443cf8ed2f267945a\"\u003e\u003ccode\u003ed7deef8\u003c/code\u003e\u003c/a\u003e docs: update URL-encoded parser description to include ISO-8859-1 encoding su...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b6f52aabc65137c5227c8a462bddb761daeb96e7\"\u003e\u003ccode\u003eb6f52aa\u003c/code\u003e\u003c/a\u003e docs: release notes for the v1.20.4 release (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2965ca4af4883109cb2f651f4ce12da310902a0c\"\u003e\u003ccode\u003e2965ca4\u003c/code\u003e\u003c/a\u003e docs: update links (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d96b63da8d7445de317736471633bac83ec76cbb\"\u003e\u003ccode\u003ed96b63d\u003c/code\u003e\u003c/a\u003e 2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/659\"\u003e#659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63\"\u003e\u003ccode\u003eb204886\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2025-13466\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/e20e3512e085c1162e8ffe36ac65c705a8017251\"\u003e\u003ccode\u003ee20e351\u003c/code\u003e\u003c/a\u003e feat: remove \u003ccode\u003ehistory.md\u003c/code\u003e from being packaged on publish (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.0...v2.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 4.0.2 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 4.0.2 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev4.0.3 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5\"\u003e\u003ccode\u003ef06f3e4\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75\"\u003e\u003ccode\u003e0179a48\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683\"\u003e\u003ccode\u003e4568cae\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a\"\u003e\u003ccode\u003e4de0ffa\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~explodingcabbage\"\u003eexplodingcabbage\u003c/a\u003e, a new releaser for diff since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.3 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.4...v4.0.5\"\u003ev4.0.5\u003c/a\u003e - 2025-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set Symbol.toStringTag in the proper place \u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/68ff7dda8834d6de095a7008cef0e03bc252ca98\"\u003e\u003ccode\u003e68ff7dd\u003c/code\u003e\u003c/a\u003e v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e [Fix] set Symbol.toStringTag in the proper place\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e [Tests] Switch to newer v8 prediction library; enable node 24 testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e [Tests] fix linting errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `immutable` from 5.1.2 to 4.3.8\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md\"\u003eimmutable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e,\nand this project adheres to \u003ca href=\"https://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\nDates are formatted as YYYY-MM-DD.\u003c/p\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003ch2\u003e5.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate some files to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2125\"\u003eimmutable-js/immutable-js#2125\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIterator.ts\u003c/li\u003e\n\u003cli\u003ePairSorting.ts\u003c/li\u003e\n\u003cli\u003etoJS.ts\u003c/li\u003e\n\u003cli\u003eMath.ts\u003c/li\u003e\n\u003cli\u003eHash.ts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eExtract CollectionHelperMethods and convert to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2131\"\u003eimmutable-js/immutable-js#2131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse npm \u003ca href=\"https://docs.npmjs.com/trusted-publishers\"\u003etrusted publishing only\u003c/a\u003e to avoid token stealing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/a11y issues by \u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDoc add Map.get signature update by \u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(doc):minor-issues#2132 by \u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix algolia search by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2135\"\u003eimmutable-js/immutable-js#2135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTypo in OrderedMap by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2144\"\u003eimmutable-js/immutable-js#2144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: Sort all imports and activate eslint import rule by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2119\"\u003eimmutable-js/immutable-js#2119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.3\u003c/h2\u003e\n\u003ch3\u003eTypeScript\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: allow readonly map entry constructor by \u003ca href=\"https://github.com/septs\"\u003e\u003ccode\u003e@​septs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2123\"\u003eimmutable-js/immutable-js#2123\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cp\u003eThere has been a huge amount of changes in the documentation, mainly migrate from an autogenerated documentation from .d.ts file, to a proper documentation in markdown.\nThe playground has been included on ...\n\n_Description has been truncated_\n\n---\n\n🔄 This PR is an automated dependency update that bumps 24 npm packages across the monorepo, including major updates to Next.js (15.3.3 → 15.5.10), AI SDK (5.0.28 → 5.0.52), and lodash (4.17.21 → 4.17.23), along with various security patches and bug fixes.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Framework Updates**: Next.js updated from 15.3.3 to 15.5.10, bringing security fixes for CVE-2025-59471, CVE-2025-59472, and CVE-2026-23864\n- **AI SDK Enhancement**: Vercel AI SDK updated from 5.0.28 to 5.0.52 with new features and bug fixes across multiple packages\n- **Security Patches**: Multiple packages received security updates including lodash (prototype pollution fix), validator (CVE-2025-56200), and glob (command injection prevention)\n- **Utility Libraries**: Updates to core utilities like nanoid (5.1.5 → 5.1.6), validator (13.15.15 → 13.15.22), and various build tools\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 24 Outdated Packages]\n    B --\u003e C[Security Vulnerabilities Found]\n    B --\u003e D[Feature Updates Available]\n    C --\u003e E[Apply Security Patches]\n    D --\u003e F[Update Framework Versions]\n    E --\u003e G[Update package.json Files]\n    F --\u003e G\n    G --\u003e H[15 Package Files Modified]\n    H --\u003e I[Maintain Workspace Dependencies]\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple CVEs including prototype pollution, command injection, and URL validation vulnerabilities\n- **Framework Improvements**: Next.js updates bring performance optimizations, bug fixes, and enhanced image handling capabilities\n- **Development Experience**: Updated AI SDK provides better streaming support, OAuth improvements, and enhanced error handling\n- **Maintenance**: Automated dependency management ensures the project stays current with latest patches and improvements\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/plate/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Fplate/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"},{"uuid":"4060620282","node_id":"PR_kwDOP9kpyc7J1UAx","number":13,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 24 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-11T20:55:08.000Z","updated_at":"2026-03-11T20:58:10.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":24,"packages":[{"name":"ai","old_version":"5.0.28","new_version":"5.0.52","repository_url":"https://github.com/vercel/ai"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"next","old_version":"15.3.3","new_version":"15.5.10","repository_url":"https://github.com/vercel/next.js"},{"name":"glob","old_version":"11.0.2","new_version":"12.0.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"validator","old_version":"13.15.15","new_version":"13.15.22","repository_url":"https://github.com/validatorjs/validator.js"},{"name":"@modelcontextprotocol/sdk","old_version":"1.12.1","new_version":"1.27.1","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.2.0","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"bn.js","old_version":"4.12.2","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"form-data","old_version":"4.0.3","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"mdast-util-to-hast","old_version":"13.2.0","new_version":"13.2.1","repository_url":"https://github.com/syntax-tree/mdast-util-to-hast"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"qs","old_version":"6.14.0","new_version":"6.15.0","repository_url":"https://github.com/ljharb/qs"},{"name":"rollup","old_version":"4.43.0","new_version":"4.59.0","repository_url":"https://github.com/rollup/rollup"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"3.0.9","new_version":"3.1.2","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"undici","old_version":"7.10.0","new_version":"7.22.0","repository_url":"https://github.com/nodejs/undici"},{"name":"zx","old_version":"7.2.3","new_version":"7.2.4","repository_url":"https://github.com/google/zx"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 22 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ai](https://github.com/vercel/ai) | `5.0.28` | `5.0.52` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [next](https://github.com/vercel/next.js) | `15.3.3` | `15.5.10` |\n| [glob](https://github.com/isaacs/node-glob) | `11.0.2` | `12.0.0` |\n| [validator](https://github.com/validatorjs/validator.js) | `13.15.15` | `13.15.22` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.12.1` | `1.27.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.2.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.2` | `4.12.3` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.3` | `4.0.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) | `13.2.0` | `13.2.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n| [rollup](https://github.com/rollup/rollup) | `4.43.0` | `4.59.0` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `3.0.9` | `3.1.2` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.11` |\n| [undici](https://github.com/nodejs/undici) | `7.10.0` | `7.22.0` |\n| [zx](https://github.com/google/zx) | `7.2.3` | `7.2.4` |\n\n\nUpdates `ai` from 5.0.28 to 5.0.52\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63d5f669098343a49173d788fe1490127e882bd1\"\u003e\u003ccode\u003e63d5f66\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8895\"\u003e#8895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/930399bb9839a8baf3d349614106d78268775eed\"\u003e\u003ccode\u003e930399b\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): download files when intermediate file cannot be downloaded...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7ca78f19a51859de09171daa3b0cefcc9df90a16\"\u003e\u003ccode\u003e7ca78f1\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/gateway): Add new Qwen models to Gateway model string...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1cfc209a5f9f281565538f2880f9c6278ca6bf04\"\u003e\u003ccode\u003e1cfc209\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): \u003ccode\u003eOpenAILanguageModelOptions\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8858\"\u003e#8858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/347b7ecce9953ae427e7fcf5b0441a63a3d44431\"\u003e\u003ccode\u003e347b7ec\u003c/code\u003e\u003c/a\u003e ci: rename \u003ccode\u003ev5.0\u003c/code\u003e branch to \u003ccode\u003erelease-v*\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/85909a9f6448c7e6eb52d780abcca4f96679e719\"\u003e\u003ccode\u003e85909a9\u003c/code\u003e\u003c/a\u003e Backport: chore(ai): update test message (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8875\"\u003e#8875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c56822dd81d5d70bcd5ef230a875f96a224849a4\"\u003e\u003ccode\u003ec56822d\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the `UIMessageChu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1461adf5841cc3f164482fdff72b66b4b22bf866\"\u003e\u003ccode\u003e1461adf\u003c/code\u003e\u003c/a\u003e Backport: chore(examples): remove redundant OpenAI reasoning examples (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8871\"\u003e#8871\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6bd07df02d9f954b389e44da128fc6d1358462d9\"\u003e\u003ccode\u003e6bd07df\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8853\"\u003e#8853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a45d61aa32f2f319254c5e660731085bcd30f273\"\u003e\u003ccode\u003ea45d61a\u003c/code\u003e\u003c/a\u003e ci(release): remove incorrect changeset bump for \u003ccode\u003e@ai-sdk/baseten\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/compare/ai@5.0.28...ai@5.0.52\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 15.3.3 to 15.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.10\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472\"\u003ehttps://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23864\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23864\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.4.11\u003c/h2\u003e\n\u003cp\u003ePlease see this \u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23864\"\u003echangelog\u003c/a\u003e for more information about this security patch.\u003c/p\u003e\n\u003ch2\u003ev15.3.9\u003c/h2\u003e\n\u003cp\u003ePlease see this \u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23864\"\u003echangelog\u003c/a\u003e for more information about this security patch.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/60a2aa97b6692d3a56e483f0ff93febaf6f33fd6\"\u003e\u003ccode\u003e60a2aa9\u003c/code\u003e\u003c/a\u003e v15.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/e5b834d208fe0edf64aa26b5d76dcf6a176500ec\"\u003e\u003ccode\u003ee5b834d\u003c/code\u003e\u003c/a\u003e fetch(next/image): reduce maximumResponseBody from 300MB to 50MB (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/88588\"\u003e#88588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/39a2f6a8d13dfa50cee843f93241c8c1dbaf801e\"\u003e\u003ccode\u003e39a2f6a\u003c/code\u003e\u003c/a\u003e feat(next/image)!: add \u003ccode\u003eimages.maximumResponseBody\u003c/code\u003e config (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/88183\"\u003e#88183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/bf9f0843edab3a7cf9d4c85b315bc33c87b282ce\"\u003e\u003ccode\u003ebf9f084\u003c/code\u003e\u003c/a\u003e Sync DoS mitigations for React Flight\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c5de33e93ccccaf3bee60cf50603e2152f9886e1\"\u003e\u003ccode\u003ec5de33e\u003c/code\u003e\u003c/a\u003e v15.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/dd233994aeb24e906cdb9aedca5447cdef401792\"\u003e\u003ccode\u003edd23399\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/facebook/react/issues/35351\"\u003efacebook/react#35351\u003c/a\u003e for 15.5.8 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/87086\"\u003e#87086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7526cd6f24300726964eaba78927fe2a9c3fed5e\"\u003e\u003ccode\u003e7526cd6\u003c/code\u003e\u003c/a\u003e v15.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/1e9ec4133af3657964833bfcc9abb0ee73fb19f0\"\u003e\u003ccode\u003e1e9ec41\u003c/code\u003e\u003c/a\u003e Update React Version (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/41\"\u003e#41\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/16141e5df9ce51136ba42988b574981f89d01081\"\u003e\u003ccode\u003e16141e5\u003c/code\u003e\u003c/a\u003e Update React Version (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/30\"\u003e#30\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/e01e589e181d66d48c57698238b8b7f59218dfef\"\u003e\u003ccode\u003ee01e589\u003c/code\u003e\u003c/a\u003e Backport Next.js changes to v15.5.8 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/23\"\u003e#23\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v15.3.3...v15.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.2 to 12.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2b03ccaf9fc397b6054d639cd5fbe97104d36221\"\u003e\u003ccode\u003e2b03cca\u003c/code\u003e\u003c/a\u003e 12.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d56203dc19a4af5c8f8177a3b67e63a14a246458\"\u003e\u003ccode\u003ed56203d\u003c/code\u003e\u003c/a\u003e prettier config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bb521e5d188a8cbbe86d5cef3bf57a49fdee7c59\"\u003e\u003ccode\u003ebb521e5\u003c/code\u003e\u003c/a\u003e Remove --shell option where unsafe to use\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2551fb51440d402fa2120457bf460e546ee9964d\"\u003e\u003ccode\u003e2551fb5\u003c/code\u003e\u003c/a\u003e 11.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146\"\u003e\u003ccode\u003e47473c0\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bc33fe1c6a47abd497703d79ad96036e7891ff62\"\u003e\u003ccode\u003ebc33fe1\u003c/code\u003e\u003c/a\u003e skip tilde test on systems that lack tilde expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/59bf9ca211bda5636c4fe9e32d41530c90a4f30d\"\u003e\u003ccode\u003e59bf9ca\u003c/code\u003e\u003c/a\u003e fix notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/dde4fa66c87e24b37bb5be28ed10c6e12019edac\"\u003e\u003ccode\u003edde4fa6\u003c/code\u003e\u003c/a\u003e docs(README): add #anchor and improve \u003ccode\u003enote\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/0559b0ed13c0f8147cd2ac9d48bb49684caaf20e\"\u003e\u003ccode\u003e0559b0e\u003c/code\u003e\u003c/a\u003e docs: add better links to path-scurry docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c9773c249b4b9ed6b2447222c226f9d20c6ce916\"\u003e\u003ccode\u003ec9773c2\u003c/code\u003e\u003c/a\u003e fix: correct typos in \u003ccode\u003eREADME.md\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v11.0.2...v12.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `validator` from 13.15.15 to 13.15.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/releases\"\u003evalidator's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e13.15.22\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003evalidatorjs/validator.js#2622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e-- made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003evalidatorjs/validator.js#2616\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e13.15.20\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003evalidatorjs/validator.js#2563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003evalidatorjs/validator.js#2556\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003evalidatorjs/validator.js#2576\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003evalidatorjs/validator.js#2574\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003evalidatorjs/validator.js#2584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003evalidatorjs/validator.js#2581\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003evalidatorjs/validator.js#2608\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md\"\u003evalidator's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e13.15.22\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e13.15.20\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2b5c17dbe03f2ca9ad9122c597f81e86ce1a9a1\"\u003e\u003ccode\u003ef2b5c17\u003c/code\u003e\u003c/a\u003e maintenance: 2511 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2627\"\u003e#2627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/d457ecaf55b0f3d8bd379d82757425d0d13dd382\"\u003e\u003ccode\u003ed457eca\u003c/code\u003e\u003c/a\u003e fix(isLength): correctly handle Unicode variation selectors (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2616\"\u003e#2616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2e3633f22fd3016656789d100bc451d857e7488\"\u003e\u003ccode\u003ef2e3633\u003c/code\u003e\u003c/a\u003e docs: add install instructions to contibution guide (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2621\"\u003e#2621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cf401458b8733d981a3724d634c795a9d612b516\"\u003e\u003ccode\u003ecf40145\u003c/code\u003e\u003c/a\u003e fix: URL validation for hostnames with ports (no protocol) (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2622\"\u003e#2622\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/4af61243ba0ae93f29e7689040e188b5849ff1b0\"\u003e\u003ccode\u003e4af6124\u003c/code\u003e\u003c/a\u003e maintenance: 2510 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2585\"\u003e#2585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/30d4fe02c16d36ed471f12da658c4b5d843781e0\"\u003e\u003ccode\u003e30d4fe0\u003c/code\u003e\u003c/a\u003e 13.15.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cbef5088f02d36caf978f378bb845fe49bdc0809\"\u003e\u003ccode\u003ecbef508\u003c/code\u003e\u003c/a\u003e fix(isURL): improve protocol detection. Resolves CVE-2025-56200 (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2608\"\u003e#2608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/6f436be36945e460ee624bf72a935a06daded859\"\u003e\u003ccode\u003e6f436be\u003c/code\u003e\u003c/a\u003e Fix typo in validators.test.js (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2581\"\u003e#2581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/3c857088d58197453957a2b924dfedea328003b6\"\u003e\u003ccode\u003e3c85708\u003c/code\u003e\u003c/a\u003e Fix: correct French VAT (FR) validation regex and add tests (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2584\"\u003e#2584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/eee525cd117d24ac905b9432f3f5a27e96aa9719\"\u003e\u003ccode\u003eeee525c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2491\"\u003e#2491\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2573\"\u003e#2573\u003c/a\u003e Simplify isBase64 to prevent stack overflow (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2574\"\u003e#2574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~wikirik\"\u003ewikirik\u003c/a\u003e, a new releaser for validator since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.12.1 to 1.27.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e\u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.27.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: implement auth/pre-registration conformance scenario by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1545\"\u003emodelcontextprotocol/typescript-sdk#1545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add governance documentation for SEP-1730 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1547\"\u003emodelcontextprotocol/typescript-sdk#1547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: comprehensive feature documentation for SEP-1730 Tier 1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1548\"\u003emodelcontextprotocol/typescript-sdk#1548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent command injection in example URL opening (v1.x backport) by \u003ca href=\"https://github.com/maxisbey\"\u003e\u003ccode\u003e@​maxisbey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1579\"\u003emodelcontextprotocol/typescript-sdk#1579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: call onerror for silently swallowed transport errors by \u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.27.1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1581\"\u003emodelcontextprotocol/typescript-sdk#1581\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add conformance test infrastructure for v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1518\"\u003emodelcontextprotocol/typescript-sdk#1518\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: backport discoverOAuthServerInfo() and discovery caching to v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1533\"\u003emodelcontextprotocol/typescript-sdk#1533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add url property to RequestInfo interface by \u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] feat(tasks): add streaming methods for elicitation and sampling by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1528\"\u003emodelcontextprotocol/typescript-sdk#1528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version for v1.27.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1541\"\u003emodelcontextprotocol/typescript-sdk#1541\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.26.0\u003c/h2\u003e\n\u003cp\u003eAddresses \u0026quot;Sharing server/transport instances can leak cross-client response data\u0026quot; in this GHSA \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump v1.25.3 for backport fixes by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1412\"\u003emodelcontextprotocol/typescript-sdk#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by \u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) by \u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.26.0 by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1479\"\u003emodelcontextprotocol/typescript-sdk#1479\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v1.x backport] Use correct schema for client sampling validation when tools are present by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1407\"\u003emodelcontextprotocol/typescript-sdk#1407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent Hono from overriding global Response object (v1.x) by \u003ca href=\"https://github.com/mattzcarey\"\u003e\u003ccode\u003e@​mattzcarey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1411\"\u003emodelcontextprotocol/typescript-sdk#1411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4faa8c899c069a98f8a0c3f804ec1a50dc2bae64\"\u003e\u003ccode\u003e4faa8c8\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.27.1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1581\"\u003e#1581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/09a85a80439f0ca9e5556ac20bdec41461e35234\"\u003e\u003ccode\u003e09a85a8\u003c/code\u003e\u003c/a\u003e fix: call onerror for silently swallowed transport errors (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1580\"\u003e#1580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/e79d14ab6d8fbcb49543cab3917a60a89d0a6df9\"\u003e\u003ccode\u003ee79d14a\u003c/code\u003e\u003c/a\u003e fix: prevent command injection in example URL opening (v1.x backport) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1579\"\u003e#1579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/342ea394ca6e660e294162efdeafc411284bcc0d\"\u003e\u003ccode\u003e342ea39\u003c/code\u003e\u003c/a\u003e docs: comprehensive feature documentation for SEP-1730 Tier 1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1548\"\u003e#1548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/2084a22074d4c8fd54ddc8637783fb10c13edf90\"\u003e\u003ccode\u003e2084a22\u003c/code\u003e\u003c/a\u003e docs: add governance documentation for SEP-1730 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1547\"\u003e#1547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/f2d21458ccccd7cfaa1a2a171a262961591d4d0b\"\u003e\u003ccode\u003ef2d2145\u003c/code\u003e\u003c/a\u003e feat: implement auth/pre-registration conformance scenario (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1545\"\u003e#1545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/8cbc65848388cb0364122f5760cb6b01ff8a3654\"\u003e\u003ccode\u003e8cbc658\u003c/code\u003e\u003c/a\u003e chore: bump version for v1.27.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1541\"\u003e#1541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/5c16ae3339bfa1dd71b0dee1a534e1b6d8be658e\"\u003e\u003ccode\u003e5c16ae3\u003c/code\u003e\u003c/a\u003e [v1.x] feat(tasks): add streaming methods for elicitation and sampling (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1528\"\u003e#1528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/97ab379e4572ac8e38ff8b99891f29a69cfbb5bb\"\u003e\u003ccode\u003e97ab379\u003c/code\u003e\u003c/a\u003e feat: add url property to RequestInfo interface (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/825e9ab80332e7fac19d221f6aae352dc73172fe\"\u003e\u003ccode\u003e825e9ab\u003c/code\u003e\u003c/a\u003e feat: backport discoverOAuthServerInfo() and discovery caching to v1.x (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1533\"\u003e#1533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.12.1...v1.27.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~pcarleton\"\u003epcarleton\u003c/a\u003e, a new releaser for \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5d41e45073ed1a8a3b5e5a1bbfcd131e61295bf8\"\u003e\u003ccode\u003e5d41e45\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/49c2e73ed1cae4962ae38b33ab93a3548c2f5622\"\u003e\u003ccode\u003e49c2e73\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/2a2a0e6514357b9eda07c2f8afbd3f04727a7cd9\"\u003e\u003ccode\u003e2a2a0e6\u003c/code\u003e\u003c/a\u003e Skip invalid filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/65c90d949c0f8a9709759dff9e76bbe07061812b\"\u003e\u003ccode\u003e65c90d9\u003c/code\u003e\u003c/a\u003e Fix permissions for workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/593cb7831bec60d5590acc3eeb2e553f4a431167\"\u003e\u003ccode\u003e593cb78\u003c/code\u003e\u003c/a\u003e Set permissions for workflow jobs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/36adf110beabc9acdcad122149a2ea795a2b1a6c\"\u003e\u003ccode\u003e36adf11\u003c/code\u003e\u003c/a\u003e Remove deprecated CodeQL check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9da4af0e1f82fe372bedc1b7820f55c6eaf012e5\"\u003e\u003ccode\u003e9da4af0\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/699303975bea182b966f9f34a1ecbbebe92afcef\"\u003e\u003ccode\u003e6993039\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0b8f7560e11af817d70ff17f986b334ba2e99b81\"\u003e\u003ccode\u003e0b8f756\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/67a53f21623e4047d28d7a6f98f539f1adc9d1d0\"\u003e\u003ccode\u003e67a53f2\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.2 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.2...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 2.2.0 to 2.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README links by \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: release notes for the v1.20.4 release by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/674\"\u003eexpressjs/body-parser#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update URL-encoded parser description to include ISO-8859-1 encoding support by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/679\"\u003eexpressjs/body-parser#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use standard jsdoc tags everywhere by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/677\"\u003eexpressjs/body-parser#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/689\"\u003eexpressjs/body-parser#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/693\"\u003eexpressjs/body-parser#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.2.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/691\"\u003eexpressjs/body-parser#691\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\"\u003ehttps://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-13466\"\u003eCVE-2025-13466\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/593\"\u003eexpressjs/body-parser#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/594\"\u003eexpressjs/body-parser#594\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: type-is@^2.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/599\"\u003eexpressjs/body-parser#599\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/609\"\u003eexpressjs/body-parser#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/610\"\u003eexpressjs/body-parser#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/611\"\u003eexpressjs/body-parser#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/613\"\u003eexpressjs/body-parser#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/612\"\u003eexpressjs/body-parser#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add codeql github workflows scanning by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/614\"\u003eexpressjs/body-parser#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update CodeQL config to ignore the test directory by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/615\"\u003eexpressjs/body-parser#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/620\"\u003eexpressjs/body-parser#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/619\"\u003eexpressjs/body-parser#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): unpin devDependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/616\"\u003eexpressjs/body-parser#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/621\"\u003eexpressjs/body-parser#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/623\"\u003eexpressjs/body-parser#623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/624\"\u003eexpressjs/body-parser#624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/617\"\u003eexpressjs/body-parser#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/625\"\u003eexpressjs/body-parser#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/630\"\u003eexpressjs/body-parser#630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: move common request validation to read function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/600\"\u003eexpressjs/body-parser#600\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump iconv-lite by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/631\"\u003eexpressjs/body-parser#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: pull beta changelog forward into 2.0.0 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/629\"\u003eexpressjs/body-parser#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: optimize raw and text parsers with shared passthrough function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/634\"\u003eexpressjs/body-parser#634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/640\"\u003eexpressjs/body-parser#640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/639\"\u003eexpressjs/body-parser#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/636\"\u003eexpressjs/body-parser#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/637\"\u003eexpressjs/body-parser#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/638\"\u003eexpressjs/body-parser#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: raw-body@^3.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/641\"\u003eexpressjs/body-parser#641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.2.2 / 2026-01-07\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@^6.14.1\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.1 / 2025-11-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.1\u003c/li\u003e\n\u003cli\u003eiconv-lite@^0.7.0\n\u003cul\u003e\n\u003cli\u003eHandle split surrogate pairs when encoding UTF-8\u003c/li\u003e\n\u003cli\u003eAvoid false positives in \u003ccode\u003eencodingExists\u003c/code\u003e by using prototype-less objects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eraw-body@^3.0.1\u003c/li\u003e\n\u003cli\u003edebug@^4.4.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/3d248660b2e8b66732b232d7c758517fbf2420a6\"\u003e\u003ccode\u003e3d24866\u003c/code\u003e\u003c/a\u003e 2.2.2 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/8474a984c3ba36a1b4328ce019833b99caa0f08f\"\u003e\u003ccode\u003e8474a98\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/693\"\u003e#693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/03f17c2538552a57e6be537afca8c7587bd40aaa\"\u003e\u003ccode\u003e03f17c2\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/689\"\u003e#689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ea1f25e503c1b2f7ba6f8562724ae0fcd247fb75\"\u003e\u003ccode\u003eea1f25e\u003c/code\u003e\u003c/a\u003e docs: use standard jsdoc tags everywhere (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d7deef8ec61307fa28c22bc443cf8ed2f267945a\"\u003e\u003ccode\u003ed7deef8\u003c/code\u003e\u003c/a\u003e docs: update URL-encoded parser description to include ISO-8859-1 encoding su...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b6f52aabc65137c5227c8a462bddb761daeb96e7\"\u003e\u003ccode\u003eb6f52aa\u003c/code\u003e\u003c/a\u003e docs: release notes for the v1.20.4 release (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2965ca4af4883109cb2f651f4ce12da310902a0c\"\u003e\u003ccode\u003e2965ca4\u003c/code\u003e\u003c/a\u003e docs: update links (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d96b63da8d7445de317736471633bac83ec76cbb\"\u003e\u003ccode\u003ed96b63d\u003c/code\u003e\u003c/a\u003e 2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/659\"\u003e#659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63\"\u003e\u003ccode\u003eb204886\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2025-13466\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/e20e3512e085c1162e8ffe36ac65c705a8017251\"\u003e\u003ccode\u003ee20e351\u003c/code\u003e\u003c/a\u003e feat: remove \u003ccode\u003ehistory.md\u003c/code\u003e from being packaged on publish (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.0...v2.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 4.0.2 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 4.0.2 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev4.0.3 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5\"\u003e\u003ccode\u003ef06f3e4\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75\"\u003e\u003ccode\u003e0179a48\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683\"\u003e\u003ccode\u003e4568cae\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a\"\u003e\u003ccode\u003e4de0ffa\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~explodingcabbage\"\u003eexplodingcabbage\u003c/a\u003e, a new releaser for diff since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.3 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.4...v4.0.5\"\u003ev4.0.5\u003c/a\u003e - 2025-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set Symbol.toStringTag in the proper place \u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/68ff7dda8834d6de095a7008cef0e03bc252ca98\"\u003e\u003ccode\u003e68ff7dd\u003c/code\u003e\u003c/a\u003e v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e [Fix] set Symbol.toStringTag in the proper place\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e [Tests] Switch to newer v8 prediction library; enable node 24 testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e [Tests] fix linting errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `immutable` from 5.1.2 to 4.3.8\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md\"\u003eimmutable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e,\nand this project adheres to \u003ca href=\"https://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\nDates are formatted as YYYY-MM-DD.\u003c/p\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003ch2\u003e5.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate some files to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2125\"\u003eimmutable-js/immutable-js#2125\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIterator.ts\u003c/li\u003e\n\u003cli\u003ePairSorting.ts\u003c/li\u003e\n\u003cli\u003etoJS.ts\u003c/li\u003e\n\u003cli\u003eMath.ts\u003c/li\u003e\n\u003cli\u003eHash.ts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eExtract CollectionHelperMethods and convert to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2131\"\u003eimmutable-js/immutable-js#2131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse npm \u003ca href=\"https://docs.npmjs.com/trusted-publishers\"\u003etrusted publishing only\u003c/a\u003e to avoid token stealing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/a11y issues by \u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDoc add Map.get signature update by \u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(doc):minor-issues#2132 by \u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix algolia search by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2135\"\u003eimmutable-js/immutable-js#2135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTypo in OrderedMap by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2144\"\u003eimmutable-js/immutable-js#2144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: Sort all imports and activate eslint import rule by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2119\"\u003eimmutable-js/immutable-js#2119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.3\u003c/h2\u003e\n\u003ch3\u003eTypeScript\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: allow readonly map entry constructor by \u003ca href=\"https://github.com/septs\"\u003e\u003ccode\u003e@​septs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2123\"\u003eimmutable-js/immutable-js#2123\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cp\u003eThere has been a huge amount of changes in the documentation, mainly migrate from an autogenerated documentation from .d.ts file, to a proper documentation in markdown.\nThe playground has been included on ...\n\n_Description has been truncated_\n\n---\n\n🔄 This PR is an automated dependency update that bumps 24 npm packages across the monorepo, including major updates to Next.js (15.3.3 → 15.5.10), AI SDK (5.0.28 → 5.0.52), and lodash (4.17.21 → 4.17.23), along with various security patches and bug fixes.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Framework Updates**: Next.js updated from 15.3.3 to 15.5.10, bringing security fixes for CVE-2025-59471, CVE-2025-59472, and CVE-2026-23864\n- **AI SDK Enhancement**: Vercel AI SDK updated from 5.0.28 to 5.0.52 with new features and bug fixes across multiple packages\n- **Security Patches**: Multiple packages received security updates including lodash (prototype pollution fix), validator (CVE-2025-56200), and glob (command injection prevention)\n- **Utility Libraries**: Updates to core utilities like nanoid (5.1.5 → 5.1.6) and validator (13.15.15 → 13.15.22)\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 24 Outdated Packages]\n    B --\u003e C[Security Vulnerabilities Found]\n    B --\u003e D[Feature Updates Available]\n    C --\u003e E[Apply Security Patches]\n    D --\u003e F[Update Framework Versions]\n    E --\u003e G[Update package.json Files]\n    F --\u003e G\n    G --\u003e H[15 Package Files Modified]\n    H --\u003e I[Maintain Workspace Dependencies]\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple CVEs including prototype pollution, command injection, and URL validation vulnerabilities\n- **Framework Improvements**: Next.js updates include image optimization improvements and React Flight DoS mitigations\n- **Development Experience**: Updated AI SDK provides better tooling and bug fixes for AI-powered features\n- **Maintenance**: Automated dependency management ensures the project stays current with latest patches and improvements\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/plate/pull/13","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Fplate/issues/13","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/13/packages"},{"uuid":"4055493259","node_id":"PR_kwDOPT54fM7JkgG9","number":86,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 9 directories with 29 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":6,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-11T03:30:29.000Z","updated_at":"2026-03-11T03:35:10.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":29,"packages":[{"name":"vite","old_version":"5.0.11","new_version":"5.4.21","repository_url":"https://github.com/vitejs/vite"},{"name":"storybook","old_version":"7.6.7","new_version":"7.6.21","repository_url":"https://github.com/storybookjs/storybook"},{"name":"zx","old_version":"4.2.0","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"axios","old_version":"0.27.2","new_version":"0.30.3","repository_url":"https://github.com/axios/axios"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.3","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"secp256k1","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/cryptocoinjs/secp256k1-node"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"react-router","old_version":"6.8.1","new_version":"6.30.2","repository_url":"https://github.com/remix-run/react-router"},{"name":"webpack","old_version":"5.84.1","new_version":"5.104.1","repository_url":"https://github.com/webpack/webpack"},{"name":"@babel/helpers","old_version":"7.12.5","new_version":"7.28.6","repository_url":"https://github.com/babel/babel"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"fast-xml-parser","old_version":"4.2.6","new_version":"4.5.4","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"min-document","old_version":"2.19.0","new_version":"2.19.2","repository_url":"https://github.com/Raynos/min-document"},{"name":"nanoid","old_version":"3.3.4","new_version":"3.3.11","repository_url":"https://github.com/ai/nanoid"},{"name":"qs","old_version":"6.5.3","new_version":"6.5.5","repository_url":"https://github.com/ljharb/qs"},{"name":"store2","old_version":"2.14.2","new_version":"2.14.4","repository_url":"https://github.com/nbubna/store"},{"name":"tar-fs","old_version":"2.1.1","new_version":"2.1.4","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tiny-secp256k1","old_version":"1.1.6","new_version":"1.1.7","repository_url":"https://github.com/bitcoinjs/tiny-secp256k1"},{"name":"vm2","old_version":"3.9.19","new_version":"3.10.5","repository_url":"https://github.com/patriksimek/vm2"},{"name":"secp256k1","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/cryptocoinjs/secp256k1-node"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 20 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.0.11` | `5.4.21` |\n| [storybook](https://github.com/storybookjs/storybook/tree/HEAD/code/core) | `7.6.7` | `7.6.21` |\n| [zx](https://github.com/google/zx) | `4.2.0` | `8.8.5` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [axios](https://github.com/axios/axios) | `0.27.2` | `0.30.3` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.3` |\n| [secp256k1](https://github.com/cryptocoinjs/secp256k1-node) | `4.0.3` | `4.0.4` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `6.8.1` | `6.30.2` |\n| [webpack](https://github.com/webpack/webpack) | `5.84.1` | `5.104.1` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.12.5` | `7.28.6` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.2.6` | `4.5.4` |\n| [min-document](https://github.com/Raynos/min-document) | `2.19.0` | `2.19.2` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.4` | `3.3.11` |\n| [qs](https://github.com/ljharb/qs) | `6.5.3` | `6.5.5` |\n| [store2](https://github.com/nbubna/store) | `2.14.2` | `2.14.4` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.1.1` | `2.1.4` |\n| [tiny-secp256k1](https://github.com/bitcoinjs/tiny-secp256k1) | `1.1.6` | `1.1.7` |\n| [vm2](https://github.com/patriksimek/vm2) | `3.9.19` | `3.10.5` |\n| [secp256k1](https://github.com/cryptocoinjs/secp256k1-node) | `4.0.3` | `4.0.4` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/background directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/hooks directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/mobile directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/stores directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/stores-etc directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/types directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /scripts/mobile-publish directory: [zx](https://github.com/google/zx).\nBumps the npm_and_yarn group with 16 updates in the /wallet-api-example directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [zx](https://github.com/google/zx) | `7.2.3` | `8.8.5` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [webpack](https://github.com/webpack/webpack) | `5.88.2` | `5.105.4` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.22.15` | `7.28.6` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.9` | `3.0.11` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.6` | `2.0.9` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.6` | `3.3.11` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.3.3` |\n| [rollup](https://github.com/rollup/rollup) | `2.79.1` | `2.80.0` |\n| [tiny-secp256k1](https://github.com/bitcoinjs/tiny-secp256k1) | `1.1.6` | `1.1.7` |\n| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `4.15.1` | `4.15.2` |\n\n\nUpdates `vite` from 5.0.11 to 5.4.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.4.21\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.20\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/ca88ed7398288ce0c60176ac9a6392f10654c67c/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.19\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.19/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.21 (2025-10-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970\"\u003e#20970\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c\"\u003ecad1d31\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20968\"\u003e#20968\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20970\"\u003e#20970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update CHANGELOG (\u003ca href=\"https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c\"\u003eca88ed7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.20 (2025-09-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea\"\u003e482000f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20736\"\u003e#20736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: port sirv@3.0.2 changes to sirv@2.0.4 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20737\"\u003e#20737\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/4f1c35bcbb5830290c694aa14b6789e07450f069\"\u003e4f1c35b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20737\"\u003e#20737\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.19 (2025-04-30)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e, check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966\"\u003e#19966\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0\"\u003e766947e\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19965\"\u003e#19965\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19966\"\u003e#19966\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.18 (2025-04-10)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830\"\u003e#19830\u003c/a\u003e, reject requests with \u003ccode\u003e#\u003c/code\u003e in request-target (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831\"\u003e#19831\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f\"\u003e823675b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19830\"\u003e#19830\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19831\"\u003e#19831\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.17 (2025-04-03)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19782\"\u003e#19782\u003c/a\u003e, fs check with svg and relative paths (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19784\"\u003e#19784\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/84b2b46ed129be8215108e789a90adbb33a9c42c\"\u003e84b2b46\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19782\"\u003e#19782\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19784\"\u003e#19784\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.16 (2025-03-31)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19761\"\u003e#19761\u003c/a\u003e, fs check in transform middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19762\"\u003e#19762\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/b627c50d359f3bd9b602408fbbf462cf4a2f019c\"\u003eb627c50\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19761\"\u003e#19761\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19762\"\u003e#19762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.15 (2025-03-24)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19702\"\u003e#19702\u003c/a\u003e, fs raw query with query separators (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19703\"\u003e#19703\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/807d7f06d33ab49c48a2a3501da3eea1906c0d41\"\u003e807d7f0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19702\"\u003e#19702\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19703\"\u003e#19703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.14 (2025-01-21)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: \u003ccode\u003epreview.allowedHosts\u003c/code\u003e with specific values was not respected (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19246\"\u003e#19246\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/9df6e6beabf0d18988ec13b8b742d2aba29662f9\"\u003e9df6e6b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19246\"\u003e#19246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: allow CORS from loopback addresses by default (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19249\"\u003e#19249\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/7d1699ccf673e2790704756d89d2e1e4ee478fb4\"\u003e7d1699c\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19249\"\u003e#19249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/adce3c22c64cc9d44cc8f45cc92b543e3e4bf385\"\u003e\u003ccode\u003eadce3c2\u003c/code\u003e\u003c/a\u003e release: v5.4.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c\"\u003e\u003ccode\u003ecad1d31\u003c/code\u003e\u003c/a\u003e fix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970\"\u003e#20970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c\"\u003e\u003ccode\u003eca88ed7\u003c/code\u003e\u003c/a\u003e chore: update CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/997700f01c7199daf7330d33a7fd3a43b2e9e3ba\"\u003e\u003ccode\u003e997700f\u003c/code\u003e\u003c/a\u003e release: v5.4.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea\"\u003e\u003ccode\u003e482000f\u003c/code\u003e\u003c/a\u003e fix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/80a333a23103ced0442d4463d1191433d90f5e19\"\u003e\u003ccode\u003e80a333a\u003c/code\u003e\u003c/a\u003e release: v5.4.19\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0\"\u003e\u003ccode\u003e766947e\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e, check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966\"\u003e#19966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/731b77d19d36f5682a5441b49cb2f6473389ad99\"\u003e\u003ccode\u003e731b77d\u003c/code\u003e\u003c/a\u003e release: v5.4.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f\"\u003e\u003ccode\u003e823675b\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830\"\u003e#19830\u003c/a\u003e, reject requests with \u003ccode\u003e#\u003c/code\u003e in request-target (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831\"\u003e#19831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/0a2518a98d2354c61ee8ef51f7d00fa92aebb511\"\u003e\u003ccode\u003e0a2518a\u003c/code\u003e\u003c/a\u003e release: v5.4.17\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v5.4.21/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `storybook` from 7.6.7 to 7.6.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/releases\"\u003estorybook's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.6.21\u003c/h2\u003e\n\u003ch2\u003e7.6.21\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCore: Fix .env-file parsing, thanks \u003ca href=\"https://github.com/jreinhold\"\u003e\u003ccode\u003e@​jreinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md\"\u003estorybook's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.2.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNext.js: Add support for v16.2 - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34046\"\u003e#34046\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCSF-Factories: Fix ConfigFile parser false warning on \u003ccode\u003edefinePreview({...}).type\u0026lt;T\u0026gt;()\u003c/code\u003e export default - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33885\"\u003e#33885\u003c/a\u003e, thanks \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Add host/origin validation to requests and websocket connections - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33835\"\u003e#33835\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ghengeveld\"\u003e\u003ccode\u003e@​ghengeveld\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Add vike metadata frameworks - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33965\"\u003e#33965\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yannbf\"\u003e\u003ccode\u003e@​yannbf\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Resolve builder preset path correctly in pnpm strict mode - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34032\"\u003e#34032\u003c/a\u003e, thanks \u003ca href=\"https://github.com/braedenfoster\"\u003e\u003ccode\u003e@​braedenfoster\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Update default allowed hosts in host validation middleware - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34045\"\u003e#34045\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ghengeveld\"\u003e\u003ccode\u003e@​ghengeveld\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCore: Storybook failed to load iframe.html when publishing - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33896\"\u003e#33896\u003c/a\u003e, thanks \u003ca href=\"https://github.com/danielalanbates\"\u003e\u003ccode\u003e@​danielalanbates\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eManager-API: Update refs sequentially in experimental_setFilter - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33958\"\u003e#33958\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ia319\"\u003e\u003ccode\u003e@​ia319\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Handle render identifier in manifest snippet generation - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33940\"\u003e#33940\u003c/a\u003e, thanks \u003ca href=\"https://github.com/kasperpeulen\"\u003e\u003ccode\u003e@​kasperpeulen\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCLI: Set STORYBOOK environment variable - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33938\"\u003e#33938\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yannbf\"\u003e\u003ccode\u003e@​yannbf\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent crash when tag filters contain undefined entries - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33931\"\u003e#33931\u003c/a\u003e, thanks \u003ca href=\"https://github.com/abhaysinh1000\"\u003e\u003ccode\u003e@​abhaysinh1000\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Pseudo-states: Process all nested css rules - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33605\"\u003e#33605\u003c/a\u003e, thanks \u003ca href=\"https://github.com/hpohlmeyer\"\u003e\u003ccode\u003e@​hpohlmeyer\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eBuilder-Vite: Prevent config duplication - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33883\"\u003e#33883\u003c/a\u003e, thanks \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCLI: Fix React native web A11y issues - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33937\"\u003e#33937\u003c/a\u003e, thanks \u003ca href=\"https://github.com/jonniebigodes\"\u003e\u003ccode\u003e@​jonniebigodes\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Avoid hanging when inferring args for recursive calls on DOM elemens - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33922\"\u003e#33922\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eEslint: Fix ESLint 10 compatibility in eslint-plugin-storybook rules - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33884\"\u003e#33884\u003c/a\u003e, thanks \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eViewport: Prioritize story viewport globals and avoid user-global pollution - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33849\"\u003e#33849\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ia319\"\u003e\u003ccode\u003e@​ia319\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCore: Sanitize inputs for save from controls - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33868\"\u003e#33868\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add project age - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33910\"\u003e#33910\u003c/a\u003e, thanks \u003ca href=\"https://github.com/shilman\"\u003e\u003ccode\u003e@​shilman\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eWebpack: Improve performance of module-mocking plugins - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33169\"\u003e#33169\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon-Vitest: Fix postinstall a11y installation - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33888\"\u003e#33888\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eManifests: Use correct story name - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33709\"\u003e#33709\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eNext.js: Handle legacyBehavior prop in Link mock component  - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33862\"\u003e#33862\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Fix manifest stories empty when meta has no explicit title - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33878\"\u003e#33878\u003c/a\u003e, thanks \u003ca href=\"https://github.com/kasperpeulen\"\u003e\u003ccode\u003e@​kasperpeulen\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCore: Require token for websocket connections - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33820\"\u003e#33820\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ghengeveld\"\u003e\u003ccode\u003e@​ghengeveld\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.9\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/storybookjs/storybook/commits/v7.6.21/code/core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~storybook-bot\"\u003estorybook-bot\u003c/a\u003e, a new releaser for storybook since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 4.2.0 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/4.2.0...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sha.js` from 2.4.11 to 2.4.12\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/sha.js/blob/master/CHANGELOG.md\"\u003esha.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/sha.js/compare/v2.4.11...v2.4.12\"\u003ev2.4.12\u003c/a\u003e - 2025-07-01\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/sha.js/commit/7acadfbd3abb558880212b20669fcb09e1aa1c58\"\u003e\u003ccode\u003e7acadfb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/b46e7116ebeaa82f34bbf2d7494fff7ef46eab3e\"\u003e\u003ccode\u003eb46e711\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix package.json indentation \u003ca href=\"https://github.com/browserify/sha.js/commit/df9d521e16ddf55dc877c43c05706d43c057fad4\"\u003e\u003ccode\u003edf9d521\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/sha.js/commit/c43c64adc6d3607d470538df72338fc02e63bc24\"\u003e\u003ccode\u003ec43c64a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] support multi-byte wide typed arrays \u003ca href=\"https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5\"\u003e\u003ccode\u003ef2a258e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] reorder package.json \u003ca href=\"https://github.com/browserify/sha.js/commit/d8d77c0a729c99593e304047f9d4335b498fd9ed\"\u003e\u003ccode\u003ed8d77c0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/35aec35c667b606b2495be3e4186bbe977b9e087\"\u003e\u003ccode\u003e35aec35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] avoid console logs \u003ca href=\"https://github.com/browserify/sha.js/commit/73e33ae0ca6bca232627cac7473028e1d218f67e\"\u003e\u003ccode\u003e73e33ae\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests run in batch \u003ca href=\"https://github.com/browserify/sha.js/commit/262913006e94616c8cd245ef6bd61bc4410b29e3\"\u003e\u003ccode\u003e2629130\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] drop node requirement to 0.10 \u003ca href=\"https://github.com/browserify/sha.js/commit/00c7f234aa3bdbd427ffeb929bacbb05334eb3e9\"\u003e\u003ccode\u003e00c7f23\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ebuffer\u003c/code\u003e, \u003ccode\u003ehash-test-vectors\u003c/code\u003e, \u003ccode\u003estandard\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypedarray\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/92b5de5f67472d9f18413d38ad5b9aba29ff4c22\"\u003e\u003ccode\u003e92b5de5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] drop node requirement to v3 \u003ca href=\"https://github.com/browserify/sha.js/commit/9b5eca80fd9bb21cf05bdf43ce42661f1bbafeaa\"\u003e\u003ccode\u003e9b5eca8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] set engines to \u003ccode\u003e\u0026amp;gt;= 4\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/807084c5c0f943459e89838252cafbd175b549b7\"\u003e\u003ccode\u003e807084c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/sha.js/commit/c72789c7a129cf453d44008ba27a88b90ac7989b\"\u003e\u003ccode\u003ec72789c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/5428cfc6f7177ad1a41c837b9387308848db96de\"\u003e\u003ccode\u003e5428cfc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/2dbe0aab419e90add5032c70c9663b8fc562adb8\"\u003e\u003ccode\u003e2dbe0aa\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate README to reflect LICENSE \u003ca href=\"https://github.com/browserify/sha.js/commit/8938256dbb2241a7c749e4a399dbaff48cbe8e95\"\u003e\u003ccode\u003e8938256\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/sha.js/commit/d52889688ce524e63570f35e448635a29e6dd791\"\u003e\u003ccode\u003ed528896\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused \u003ccode\u003ebuffer\u003c/code\u003e dep \u003ca href=\"https://github.com/browserify/sha.js/commit/94ca7247f467ef045f41d534708bf7c700e03828\"\u003e\u003ccode\u003e94ca724\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/eb4ea2fd3da93d41e250f9ac8a1a133ce450e0a2\"\u003e\u003ccode\u003eeb4ea2f\u003c/code\u003e\u003c/a\u003e v2.4.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/d8d77c0a729c99593e304047f9d4335b498fd9ed\"\u003e\u003ccode\u003ed8d77c0\u003c/code\u003e\u003c/a\u003e [meta] reorder package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/df9d521e16ddf55dc877c43c05706d43c057fad4\"\u003e\u003ccode\u003edf9d521\u003c/code\u003e\u003c/a\u003e [eslint] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/35aec35c667b606b2495be3e4186bbe977b9e087\"\u003e\u003ccode\u003e35aec35\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/d52889688ce524e63570f35e448635a29e6dd791\"\u003e\u003ccode\u003ed528896\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/b46e7116ebeaa82f34bbf2d7494fff7ef46eab3e\"\u003e\u003ccode\u003eb46e711\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/94ca7247f467ef045f41d534708bf7c700e03828\"\u003e\u003ccode\u003e94ca724\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused \u003ccode\u003ebuffer\u003c/code\u003e dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/2dbe0aab419e90add5032c70c9663b8fc562adb8\"\u003e\u003ccode\u003e2dbe0aa\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/73e33ae0ca6bca232627cac7473028e1d218f67e\"\u003e\u003ccode\u003e73e33ae\u003c/code\u003e\u003c/a\u003e [Tests] avoid console logs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5\"\u003e\u003ccode\u003ef2a258e\u003c/code\u003e\u003c/a\u003e [Fix] support multi-byte wide typed arrays\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/sha.js/compare/v2.4.11...v2.4.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for sha.js since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 0.27.2 to 0.30.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease notes - v0.30.3\u003c/h2\u003e\n\u003cp\u003eThis is a critical security maintenance release for the v0.x branch. It addresses a high-priority vulnerability involving prototype pollution that could lead to a Denial of Service (DoS).\u003c/p\u003e\n\u003cp\u003eRecommendation: All users currently on the 0.x release line should upgrade to this version immediately to ensure environment stability.\u003c/p\u003e\n\u003ch2\u003e🛡️ Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBackport: Fix DoS via \u003cstrong\u003eproto\u003c/strong\u003e key in merge config\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003ePatched a vulnerability where specifically crafted configuration objects using the \u003cstrong\u003eproto\u003c/strong\u003e key could cause a Denial of Service during the merge process. - \u003cem\u003eby \u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e in [PR \u003ca href=\"https://redirect.github.com/axios/axios/issues/7388\"\u003e#7388\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/axios/axios/pull/7388\"\u003eaxios/axios#7388\u003c/a\u003e)\u003c/em\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚙️ Maintenance \u0026amp; CI\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCI Infrastructure Update\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated Continuous Integration workflows for the v0.x branch to maintain long-term support and build reliability. - \u003cem\u003eby \u003ca href=\"https://github.com/jasonsaayman\"\u003e\u003ccode\u003e@​jasonsaayman\u003c/code\u003e\u003c/a\u003e in [PR \u003ca href=\"https://redirect.github.com/axios/axios/issues/7407\"\u003e#7407\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/axios/axios/pull/7407\"\u003eaxios/axios#7407\u003c/a\u003e)\u003c/em\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Breaking Changes\u003c/h2\u003e\n\u003cp\u003eConfiguration Merging Behavior:\u003c/p\u003e\n\u003cp\u003eAs part of the security fix, Axios now restricts the merging of the \u003cstrong\u003eproto\u003c/strong\u003e key within configuration objects. If your codebase relies on unconventional deep-merging patterns that target the object prototype via Axios config, those operations will now be blocked. This is a necessary change to prevent prototype pollution.\u003c/p\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/axios/axios/compare/v0.30.2...v0.30.3\"\u003ev0.30.2...v0.30.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.30.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u003ccode\u003emaxContentLength\u003c/code\u003e vulnerability fix to v0.x by \u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/7034\"\u003eaxios/axios#7034\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/axios/axios/pull/7034\"\u003eaxios/axios#7034\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/axios/axios/compare/v0.30.1...v0.30.2\"\u003ehttps://github.com/axios/axios/compare/v0.30.1...v0.30.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v0.30.1\u003c/h2\u003e\n\u003ch2\u003eRelease notes:\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): bump form-data from 4.0.0 to 4.0.4 for v0.x by \u003ca href=\"https://github.com/wolandec\"\u003e\u003ccode\u003e@​wolandec\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6978\"\u003eaxios/axios#6978\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wolandec\"\u003e\u003ccode\u003e@​wolandec\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6978\"\u003eaxios/axios#6978\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/axios/axios/compare/v0.30.0...v0.30.1\"\u003ehttps://github.com/axios/axios/compare/v0.30.0...v0.30.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v0.30.0\u003c/h2\u003e\n\u003ch2\u003eRelease notes:\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: modify log while request is aborted by \u003ca href=\"https://github.com/mori5321\"\u003e\u003ccode\u003e@​mori5321\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/4917\"\u003eaxios/axios#4917\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update CHANGELOG.md for v0.x by \u003ca href=\"https://github.com/TehZarathustra\"\u003e\u003ccode\u003e@​TehZarathustra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6271\"\u003eaxios/axios#6271\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: modify upgrade guide for 0.28.1's breaking change by \u003ca href=\"https://github.com/nafeger\"\u003e\u003ccode\u003e@​nafeger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6787\"\u003eaxios/axios#6787\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f53bcf6c3747652c9d3811dc0bbcd3674e21567a\"\u003e\u003ccode\u003ef53bcf6\u003c/code\u003e\u003c/a\u003e chore: release 0.30.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3ddccd3bf478c8aab863f2fdd4a52461849eab45\"\u003e\u003ccode\u003e3ddccd3\u003c/code\u003e\u003c/a\u003e chore: remove publish as this wont work\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9ef39d07245286df678c1a16e7b5769610ba8326\"\u003e\u003ccode\u003e9ef39d0\u003c/code\u003e\u003c/a\u003e chore: try with npm token\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4775de601df704d8d4e7336a57b08a2e21de8ff4\"\u003e\u003ccode\u003e4775de6\u003c/code\u003e\u003c/a\u003e chore: fix version scheme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f96f26b2014404534424e765b83a1dbbd8cb091f\"\u003e\u003ccode\u003ef96f26b\u003c/code\u003e\u003c/a\u003e chore: fix issues with using replace\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ead45c20b05ab32c26cb63d0f7a20e8b123d9f68\"\u003e\u003ccode\u003eead45c2\u003c/code\u003e\u003c/a\u003e chore: update the publish workflow to run on tag\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/8119265e6ce71898d19448d30356789cccc2de56\"\u003e\u003ccode\u003e8119265\u003c/code\u003e\u003c/a\u003e chore: tag version as legacy on v0.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/995498519881c23ba97b42dda16bcadc0e4791a7\"\u003e\u003ccode\u003e9954985\u003c/code\u003e\u003c/a\u003e chore: dispatch for first time\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3f8b70fdfc7903aa137ea4f6539cd00f5df97afb\"\u003e\u003ccode\u003e3f8b70f\u003c/code\u003e\u003c/a\u003e chore: final rename\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c66558430e71cf0c113a2969355cde25cb159fff\"\u003e\u003ccode\u003ec665584\u003c/code\u003e\u003c/a\u003e chore: revert naming\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.27.2...v0.30.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pbkdf2` from 3.1.2 to 3.1.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md\"\u003epbkdf2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.3\"\u003ev3.1.3\u003c/a\u003e - 2025-06-20\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8b067308eedcc3b7da3e06202d437ff532de75bd\"\u003e\u003ccode\u003e8b06730\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix whitespace \u003ca href=\"https://github.com/browserify/pbkdf2/commit/9a76e2f37ef4541aeff92d97b7335b7fa6e989a8\"\u003e\u003ccode\u003e9a76e2f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix parens/curlies/semis/etc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/6fd84bf64a423d207d9e665f3e9fd88b148c4480\"\u003e\u003ccode\u003e6fd84bf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/796c38d428ed9546e7ddfbb38322faa99921d716\"\u003e\u003ccode\u003e796c38d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node 17 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/3661fb0156177bfe380c7bcc133917e7ee501bc7\"\u003e\u003ccode\u003e3661fb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;[Tests] fix tests in node \u0026lt; 3\u0026quot; \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7431b5766805cbf880c1b3d0f38d484357844ff7\"\u003e\u003ccode\u003e7431b57\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node \u0026lt; 3 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/eb9f97a66ed83836bebc4ff563a1588248708501\"\u003e\u003ccode\u003eeb9f97a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] ensure unknown algorithms throw + known ones match node \u003ca href=\"https://github.com/browserify/pbkdf2/commit/26d4fd391e00ed806840ea1ef7341937985f4ba8\"\u003e\u003ccode\u003e26d4fd3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add GHA, always run nyc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/513906a735e80a0e125e1a3363c5dbe90bb34bb7\"\u003e\u003ccode\u003e513906a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix a few more rules \u003ca href=\"https://github.com/browserify/pbkdf2/commit/ab04da834a0342cb3779486314fa67ebc1e3f035\"\u003e\u003ccode\u003eab04da8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] switch to eslint \u003ca href=\"https://github.com/browserify/pbkdf2/commit/89694cf7e4062a8c924fbe74ad2b2d3cf78f1715\"\u003e\u003ccode\u003e89694cf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add coverage \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d0d534bfdc4db6d6ea9f719606ad18a78db6c124\"\u003e\u003ccode\u003ed0d534b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb\"\u003e\u003ccode\u003ee3102a8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] improve badges \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fca0c9d4c5b053d911315a3607367d1db9f9f605\"\u003e\u003ccode\u003efca0c9d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] remove unused travis file \u003ca href=\"https://github.com/browserify/pbkdf2/commit/a2c7d93bbcad73c49dad0c18fef6b8a4af8c3310\"\u003e\u003ccode\u003ea2c7d93\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] switch from \u003ccode\u003efiles\u003c/code\u003e to \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7f31fbca528fa5af3b7d3910daf09a7e5ed8adb4\"\u003e\u003ccode\u003e7f31fbc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] use .nycrc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8d628e8d5559b4acd4d4a714afb04a2990f901b7\"\u003e\u003ccode\u003e8d628e8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] minor tweaks \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fc61005c8cbd480e24ee103ac39a45f0d90ac636\"\u003e\u003ccode\u003efc61005\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ecreate-hmac\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e, \u003ccode\u003esha.js\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/ae2a7d051c9133c25d5212ba4f46747c0ed4c190\"\u003e\u003ccode\u003eae2a7d0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] pin \u003ccode\u003ecreate-hash\u003c/code\u003e, \u003ccode\u003eripemd160\u003c/code\u003e due to breaking changes \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e07996890af79296f1913431fb3b252e25df2f0e\"\u003e\u003ccode\u003ee079968\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node 3 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/45fbcf30431f9585ae3b61f2207c0a16c1953915\"\u003e\u003ccode\u003e45fbcf3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] skip publishing benchmarks \u003ca href=\"https://github.com/browserify/pbkdf2/commit/19ea57bf11d055ddcd97d2556cd3097663b050b9\"\u003e\u003ccode\u003e19ea57b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/pbkdf2/commit/645e252375087e97beb95e518038b99eb5724c5b\"\u003e\u003ccode\u003e645e252\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/3e40827b183f7f5a14946bdb7d57de3d1d8dd581\"\u003e\u003ccode\u003e3e40827\u003c/code\u003e\u003c/a\u003e v3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb\"\u003e\u003ccode\u003ee3102a8\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/7431b5766805cbf880c1b3d0f38d484357844ff7\"\u003e\u003ccode\u003e7431b57\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;[Tests] fix tests in node \u0026lt; 3\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/19ea57bf11d055ddcd97d2556cd3097663b050b9\"\u003e\u003ccode\u003e19ea57b\u003c/code\u003e\u003c/a\u003e [meta] skip publishing benchmarks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/a2c7d93bbcad73c49dad0c18fef6b8a4af8c3310\"\u003e\u003ccode\u003ea2c7d93\u003c/code\u003e\u003c/a\u003e [Tests] remove unused travis file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/645e252375087e97beb95e518038b99eb5724c5b\"\u003e\u003ccode\u003e645e252\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/796c38d428ed9546e7ddfbb38322faa99921d716\"\u003e\u003ccode\u003e796c38d\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/d0d534bfdc4db6d6ea9f719606ad18a78db6c124\"\u003e\u003ccode\u003ed0d534b\u003c/code\u003e\u003c/a\u003e [Tests] add coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/7f31fbca528fa5af3b7d3910daf09a7e5ed8adb4\"\u003e\u003ccode\u003e7f31fbc\u003c/code\u003e\u003c/a\u003e [meta] switch from \u003ccode\u003efiles\u003c/code\u003e to \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/fca0c9d4c5b053d911315a3607367d1db9f9f605\"\u003e\u003ccode\u003efca0c9d\u003c/code\u003e\u003c/a\u003e [readme] improve badges\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for pbkdf2 since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `secp256k1` from 4.0.3 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/secp256k1-node/commit/756fce19036700a3fc421ba5a9520cd090d2b92a\"\u003e\u003ccode\u003e756fce1\u003c/code\u003e\u003c/a\u003e 4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/secp256k1-node/commit/8bd6446e000fa59df3cda0ae3e424300747ea5ed\"\u003e\u003ccode\u003e8bd6446\u003c/code\u003e\u003c/a\u003e elliptic: fix key verification in loadCompressedPublicKey\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/secp256k1-node/commit/840834e833f9b077e0f29828140cc8cd91be3ee2\"\u003e\u003ccode\u003e840834e\u003c/code\u003e\u003c/a\u003e Update elliptic to 6.5.7 (CVE-2024-42461) (\u003ca href=\"https://redirect.github.com/cryptocoinjs/secp256k1-node/issues/206\"\u003e#206\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cryptocoinjs/secp256k1-node/compare/v4.0.3...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `elliptic` from 6.5.3 to 6.6.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/9b77436a59cc35eccf4ffb848259c8762a492ee7\"\u003e\u003ccode\u003e9b77436\u003c/code\u003e\u003c/a\u003e 6.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/04cb6f54ce552b3ebde6be06d6050419e1c7333e\"\u003e\u003ccode\u003e04cb6f5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/b8a7edd61a0d9bddd0bbf3436a4b476401edbe20\"\u003e\u003ccode\u003eb8a7edd\u003c/code\u003e\u003c/a\u003e 6.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/34c853478cec1be4e37260ed2cb12cdbdc6402cf\"\u003e\u003ccode\u003e34c8534\u003c/code\u003e\u003c/a\u003e fix: signature verification due to leading zeros\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/3e46a48fdd2ef2f89593e5e058d85530578c9761\"\u003e\u003ccode\u003e3e46a48\u003c/code\u003e\u003c/a\u003e 6.5.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/accb61e9c1a005e5c8ff96a8b33893100bb42d11\"\u003e\u003ccode\u003eaccb61e\u003c/code\u003e\u003c/a\u003e lib: DER signature decoding correction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/03e06e135c8e44a2da560fa197d0ba1e1e2759e9\"\u003e\u003ccode\u003e03e06e1\u003c/code\u003e\u003c/a\u003e 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/7ac5360118f74eb02da73bdf9f24fd0c72ff5281\"\u003e\u003ccode\u003e7ac5360\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/75700785ff41bb5d029d19186beff26d4883caa5\"\u003e\u003ccode\u003e7570078\u003c/code\u003e\u003c/a\u003e 6.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/206da2ee373e68466cde353f81fb59ef251b740b\"\u003e\u003ccode\u003e206da2e\u003c/code\u003e\u003c/a\u003e lib: lint\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/elliptic/compare/v6.5.3...v6.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-router` from 6.8.1 to 6.30.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/releases\"\u003ereact-router's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.30.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/v6/CHANGELOG.md#v6302\"\u003ehttps://github.com/remix-run/react-router/blob/v6/CHANGELOG.md#v6302\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.30.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6301\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6301\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.30.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6300\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6300\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.29.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6290\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6290\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.28.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6282\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6282\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.28.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6281\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6281\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.28.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6280\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6280\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.27.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6270\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6270\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.26.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6262\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6262\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.26.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6261\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6261\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.26.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6260\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6260\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.25.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6251\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6251\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.25.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6250\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6250\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.24.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6241\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6241\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.24.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6240\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6240\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.23.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6231\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6231\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.23.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6230\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6230\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/blob/react-router@6.30.2/packages/react-router/CHANGELOG.md\"\u003ereact-router's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.30.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@remix-run/router@1.23.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.30.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePartially revert optimization added in \u003ccode\u003e6.29.0\u003c/code\u003e to reduce calls to \u003ccode\u003ematchRoutes\u003c/code\u003e because it surfaced other issues (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/13623\"\u003e#13623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eStop logging invalid warning when \u003ccode\u003ev7_relativeSplatPath\u003c/code\u003e is set to false (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/13502\"\u003e#13502\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.30.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003efetcherKey\u003c/code\u003e as a parameter to \u003ccode\u003epatchRoutesOnNavigation\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/13109\"\u003e#13109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@remix-run/router@1.23.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.29.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eProvide the request \u003ccode\u003esignal\u003c/code\u003e as a parameter to \u003ccode\u003epatchRoutesOnNavigation\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/12900\"\u003e#12900\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThis can be used to abort any manifest fetches if the in-flight navigation/fetcher is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDo not log v7 deprecation warnings in production builds (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/12794\"\u003e#12794\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eLimit matchRoutes optimization to client side routers (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/12881\"\u003e#12881\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize route matching by skipping redundant \u003ccode\u003ematchRoutes\u003c/code\u003e calls when possible (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/12169\"\u003e#12169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@remix-run/router@1.22.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.28.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@remix-run/router@1.21.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.28.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/26b5d4581fb2829dc7eaeaad413de4735173a6eb\"\u003e\u003ccode\u003e26b5d45\u003c/code\u003e\u003c/a\u003e chore: Update version for release (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14541\"\u003e#14541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/919f8a86b95f0c8956e3820743503d5609f572cd\"\u003e\u003ccode\u003e919f8a8\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre-v6) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14540\"\u003e#14540\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/69bf7056f1540918a0324e0af215978cdaf5d486\"\u003e\u003ccode\u003e69bf705\u003c/code\u003e\u003c/a\u003e Normalize double slashes in resolvePath (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14537\"\u003e#14537\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/3f2400e9a7e255953afef3d29126db2efb6c08ab\"\u003e\u003ccode\u003e3f2400e\u003c/code\u003e\u003c/a\u003e chore: Update version for release (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13647\"\u003e#13647\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/25a264d87bce0bd5f0170e99a3dcad3a61a5f080\"\u003e\u003ccode\u003e25a264d\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre-v6) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13638\"\u003e#13638\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/b5705a0b5e905212487336d7548d86418b299f16\"\u003e\u003ccode\u003eb5705a0\u003c/code\u003e\u003c/a\u003e Remove matchRoutes optimization from render pass (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13623\"\u003e#13623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/785f6f6d7796d36a1c60d1c718a69e6cb1f8d415\"\u003e\u003ccode\u003e785f6f6\u003c/code\u003e\u003c/a\u003e Prevent invalid warning for v7_relativeSplatPath (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13502\"\u003e#13502\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/e4ba5224c911e070b1eabd12cff2aa581270dfb3\"\u003e\u003ccode\u003ee4ba522\u003c/code\u003e\u003c/a\u003e chore: Update version for release (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13128\"\u003e#13128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/f0bc784ce8951cc5ed67bf6d48d9c132b9bdc621\"\u003e\u003ccode\u003ef0bc784\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre-v6) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13111\"\u003e#13111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/d9ed8241d677de006a9bfe808d32fe4582184dad\"\u003e\u003ccode\u003ed9ed824\u003c/code\u003e\u003c/a\u003e Fix up changelogs\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/remix-run/react-router/commits/react-router@6.30.2/packages/react-router\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for react-router since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack` from 5.84.1 to 5.104.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/releases\"\u003ewebpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.104.1\u003c/h2\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.104.0\u003c/h2\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.103.0\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eDotenvPlugin\u003c/code\u003e and top level \u003ccode\u003edotenv\u003c/code\u003e option to enable this plugin\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eWebpackManifestPlugin\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded support the \u003ccode\u003eignoreList\u003c/code\u003e option in devtool plugins\u003c/li\u003e\n\u003cli\u003eAllow to use custom javascript parse function\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/blob/main/CHANGELOG.md\"\u003ewebpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003c...\n\n_Description has been truncated_","html_url":"https://github.com/RemyLoveLogicAI/asi-alliance-wallet/pull/86","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/RemyLoveLogicAI%2Fasi-alliance-wallet/issues/86","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/86/packages"},{"uuid":"4055482771","node_id":"PR_kwDOPT54fM7Jkd_E","number":85,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 3 directories with 34 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":5,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-11T03:27:11.000Z","updated_at":"2026-03-11T03:30:52.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":34,"packages":[{"name":"vite","old_version":"5.0.11","new_version":"5.4.21","repository_url":"https://github.com/vitejs/vite"},{"name":"storybook","old_version":"7.6.7","new_version":"7.6.21","repository_url":"https://github.com/storybookjs/storybook"},{"name":"zx","old_version":"4.2.0","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"axios","old_version":"0.27.2","new_version":"0.30.3","repository_url":"https://github.com/axios/axios"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.3","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"secp256k1","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/cryptocoinjs/secp256k1-node"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"react-router","old_version":"6.8.1","new_version":"6.30.2","repository_url":"https://github.com/remix-run/react-router"},{"name":"webpack","old_version":"5.84.1","new_version":"5.104.1","repository_url":"https://github.com/webpack/webpack"},{"name":"@babel/helpers","old_version":"7.12.5","new_version":"7.28.6","repository_url":"https://github.com/babel/babel"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"express","old_version":"4.18.2","new_version":"4.22.1","repository_url":"https://github.com/expressjs/express"},{"name":"fast-xml-parser","old_version":"4.2.6","new_version":"4.5.4","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"min-document","old_version":"2.19.0","new_version":"2.19.2","repository_url":"https://github.com/Raynos/min-document"},{"name":"nanoid","old_version":"3.3.4","new_version":"3.3.11","repository_url":"https://github.com/ai/nanoid"},{"name":"qs","old_version":"6.5.3","new_version":"6.5.5","repository_url":"https://github.com/ljharb/qs"},{"name":"serve-static","old_version":"1.15.0","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"},{"name":"store2","old_version":"2.14.2","new_version":"2.14.4","repository_url":"https://github.com/nbubna/store"},{"name":"tar-fs","old_version":"2.1.1","new_version":"2.1.4","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tiny-secp256k1","old_version":"1.1.6","new_version":"1.1.7","repository_url":"https://github.com/bitcoinjs/tiny-secp256k1"},{"name":"vm2","old_version":"3.9.19","new_version":"3.10.5","repository_url":"https://github.com/patriksimek/vm2"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 22 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.0.11` | `5.4.21` |\n| [storybook](https://github.com/storybookjs/storybook/tree/HEAD/code/core) | `7.6.7` | `7.6.21` |\n| [zx](https://github.com/google/zx) | `4.2.0` | `8.8.5` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [axios](https://github.com/axios/axios) | `0.27.2` | `0.30.3` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.3` |\n| [secp256k1](https://github.com/cryptocoinjs/secp256k1-node) | `4.0.3` | `4.0.4` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `6.8.1` | `6.30.2` |\n| [webpack](https://github.com/webpack/webpack) | `5.84.1` | `5.104.1` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.12.5` | `7.28.6` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.1` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.2.6` | `4.5.4` |\n| [min-document](https://github.com/Raynos/min-document) | `2.19.0` | `2.19.2` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.4` | `3.3.11` |\n| [qs](https://github.com/ljharb/qs) | `6.5.3` | `6.5.5` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.15.0` | `1.16.3` |\n| [store2](https://github.com/nbubna/store) | `2.14.2` | `2.14.4` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.1.1` | `2.1.4` |\n| [tiny-secp256k1](https://github.com/bitcoinjs/tiny-secp256k1) | `1.1.6` | `1.1.7` |\n| [vm2](https://github.com/patriksimek/vm2) | `3.9.19` | `3.10.5` |\n\nBumps the npm_and_yarn group with 1 update in the /scripts/mobile-publish directory: [zx](https://github.com/google/zx).\nBumps the npm_and_yarn group with 18 updates in the /wallet-api-example directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [zx](https://github.com/google/zx) | `7.2.3` | `8.8.5` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [webpack](https://github.com/webpack/webpack) | `5.88.2` | `5.105.4` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.22.15` | `7.28.6` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.9` | `3.0.11` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.1` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.6` | `2.0.9` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [micromatch](https://github.com/micromatch/micromatch) | `4.0.5` | `4.0.8` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.6` | `3.3.11` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.3.3` |\n| [rollup](https://github.com/rollup/rollup) | `2.79.1` | `2.80.0` |\n| [tiny-secp256k1](https://github.com/bitcoinjs/tiny-secp256k1) | `1.1.6` | `1.1.7` |\n| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `4.15.1` | `4.15.2` |\n\n\nUpdates `vite` from 5.0.11 to 5.4.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.4.21\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.20\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/ca88ed7398288ce0c60176ac9a6392f10654c67c/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.19\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.19/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.21 (2025-10-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970\"\u003e#20970\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c\"\u003ecad1d31\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20968\"\u003e#20968\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20970\"\u003e#20970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update CHANGELOG (\u003ca href=\"https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c\"\u003eca88ed7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.20 (2025-09-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea\"\u003e482000f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20736\"\u003e#20736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: port sirv@3.0.2 changes to sirv@2.0.4 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20737\"\u003e#20737\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/4f1c35bcbb5830290c694aa14b6789e07450f069\"\u003e4f1c35b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20737\"\u003e#20737\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.19 (2025-04-30)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e, check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966\"\u003e#19966\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0\"\u003e766947e\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19965\"\u003e#19965\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19966\"\u003e#19966\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.18 (2025-04-10)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830\"\u003e#19830\u003c/a\u003e, reject requests with \u003ccode\u003e#\u003c/code\u003e in request-target (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831\"\u003e#19831\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f\"\u003e823675b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19830\"\u003e#19830\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19831\"\u003e#19831\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.17 (2025-04-03)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19782\"\u003e#19782\u003c/a\u003e, fs check with svg and relative paths (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19784\"\u003e#19784\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/84b2b46ed129be8215108e789a90adbb33a9c42c\"\u003e84b2b46\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19782\"\u003e#19782\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19784\"\u003e#19784\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.16 (2025-03-31)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19761\"\u003e#19761\u003c/a\u003e, fs check in transform middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19762\"\u003e#19762\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/b627c50d359f3bd9b602408fbbf462cf4a2f019c\"\u003eb627c50\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19761\"\u003e#19761\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19762\"\u003e#19762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.15 (2025-03-24)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19702\"\u003e#19702\u003c/a\u003e, fs raw query with query separators (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19703\"\u003e#19703\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/807d7f06d33ab49c48a2a3501da3eea1906c0d41\"\u003e807d7f0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19702\"\u003e#19702\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19703\"\u003e#19703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.14 (2025-01-21)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: \u003ccode\u003epreview.allowedHosts\u003c/code\u003e with specific values was not respected (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19246\"\u003e#19246\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/9df6e6beabf0d18988ec13b8b742d2aba29662f9\"\u003e9df6e6b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19246\"\u003e#19246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: allow CORS from loopback addresses by default (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19249\"\u003e#19249\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/7d1699ccf673e2790704756d89d2e1e4ee478fb4\"\u003e7d1699c\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19249\"\u003e#19249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/adce3c22c64cc9d44cc8f45cc92b543e3e4bf385\"\u003e\u003ccode\u003eadce3c2\u003c/code\u003e\u003c/a\u003e release: v5.4.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c\"\u003e\u003ccode\u003ecad1d31\u003c/code\u003e\u003c/a\u003e fix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970\"\u003e#20970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c\"\u003e\u003ccode\u003eca88ed7\u003c/code\u003e\u003c/a\u003e chore: update CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/997700f01c7199daf7330d33a7fd3a43b2e9e3ba\"\u003e\u003ccode\u003e997700f\u003c/code\u003e\u003c/a\u003e release: v5.4.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea\"\u003e\u003ccode\u003e482000f\u003c/code\u003e\u003c/a\u003e fix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/80a333a23103ced0442d4463d1191433d90f5e19\"\u003e\u003ccode\u003e80a333a\u003c/code\u003e\u003c/a\u003e release: v5.4.19\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0\"\u003e\u003ccode\u003e766947e\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e, check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966\"\u003e#19966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/731b77d19d36f5682a5441b49cb2f6473389ad99\"\u003e\u003ccode\u003e731b77d\u003c/code\u003e\u003c/a\u003e release: v5.4.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f\"\u003e\u003ccode\u003e823675b\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830\"\u003e#19830\u003c/a\u003e, reject requests with \u003ccode\u003e#\u003c/code\u003e in request-target (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831\"\u003e#19831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/0a2518a98d2354c61ee8ef51f7d00fa92aebb511\"\u003e\u003ccode\u003e0a2518a\u003c/code\u003e\u003c/a\u003e release: v5.4.17\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v5.4.21/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `storybook` from 7.6.7 to 7.6.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/releases\"\u003estorybook's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.6.21\u003c/h2\u003e\n\u003ch2\u003e7.6.21\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCore: Fix .env-file parsing, thanks \u003ca href=\"https://github.com/jreinhold\"\u003e\u003ccode\u003e@​jreinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md\"\u003estorybook's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.2.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNext.js: Add support for v16.2 - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34046\"\u003e#34046\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCSF-Factories: Fix ConfigFile parser false warning on \u003ccode\u003edefinePreview({...}).type\u0026lt;T\u0026gt;()\u003c/code\u003e export default - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33885\"\u003e#33885\u003c/a\u003e, thanks \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Add host/origin validation to requests and websocket connections - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33835\"\u003e#33835\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ghengeveld\"\u003e\u003ccode\u003e@​ghengeveld\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Add vike metadata frameworks - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33965\"\u003e#33965\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yannbf\"\u003e\u003ccode\u003e@​yannbf\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Resolve builder preset path correctly in pnpm strict mode - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34032\"\u003e#34032\u003c/a\u003e, thanks \u003ca href=\"https://github.com/braedenfoster\"\u003e\u003ccode\u003e@​braedenfoster\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Update default allowed hosts in host validation middleware - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34045\"\u003e#34045\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ghengeveld\"\u003e\u003ccode\u003e@​ghengeveld\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCore: Storybook failed to load iframe.html when publishing - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33896\"\u003e#33896\u003c/a\u003e, thanks \u003ca href=\"https://github.com/danielalanbates\"\u003e\u003ccode\u003e@​danielalanbates\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eManager-API: Update refs sequentially in experimental_setFilter - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33958\"\u003e#33958\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ia319\"\u003e\u003ccode\u003e@​ia319\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Handle render identifier in manifest snippet generation - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33940\"\u003e#33940\u003c/a\u003e, thanks \u003ca href=\"https://github.com/kasperpeulen\"\u003e\u003ccode\u003e@​kasperpeulen\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCLI: Set STORYBOOK environment variable - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33938\"\u003e#33938\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yannbf\"\u003e\u003ccode\u003e@​yannbf\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent crash when tag filters contain undefined entries - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33931\"\u003e#33931\u003c/a\u003e, thanks \u003ca href=\"https://github.com/abhaysinh1000\"\u003e\u003ccode\u003e@​abhaysinh1000\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Pseudo-states: Process all nested css rules - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33605\"\u003e#33605\u003c/a\u003e, thanks \u003ca href=\"https://github.com/hpohlmeyer\"\u003e\u003ccode\u003e@​hpohlmeyer\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eBuilder-Vite: Prevent config duplication - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33883\"\u003e#33883\u003c/a\u003e, thanks \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCLI: Fix React native web A11y issues - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33937\"\u003e#33937\u003c/a\u003e, thanks \u003ca href=\"https://github.com/jonniebigodes\"\u003e\u003ccode\u003e@​jonniebigodes\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Avoid hanging when inferring args for recursive calls on DOM elemens - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33922\"\u003e#33922\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eEslint: Fix ESLint 10 compatibility in eslint-plugin-storybook rules - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33884\"\u003e#33884\u003c/a\u003e, thanks \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eViewport: Prioritize story viewport globals and avoid user-global pollution - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33849\"\u003e#33849\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ia319\"\u003e\u003ccode\u003e@​ia319\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCore: Sanitize inputs for save from controls - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33868\"\u003e#33868\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add project age - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33910\"\u003e#33910\u003c/a\u003e, thanks \u003ca href=\"https://github.com/shilman\"\u003e\u003ccode\u003e@​shilman\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eWebpack: Improve performance of module-mocking plugins - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33169\"\u003e#33169\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon-Vitest: Fix postinstall a11y installation - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33888\"\u003e#33888\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eManifests: Use correct story name - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33709\"\u003e#33709\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eNext.js: Handle legacyBehavior prop in Link mock component  - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33862\"\u003e#33862\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Fix manifest stories empty when meta has no explicit title - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33878\"\u003e#33878\u003c/a\u003e, thanks \u003ca href=\"https://github.com/kasperpeulen\"\u003e\u003ccode\u003e@​kasperpeulen\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCore: Require token for websocket connections - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33820\"\u003e#33820\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ghengeveld\"\u003e\u003ccode\u003e@​ghengeveld\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.9\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/storybookjs/storybook/commits/v7.6.21/code/core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~storybook-bot\"\u003estorybook-bot\u003c/a\u003e, a new releaser for storybook since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 4.2.0 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/4.2.0...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sha.js` from 2.4.11 to 2.4.12\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/sha.js/blob/master/CHANGELOG.md\"\u003esha.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/sha.js/compare/v2.4.11...v2.4.12\"\u003ev2.4.12\u003c/a\u003e - 2025-07-01\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/sha.js/commit/7acadfbd3abb558880212b20669fcb09e1aa1c58\"\u003e\u003ccode\u003e7acadfb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/b46e7116ebeaa82f34bbf2d7494fff7ef46eab3e\"\u003e\u003ccode\u003eb46e711\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix package.json indentation \u003ca href=\"https://github.com/browserify/sha.js/commit/df9d521e16ddf55dc877c43c05706d43c057fad4\"\u003e\u003ccode\u003edf9d521\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/sha.js/commit/c43c64adc6d3607d470538df72338fc02e63bc24\"\u003e\u003ccode\u003ec43c64a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] support multi-byte wide typed arrays \u003ca href=\"https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5\"\u003e\u003ccode\u003ef2a258e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] reorder package.json \u003ca href=\"https://github.com/browserify/sha.js/commit/d8d77c0a729c99593e304047f9d4335b498fd9ed\"\u003e\u003ccode\u003ed8d77c0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/35aec35c667b606b2495be3e4186bbe977b9e087\"\u003e\u003ccode\u003e35aec35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] avoid console logs \u003ca href=\"https://github.com/browserify/sha.js/commit/73e33ae0ca6bca232627cac7473028e1d218f67e\"\u003e\u003ccode\u003e73e33ae\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests run in batch \u003ca href=\"https://github.com/browserify/sha.js/commit/262913006e94616c8cd245ef6bd61bc4410b29e3\"\u003e\u003ccode\u003e2629130\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] drop node requirement to 0.10 \u003ca href=\"https://github.com/browserify/sha.js/commit/00c7f234aa3bdbd427ffeb929bacbb05334eb3e9\"\u003e\u003ccode\u003e00c7f23\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ebuffer\u003c/code\u003e, \u003ccode\u003ehash-test-vectors\u003c/code\u003e, \u003ccode\u003estandard\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypedarray\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/92b5de5f67472d9f18413d38ad5b9aba29ff4c22\"\u003e\u003ccode\u003e92b5de5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] drop node requirement to v3 \u003ca href=\"https://github.com/browserify/sha.js/commit/9b5eca80fd9bb21cf05bdf43ce42661f1bbafeaa\"\u003e\u003ccode\u003e9b5eca8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] set engines to \u003ccode\u003e\u0026amp;gt;= 4\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/807084c5c0f943459e89838252cafbd175b549b7\"\u003e\u003ccode\u003e807084c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/sha.js/commit/c72789c7a129cf453d44008ba27a88b90ac7989b\"\u003e\u003ccode\u003ec72789c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/5428cfc6f7177ad1a41c837b9387308848db96de\"\u003e\u003ccode\u003e5428cfc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/2dbe0aab419e90add5032c70c9663b8fc562adb8\"\u003e\u003ccode\u003e2dbe0aa\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate README to reflect LICENSE \u003ca href=\"https://github.com/browserify/sha.js/commit/8938256dbb2241a7c749e4a399dbaff48cbe8e95\"\u003e\u003ccode\u003e8938256\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/sha.js/commit/d52889688ce524e63570f35e448635a29e6dd791\"\u003e\u003ccode\u003ed528896\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused \u003ccode\u003ebuffer\u003c/code\u003e dep \u003ca href=\"https://github.com/browserify/sha.js/commit/94ca7247f467ef045f41d534708bf7c700e03828\"\u003e\u003ccode\u003e94ca724\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/eb4ea2fd3da93d41e250f9ac8a1a133ce450e0a2\"\u003e\u003ccode\u003eeb4ea2f\u003c/code\u003e\u003c/a\u003e v2.4.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/d8d77c0a729c99593e304047f9d4335b498fd9ed\"\u003e\u003ccode\u003ed8d77c0\u003c/code\u003e\u003c/a\u003e [meta] reorder package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/df9d521e16ddf55dc877c43c05706d43c057fad4\"\u003e\u003ccode\u003edf9d521\u003c/code\u003e\u003c/a\u003e [eslint] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/35aec35c667b606b2495be3e4186bbe977b9e087\"\u003e\u003ccode\u003e35aec35\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/d52889688ce524e63570f35e448635a29e6dd791\"\u003e\u003ccode\u003ed528896\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/b46e7116ebeaa82f34bbf2d7494fff7ef46eab3e\"\u003e\u003ccode\u003eb46e711\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/94ca7247f467ef045f41d534708bf7c700e03828\"\u003e\u003ccode\u003e94ca724\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused \u003ccode\u003ebuffer\u003c/code\u003e dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/2dbe0aab419e90add5032c70c9663b8fc562adb8\"\u003e\u003ccode\u003e2dbe0aa\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/73e33ae0ca6bca232627cac7473028e1d218f67e\"\u003e\u003ccode\u003e73e33ae\u003c/code\u003e\u003c/a\u003e [Tests] avoid console logs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5\"\u003e\u003ccode\u003ef2a258e\u003c/code\u003e\u003c/a\u003e [Fix] support multi-byte wide typed arrays\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/sha.js/compare/v2.4.11...v2.4.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for sha.js since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 0.27.2 to 0.30.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease notes - v0.30.3\u003c/h2\u003e\n\u003cp\u003eThis is a critical security maintenance release for the v0.x branch. It addresses a high-priority vulnerability involving prototype pollution that could lead to a Denial of Service (DoS).\u003c/p\u003e\n\u003cp\u003eRecommendation: All users currently on the 0.x release line should upgrade to this version immediately to ensure environment stability.\u003c/p\u003e\n\u003ch2\u003e🛡️ Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBackport: Fix DoS via \u003cstrong\u003eproto\u003c/strong\u003e key in merge config\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003ePatched a vulnerability where specifically crafted configuration objects using the \u003cstrong\u003eproto\u003c/strong\u003e key could cause a Denial of Service during the merge process. - \u003cem\u003eby \u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e in [PR \u003ca href=\"https://redirect.github.com/axios/axios/issues/7388\"\u003e#7388\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/axios/axios/pull/7388\"\u003eaxios/axios#7388\u003c/a\u003e)\u003c/em\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚙️ Maintenance \u0026amp; CI\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCI Infrastructure Update\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated Continuous Integration workflows for the v0.x branch to maintain long-term support and build reliability. - \u003cem\u003eby \u003ca href=\"https://github.com/jasonsaayman\"\u003e\u003ccode\u003e@​jasonsaayman\u003c/code\u003e\u003c/a\u003e in [PR \u003ca href=\"https://redirect.github.com/axios/axios/issues/7407\"\u003e#7407\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/axios/axios/pull/7407\"\u003eaxios/axios#7407\u003c/a\u003e)\u003c/em\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Breaking Changes\u003c/h2\u003e\n\u003cp\u003eConfiguration Merging Behavior:\u003c/p\u003e\n\u003cp\u003eAs part of the security fix, Axios now restricts the merging of the \u003cstrong\u003eproto\u003c/strong\u003e key within configuration objects. If your codebase relies on unconventional deep-merging patterns that target the object prototype via Axios config, those operations will now be blocked. This is a necessary change to prevent prototype pollution.\u003c/p\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/axios/axios/compare/v0.30.2...v0.30.3\"\u003ev0.30.2...v0.30.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.30.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u003ccode\u003emaxContentLength\u003c/code\u003e vulnerability fix to v0.x by \u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/7034\"\u003eaxios/axios#7034\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/axios/axios/pull/7034\"\u003eaxios/axios#7034\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/axios/axios/compare/v0.30.1...v0.30.2\"\u003ehttps://github.com/axios/axios/compare/v0.30.1...v0.30.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v0.30.1\u003c/h2\u003e\n\u003ch2\u003eRelease notes:\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): bump form-data from 4.0.0 to 4.0.4 for v0.x by \u003ca href=\"https://github.com/wolandec\"\u003e\u003ccode\u003e@​wolandec\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6978\"\u003eaxios/axios#6978\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wolandec\"\u003e\u003ccode\u003e@​wolandec\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6978\"\u003eaxios/axios#6978\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/axios/axios/compare/v0.30.0...v0.30.1\"\u003ehttps://github.com/axios/axios/compare/v0.30.0...v0.30.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v0.30.0\u003c/h2\u003e\n\u003ch2\u003eRelease notes:\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: modify log while request is aborted by \u003ca href=\"https://github.com/mori5321\"\u003e\u003ccode\u003e@​mori5321\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/4917\"\u003eaxios/axios#4917\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update CHANGELOG.md for v0.x by \u003ca href=\"https://github.com/TehZarathustra\"\u003e\u003ccode\u003e@​TehZarathustra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6271\"\u003eaxios/axios#6271\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: modify upgrade guide for 0.28.1's breaking change by \u003ca href=\"https://github.com/nafeger\"\u003e\u003ccode\u003e@​nafeger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6787\"\u003eaxios/axios#6787\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f53bcf6c3747652c9d3811dc0bbcd3674e21567a\"\u003e\u003ccode\u003ef53bcf6\u003c/code\u003e\u003c/a\u003e chore: release 0.30.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3ddccd3bf478c8aab863f2fdd4a52461849eab45\"\u003e\u003ccode\u003e3ddccd3\u003c/code\u003e\u003c/a\u003e chore: remove publish as this wont work\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9ef39d07245286df678c1a16e7b5769610ba8326\"\u003e\u003ccode\u003e9ef39d0\u003c/code\u003e\u003c/a\u003e chore: try with npm token\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4775de601df704d8d4e7336a57b08a2e21de8ff4\"\u003e\u003ccode\u003e4775de6\u003c/code\u003e\u003c/a\u003e chore: fix version scheme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f96f26b2014404534424e765b83a1dbbd8cb091f\"\u003e\u003ccode\u003ef96f26b\u003c/code\u003e\u003c/a\u003e chore: fix issues with using replace\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ead45c20b05ab32c26cb63d0f7a20e8b123d9f68\"\u003e\u003ccode\u003eead45c2\u003c/code\u003e\u003c/a\u003e chore: update the publish workflow to run on tag\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/8119265e6ce71898d19448d30356789cccc2de56\"\u003e\u003ccode\u003e8119265\u003c/code\u003e\u003c/a\u003e chore: tag version as legacy on v0.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/995498519881c23ba97b42dda16bcadc0e4791a7\"\u003e\u003ccode\u003e9954985\u003c/code\u003e\u003c/a\u003e chore: dispatch for first time\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3f8b70fdfc7903aa137ea4f6539cd00f5df97afb\"\u003e\u003ccode\u003e3f8b70f\u003c/code\u003e\u003c/a\u003e chore: final rename\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c66558430e71cf0c113a2969355cde25cb159fff\"\u003e\u003ccode\u003ec665584\u003c/code\u003e\u003c/a\u003e chore: revert naming\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.27.2...v0.30.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pbkdf2` from 3.1.2 to 3.1.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md\"\u003epbkdf2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.3\"\u003ev3.1.3\u003c/a\u003e - 2025-06-20\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8b067308eedcc3b7da3e06202d437ff532de75bd\"\u003e\u003ccode\u003e8b06730\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix whitespace \u003ca href=\"https://github.com/browserify/pbkdf2/commit/9a76e2f37ef4541aeff92d97b7335b7fa6e989a8\"\u003e\u003ccode\u003e9a76e2f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix parens/curlies/semis/etc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/6fd84bf64a423d207d9e665f3e9fd88b148c4480\"\u003e\u003ccode\u003e6fd84bf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/796c38d428ed9546e7ddfbb38322faa99921d716\"\u003e\u003ccode\u003e796c38d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node 17 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/3661fb0156177bfe380c7bcc133917e7ee501bc7\"\u003e\u003ccode\u003e3661fb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;[Tests] fix tests in node \u0026lt; 3\u0026quot; \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7431b5766805cbf880c1b3d0f38d484357844ff7\"\u003e\u003ccode\u003e7431b57\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node \u0026lt; 3 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/eb9f97a66ed83836bebc4ff563a1588248708501\"\u003e\u003ccode\u003eeb9f97a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] ensure unknown algorithms throw + known ones match node \u003ca href=\"https://github.com/browserify/pbkdf2/commit/26d4fd391e00ed806840ea1ef7341937985f4ba8\"\u003e\u003ccode\u003e26d4fd3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add GHA, always run nyc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/513906a735e80a0e125e1a3363c5dbe90bb34bb7\"\u003e\u003ccode\u003e513906a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix a few more rules \u003ca href=\"https://github.com/browserify/pbkdf2/commit/ab04da834a0342cb3779486314fa67ebc1e3f035\"\u003e\u003ccode\u003eab04da8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] switch to eslint \u003ca href=\"https://github.com/browserify/pbkdf2/commit/89694cf7e4062a8c924fbe74ad2b2d3cf78f1715\"\u003e\u003ccode\u003e89694cf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add coverage \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d0d534bfdc4db6d6ea9f719606ad18a78db6c124\"\u003e\u003ccode\u003ed0d534b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb\"\u003e\u003ccode\u003ee3102a8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] improve badges \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fca0c9d4c5b053d911315a3607367d1db9f9f605\"\u003e\u003ccode\u003efca0c9d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] remove unused travis file \u003ca href=\"https://github.com/browserify/pbkdf2/commit/a2c7d93bbcad73c49dad0c18fef6b8a4af8c3310\"\u003e\u003ccode\u003ea2c7d93\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] switch from \u003ccode\u003efiles\u003c/code\u003e to \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7f31fbca528fa5af3b7d3910daf09a7e5ed8adb4\"\u003e\u003ccode\u003e7f31fbc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] use .nycrc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8d628e8d5559b4acd4d4a714afb04a2990f901b7\"\u003e\u003ccode\u003e8d628e8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] minor tweaks \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fc61005c8cbd480e24ee103ac39a45f0d90ac636\"\u003e\u003ccode\u003efc61005\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ecreate-hmac\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e, \u003ccode\u003esha.js\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/ae2a7d051c9133c25d5212ba4f46747c0ed4c190\"\u003e\u003ccode\u003eae2a7d0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] pin \u003ccode\u003ecreate-hash\u003c/code\u003e, \u003ccode\u003eripemd160\u003c/code\u003e due to breaking changes \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e07996890af79296f1913431fb3b252e25df2f0e\"\u003e\u003ccode\u003ee079968\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node 3 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/45fbcf30431f9585ae3b61f2207c0a16c1953915\"\u003e\u003ccode\u003e45fbcf3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] skip publishing benchmarks \u003ca href=\"https://github.com/browserify/pbkdf2/commit/19ea57bf11d055ddcd97d2556cd3097663b050b9\"\u003e\u003ccode\u003e19ea57b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/pbkdf2/commit/645e252375087e97beb95e518038b99eb5724c5b\"\u003e\u003ccode\u003e645e252\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/3e40827b183f7f5a14946bdb7d57de3d1d8dd581\"\u003e\u003ccode\u003e3e40827\u003c/code\u003e\u003c/a\u003e v3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb\"\u003e\u003ccode\u003ee3102a8\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/7431b5766805cbf880c1b3d0f38d484357844ff7\"\u003e\u003ccode\u003e7431b57\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;[Tests] fix tests in node \u0026lt; 3\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/19ea57bf11d055ddcd97d2556cd3097663b050b9\"\u003e\u003ccode\u003e19ea57b\u003c/code\u003e\u003c/a\u003e [meta] skip publishing benchmarks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/a2c7d93bbcad73c49dad0c18fef6b8a4af8c3310\"\u003e\u003ccode\u003ea2c7d93\u003c/code\u003e\u003c/a\u003e [Tests] remove unused travis file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/645e252375087e97beb95e518038b99eb5724c5b\"\u003e\u003ccode\u003e645e252\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/796c38d428ed9546e7ddfbb38322faa99921d716\"\u003e\u003ccode\u003e796c38d\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/d0d534bfdc4db6d6ea9f719606ad18a78db6c124\"\u003e\u003ccode\u003ed0d534b\u003c/code\u003e\u003c/a\u003e [Tests] add coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/7f31fbca528fa5af3b7d3910daf09a7e5ed8adb4\"\u003e\u003ccode\u003e7f31fbc\u003c/code\u003e\u003c/a\u003e [meta] switch from \u003ccode\u003efiles\u003c/code\u003e to \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/fca0c9d4c5b053d911315a3607367d1db9f9f605\"\u003e\u003ccode\u003efca0c9d\u003c/code\u003e\u003c/a\u003e [readme] improve badges\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for pbkdf2 since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `secp256k1` from 4.0.3 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/secp256k1-node/commit/756fce19036700a3fc421ba5a9520cd090d2b92a\"\u003e\u003ccode\u003e756fce1\u003c/code\u003e\u003c/a\u003e 4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/secp256k1-node/commit/8bd6446e000fa59df3cda0ae3e424300747ea5ed\"\u003e\u003ccode\u003e8bd6446\u003c/code\u003e\u003c/a\u003e elliptic: fix key verification in loadCompressedPublicKey\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/secp256k1-node/commit/840834e833f9b077e0f29828140cc8cd91be3ee2\"\u003e\u003ccode\u003e840834e\u003c/code\u003e\u003c/a\u003e Update elliptic to 6.5.7 (CVE-2024-42461) (\u003ca href=\"https://redirect.github.com/cryptocoinjs/secp256k1-node/issues/206\"\u003e#206\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cryptocoinjs/secp256k1-node/compare/v4.0.3...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `elliptic` from 6.5.3 to 6.6.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/9b77436a59cc35eccf4ffb848259c8762a492ee7\"\u003e\u003ccode\u003e9b77436\u003c/code\u003e\u003c/a\u003e 6.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/04cb6f54ce552b3ebde6be06d6050419e1c7333e\"\u003e\u003ccode\u003e04cb6f5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/b8a7edd61a0d9bddd0bbf3436a4b476401edbe20\"\u003e\u003ccode\u003eb8a7edd\u003c/code\u003e\u003c/a\u003e 6.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/34c853478cec1be4e37260ed2cb12cdbdc6402cf\"\u003e\u003ccode\u003e34c8534\u003c/code\u003e\u003c/a\u003e fix: signature verification due to leading zeros\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/3e46a48fdd2ef2f89593e5e058d85530578c9761\"\u003e\u003ccode\u003e3e46a48\u003c/code\u003e\u003c/a\u003e 6.5.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/accb61e9c1a005e5c8ff96a8b33893100bb42d11\"\u003e\u003ccode\u003eaccb61e\u003c/code\u003e\u003c/a\u003e lib: DER signature decoding correction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/03e06e135c8e44a2da560fa197d0ba1e1e2759e9\"\u003e\u003ccode\u003e03e06e1\u003c/code\u003e\u003c/a\u003e 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/7ac5360118f74eb02da73bdf9f24fd0c72ff5281\"\u003e\u003ccode\u003e7ac5360\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/75700785ff41bb5d029d19186beff26d4883caa5\"\u003e\u003ccode\u003e7570078\u003c/code\u003e\u003c/a\u003e 6.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/206da2ee373e68466cde353f81fb59ef251b740b\"\u003e\u003ccode\u003e206da2e\u003c/code\u003e\u003c/a\u003e lib: lint\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/elliptic/compare/v6.5.3...v6.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-router` from 6.8.1 to 6.30.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/releases\"\u003ereact-router's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.30.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/v6/CHANGELOG.md#v6302\"\u003ehttps://github.com/remix-run/react-router/blob/v6/CHANGELOG.md#v6302\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.30.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6301\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6301\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.30.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6300\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6300\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.29.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6290\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6290\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.28.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6282\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6282\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.28.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6281\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6281\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.28.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6280\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6280\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.27.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6270\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6270\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.26.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6262\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6262\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.26.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6261\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6261\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.26.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6260\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6260\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.25.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6251\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6251\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.25.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6250\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6250\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.24.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6241\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6241\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.24.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6240\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6240\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.23.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6231\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6231\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.23.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6230\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6230\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/blob/react-router@6.30.2/packages/react-router/CHANGELOG.md\"\u003ereact-router's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.30.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@remix-run/router@1.23.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.30.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePartially revert optimization added in \u003ccode\u003e6.29.0\u003c/code\u003e to reduce calls to \u003ccode\u003ematchRoutes\u003c/code\u003e because it surfaced other issues (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/13623\"\u003e#13623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eStop logging invalid warning when \u003ccode\u003ev7_relativeSplatPath\u003c/code\u003e is set to false (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/13502\"\u003e#13502\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.30.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003efetcherKey\u003c/code\u003e as a parameter to \u003ccode\u003epatchRoutesOnNavigation\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/13109\"\u003e#13109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@remix-run/router@1.23.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.29.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eProvide the request \u003ccode\u003esignal\u003c/code\u003e as a parameter to \u003ccode\u003epatchRoutesOnNavigation\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/12900\"\u003e#12900\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThis can be used to abort any manifest fetches if the in-flight navigation/fetcher is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDo not log v7 deprecation warnings in production builds (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/12794\"\u003e#12794\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eLimit matchRoutes optimization to client side routers (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/12881\"\u003e#12881\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize route matching by skipping redundant \u003ccode\u003ematchRoutes\u003c/code\u003e calls when possible (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/12169\"\u003e#12169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@remix-run/router@1.22.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.28.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@remix-run/router@1.21.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.28.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/26b5d4581fb2829dc7eaeaad413de4735173a6eb\"\u003e\u003ccode\u003e26b5d45\u003c/code\u003e\u003c/a\u003e chore: Update version for release (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14541\"\u003e#14541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/919f8a86b95f0c8956e3820743503d5609f572cd\"\u003e\u003ccode\u003e919f8a8\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre-v6) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14540\"\u003e#14540\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/69bf7056f1540918a0324e0af215978cdaf5d486\"\u003e\u003ccode\u003e69bf705\u003c/code\u003e\u003c/a\u003e Normalize double slashes in resolvePath (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14537\"\u003e#14537\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/3f2400e9a7e255953afef3d29126db2efb6c08ab\"\u003e\u003ccode\u003e3f2400e\u003c/code\u003e\u003c/a\u003e chore: Update version for release (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13647\"\u003e#13647\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/25a264d87bce0bd5f0170e99a3dcad3a61a5f080\"\u003e\u003ccode\u003e25a264d\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre-v6) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13638\"\u003e#13638\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/b5705a0b5e905212487336d7548d86418b299f16\"\u003e\u003ccode\u003eb5705a0\u003c/code\u003e\u003c/a\u003e Remove matchRoutes optimization from render pass (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13623\"\u003e#13623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/785f6f6d7796d36a1c60d1c718a69e6cb1f8d415\"\u003e\u003ccode\u003e785f6f6\u003c/code\u003e\u003c/a\u003e Prevent invalid warning for v7_relativeSplatPath (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13502\"\u003e#13502\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/e4ba5224c911e070b1eabd12cff2aa581270dfb3\"\u003e\u003ccode\u003ee4ba522\u003c/code\u003e\u003c/a\u003e chore: Update version for release (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13128\"\u003e#13128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/f0bc784ce8951cc5ed67bf6d48d9c132b9bdc621\"\u003e\u003ccode\u003ef0bc784\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre-v6) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13111\"\u003e#13111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/d9ed8241d677de006a9bfe808d32fe4582184dad\"\u003e\u003ccode\u003ed9ed824\u003c/code\u003e\u003c/a\u003e Fix up changelogs\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/remix-run/react-router/commits/react-router@6.30.2/packages/react-router\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for react-router since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack` from 5.84.1 to 5.104.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/releases\"\u003ewebpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.104.1\u003c/h2\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.104.0\u003c/h2\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.103.0\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eDotenvPlugin\u003c/code\u003e and top level \u003ccode\u003edotenv\u003c/code\u003e option to enable this plugin\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eWebpackManifestPlugin\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded support the \u003ccode\u003eignoreList\u003c/code\u003e option in devtool plugins\u003c/li\u003e\n\u003cli\u003eAllow to use custom javascript parse function\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/blob/main/CHANGELOG.md\"\u003ewebpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/24e3c2d2c9f8c6d60810302b2ea70ed86e2863dc\"\u003e\u003ccode\u003e24e3c2d\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.git...\n\n_Description has been truncated_\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nBump dependencies to improve security and script stability across the repo. The main changes upgrade `axios` to 0.30.3, `zx` to 8.8.5, and align `secp256k1` to 4.0.4 in `packages/fetch-extension`.\n\n- **Dependencies**\n  - Upgraded `axios` to `^0.30.3` in core packages (security fix for prototype pollution; stricter config merging).\n  - Upgraded `zx` to `^8.8.5` in root, `scripts/mobile-publish`, and `wallet-api-example` (safer process handling, Windows support, prevents accidental `node_modules` deletion).\n  - Set `secp256k1` to `^4.0.4` in `packages/fetch-extension` (dependency chain security fix).\n  - Regenerated lockfiles across the repo.\n\n- **Migration**\n  - Check `fetch-extension` for any usage of `axios` v1-only APIs and adjust configs that relied on merging `__proto__`.\n  - Validate publish scripts using `zx` locally and in CI to ensure expected behavior.\n\n\u003csup\u003eWritten for commit 6906c7e6a74afa3d0b0a304845f28993ddbf3033. Summary will update on new commits.\u003c/sup\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/RemyLoveLogicAI/asi-alliance-wallet/pull/85","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/RemyLoveLogicAI%2Fasi-alliance-wallet/issues/85","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/85/packages"}],"issue_packages":[{"old_version":"8.1.4","new_version":"8.8.5","update_type":"minor","path":"/tokens/transfer-tokens/anchor","pr_created_at":"2026-05-23T05:00:27.000Z","version_change":"8.1.4 → 8.8.5","issue":{"uuid":"4506893089","node_id":"PR_kwDOQds0Gs7ejrhm","number":1,"state":"closed","title":"Bump zx from 8.1.4 to 8.8.5 in /tokens/transfer-tokens/anchor","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-29T23:49:14.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-23T05:00:27.000Z","updated_at":"2026-05-29T23:49:16.000Z","time_to_close":586127,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"zx","old_version":"8.1.4","new_version":"8.8.5","repository_url":"https://github.com/google/zx"}],"path":"/tokens/transfer-tokens/anchor","ecosystem":"npm"},"body":"Bumps [zx](https://github.com/google/zx) from 8.1.4 to 8.8.5.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.1.4...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zx\u0026package-manager=npm_and_yarn\u0026previous-version=8.1.4\u0026new-version=8.8.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Dct555/program-examples/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Dct555/program-examples/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Dct555%2Fprogram-examples/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"8.1.9","new_version":"8.8.5","update_type":"minor","path":null,"pr_created_at":"2026-05-21T23:11:05.000Z","version_change":"8.1.9 → 8.8.5","issue":{"uuid":"4498497890","node_id":"PR_kwDORDqexM7eItDc","number":20,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-21T23:13:47.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-21T23:11:05.000Z","updated_at":"2026-05-21T23:13:49.000Z","time_to_close":162,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":4,"packages":[{"name":"zx","old_version":"8.1.9","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"js-yaml","old_version":"3.14.1","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"qs","old_version":"6.13.0","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 4 updates in the / directory: [zx](https://github.com/google/zx), [js-yaml](https://github.com/nodeca/js-yaml), [qs](https://github.com/ljharb/qs) and [tmp](https://github.com/raszi/node-tmp).\n\nUpdates `zx` from 8.1.9 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.1.9...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ereplacer\u003c/code\u003e option (similar to option in JSON.stringify), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/339\"\u003e#339\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom \u003ccode\u003eTag\u003c/code\u003e can now handle all tags or multiple tags with the same prefix, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/385\"\u003e#385\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2cef47bebf60da141b78b085f3dea3b5733dcc12\"\u003e\u003ccode\u003e2cef47b\u003c/code\u003e\u003c/a\u003e 4.1.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/810b149ce2d475109722474d91118f0671b15e20\"\u003e\u003ccode\u003e810b149\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2b5620ed8f03ba0df319fe7710f6d7fd44811742\"\u003e\u003ccode\u003e2b5620e\u003c/code\u003e\u003c/a\u003e Export built-in types, type override now preserves order\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.13.0 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.13.0...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `tmp`\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Dnysus/serverless-plugin-split-stacks/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Dnysus/serverless-plugin-split-stacks/pull/20","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Dnysus%2Fserverless-plugin-split-stacks/issues/20","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/20/packages"}},{"old_version":"8.1.4","new_version":"8.8.5","update_type":"minor","path":null,"pr_created_at":"2026-04-15T05:26:14.000Z","version_change":"8.1.4 → 8.8.5","issue":{"uuid":"4266474399","node_id":"PR_kwDOMWsmts7ShgIq","number":37,"state":"open","title":"chore: bump the npm_and_yarn group across 2 directories with 6 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-15T05:26:14.000Z","updated_at":"2026-04-15T05:26:42.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore: bump","group_name":"npm_and_yarn","update_count":6,"packages":[{"name":"tsup","old_version":"8.2.3","new_version":"8.3.5","repository_url":"https://github.com/egoist/tsup"},{"name":"vite","old_version":"5.3.5","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"undici","old_version":"6.19.4","new_version":"6.24.0","repository_url":"https://github.com/nodejs/undici"},{"name":"zx","old_version":"8.1.4","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"nanoid","old_version":"3.3.7","new_version":"3.3.11"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2"},{"name":"vite","old_version":"5.3.5","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 4 updates in the / directory: [tsup](https://github.com/egoist/tsup), [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite), [undici](https://github.com/nodejs/undici) and [zx](https://github.com/google/zx).\nBumps the npm_and_yarn group with 1 update in the /examples/react-app directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).\n\nUpdates `tsup` from 8.2.3 to 8.3.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/egoist/tsup/releases\"\u003etsup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.3.5\u003c/h2\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRun \u003ccode\u003eexperimentalDts\u003c/code\u003e only once  -  by \u003ca href=\"https://github.com/aryaemami59\"\u003e\u003ccode\u003e@​aryaemami59\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1236\"\u003eegoist/tsup#1236\u003c/a\u003e \u003ca href=\"https://github.com/egoist/tsup/commit/fddd451\"\u003e\u003c!-- raw HTML omitted --\u003e(fddd4)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/egoist/tsup/compare/v8.3.4...v8.3.5\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev8.3.4\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003eNo significant changes\u003c/em\u003e\u003c/p\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/egoist/tsup/compare/v8.3.3...v8.3.4\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev8.3.3\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003eNo significant changes\u003c/em\u003e\u003c/p\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/egoist/tsup/compare/v8.3.2...v8.3.3\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev8.3.1\u003c/h2\u003e\n\u003ch3\u003e   🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003ees2024\u003c/code\u003e target  -  by \u003ca href=\"https://github.com/sxzz\"\u003e\u003ccode\u003e@​sxzz\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/egoist/tsup/commit/4c8cd7f\"\u003e\u003c!-- raw HTML omitted --\u003e(4c8cd)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e   🐞 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport TS 5.6 for svelte  -  by \u003ca href=\"https://github.com/sxzz\"\u003e\u003ccode\u003e@​sxzz\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/egoist/tsup/commit/28b9ce9\"\u003e\u003c!-- raw HTML omitted --\u003e(28b9c)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eneutral\u003c/code\u003e value to platform options in \u003ccode\u003eschema.json\u003c/code\u003e  -  by \u003ca href=\"https://github.com/venables\"\u003e\u003ccode\u003e@​venables\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/egoist/tsup/issues/982\"\u003eegoist/tsup#982\u003c/a\u003e \u003ca href=\"https://github.com/egoist/tsup/commit/a03db4c\"\u003e\u003c!-- raw HTML omitted --\u003e(a03db)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWider restriction for \u003ccode\u003etarget\u003c/code\u003e option  -  by \u003ca href=\"https://github.com/odanado\"\u003e\u003ccode\u003e@​odanado\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1118\"\u003eegoist/tsup#1118\u003c/a\u003e \u003ca href=\"https://github.com/egoist/tsup/commit/1979b06\"\u003e\u003c!-- raw HTML omitted --\u003e(1979b)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eterser\u003c/code\u003e value to \u003ccode\u003eminify\u003c/code\u003e option in \u003ccode\u003eschema.json\u003c/code\u003e  -  by \u003ca href=\"https://github.com/damienbutt\"\u003e\u003ccode\u003e@​damienbutt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/egoist/tsup/issues/991\"\u003eegoist/tsup#991\u003c/a\u003e \u003ca href=\"https://github.com/egoist/tsup/commit/34951bf\"\u003e\u003c!-- raw HTML omitted --\u003e(34951)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange \u003ccode\u003enewlineKind\u003c/code\u003e to \u003ccode\u003elf\u003c/code\u003e for \u003ccode\u003eexperimentalDts\u003c/code\u003e  -  by \u003ca href=\"https://github.com/aryaemami59\"\u003e\u003ccode\u003e@​aryaemami59\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1234\"\u003eegoist/tsup#1234\u003c/a\u003e \u003ca href=\"https://github.com/egoist/tsup/commit/4584b89\"\u003e\u003c!-- raw HTML omitted --\u003e(4584b)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnable rollup \u003ccode\u003eoutput.compact\u003c/code\u003e when minify is enabled  -  by \u003ca href=\"https://github.com/hyrious\"\u003e\u003ccode\u003e@​hyrious\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1232\"\u003eegoist/tsup#1232\u003c/a\u003e \u003ca href=\"https://github.com/egoist/tsup/commit/9cc86d6\"\u003e\u003c!-- raw HTML omitted --\u003e(9cc86)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNode16\u003c/code\u003e and \u003ccode\u003eNodeNext\u003c/code\u003e module resolution in \u003ccode\u003eexperimentalDts\u003c/code\u003e  -  by \u003ca href=\"https://github.com/aryaemami59\"\u003e\u003ccode\u003e@​aryaemami59\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1225\"\u003eegoist/tsup#1225\u003c/a\u003e \u003ca href=\"https://github.com/egoist/tsup/commit/41c98ff\"\u003e\u003c!-- raw HTML omitted --\u003e(41c98)\u003c!-- raw HTML omitted --\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003e    \u003ca href=\"https://github.com/egoist/tsup/compare/v8.3.0...v8.3.1\"\u003eView changes on GitHub\u003c/a\u003e\u003c/h5\u003e\n\u003ch2\u003ev8.3.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/egoist/tsup/compare/v8.2.4...v8.3.0\"\u003e8.3.0\u003c/a\u003e (2024-09-17)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix \u003ccode\u003eexperimentalDts\u003c/code\u003e file cleaning and watching (\u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1199\"\u003e#1199\u003c/a\u003e) (\u003ca href=\"https://github.com/egoist/tsup/commit/76dc18b7036c408e6fc5254e3eeb3430f65c7866\"\u003e76dc18b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for \u003ccode\u003ects\u003c/code\u003e and \u003ccode\u003emts\u003c/code\u003e config files (\u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1178\"\u003e#1178\u003c/a\u003e) (\u003ca href=\"https://github.com/egoist/tsup/commit/ec811b3b7d22479c230292a024f1dee5d171b0ea\"\u003eec811b3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd support for async \u003ccode\u003einjectStyle\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1193\"\u003e#1193\u003c/a\u003e) (\u003ca href=\"https://github.com/egoist/tsup/commit/f25a9db77d22c91ea8f6bd1ed31ea8415d0a7d5d\"\u003ef25a9db\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.2.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/egoist/tsup/compare/v8.2.3...v8.2.4\"\u003e8.2.4\u003c/a\u003e (2024-08-02)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/cd03e1e00ec2bd6676ae1837cbc7e618ab6a2362\"\u003e\u003ccode\u003ecd03e1e\u003c/code\u003e\u003c/a\u003e chore: release v8.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/fddd451c3d63cd5f851a0e7ab091c0550e24f213\"\u003e\u003ccode\u003efddd451\u003c/code\u003e\u003c/a\u003e fix: run \u003ccode\u003eexperimentalDts\u003c/code\u003e only once (\u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1236\"\u003e#1236\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/21b119374880e9d9109c5d8658429678a1de8f45\"\u003e\u003ccode\u003e21b1193\u003c/code\u003e\u003c/a\u003e chore: release v8.3.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/580e03dc996107c4790c64df5b9ca6cebb4b7de9\"\u003e\u003ccode\u003e580e03d\u003c/code\u003e\u003c/a\u003e ci: fix release workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/01b38f295f6e1fa240676213817a9d315fdffd60\"\u003e\u003ccode\u003e01b38f2\u003c/code\u003e\u003c/a\u003e chore: release v8.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/4f5b71e42887a5147ee6d95d2d7f89f789887f0d\"\u003e\u003ccode\u003e4f5b71e\u003c/code\u003e\u003c/a\u003e ci: fix release workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/e80dad6889366941e015faadce05cbe2eeca3c17\"\u003e\u003ccode\u003ee80dad6\u003c/code\u003e\u003c/a\u003e chore: release v8.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/f4af79a1b890307a28d0d986a0c06dc92192c222\"\u003e\u003ccode\u003ef4af79a\u003c/code\u003e\u003c/a\u003e ci: fix release workflow (\u003ca href=\"https://redirect.github.com/egoist/tsup/issues/1241\"\u003e#1241\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/4b72d61a8e7a2e450e71ffe8806739f2e1122f54\"\u003e\u003ccode\u003e4b72d61\u003c/code\u003e\u003c/a\u003e chore: release v8.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/egoist/tsup/commit/41c98ff07aa03ef0e9d65407b20c9465acbf0d83\"\u003e\u003ccode\u003e41c98ff\u003c/code\u003e\u003c/a\u003e fix: support \u003ccode\u003eNode16\u003c/code\u003e and \u003ccode\u003eNodeNext\u003c/code\u003e module resolution in \u003ccode\u003eexperimentalDts\u003c/code\u003e (...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/egoist/tsup/compare/v8.2.3...v8.3.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 5.3.5 to 6.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.4.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.1/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.0/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.3.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.3.7/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.3.6\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.3.6/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.21\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.20\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/ca88ed7398288ce0c60176ac9a6392f10654c67c/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.2 (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003efe28e47\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22163\"\u003e#22163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003eca4da5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.1 (2025-10-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e1114b5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20968\"\u003e#20968\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20969\"\u003e#20969\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.4.0 (2025-10-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003eca6455e\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20932\"\u003e#20932\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.7 (2025-10-14)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003ec59a222\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20940\"\u003e#20940\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.6 (2025-09-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/0ab19ea9fcb66f544328f442cf6e70f7c0528d5f\"\u003e0ab19ea\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20736\"\u003e#20736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: upgrade sirv to 3.0.2 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20735\"\u003e#20735\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e11d24008b97d4ca731ecc1a3b95260a6d12e7e0\"\u003ee11d240\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20735\"\u003e#20735\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: detect ts support via \u003ccode\u003eprocess.features\u003c/code\u003e (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20544\"\u003e#20544\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/7d9922972b62329d37a71d4da5a4a382d0bf8a79\"\u003e7d99229\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20544\"\u003e#20544\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.5 (2025-05-05)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(ssr): handle uninitialized export access as undefined (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19959\"\u003e#19959\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fd38d076fe2455aac1e00a7b15cd51159bf12bb5\"\u003efd38d07\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19959\"\u003e#19959\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.4 (2025-04-30)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c22c43de612eebb6c182dd67850c24e4fab8cacb\"\u003ec22c43d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19965\"\u003e#19965\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(optimizer): return plain object when using \u003ccode\u003erequire\u003c/code\u003e to import externals in optimized dependenci (\u003ca href=\"https://github.com/vitejs/vite/commit/efc5eab253419fde0a6a48b8d2f233063d6a9643\"\u003eefc5eab\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19940\"\u003e#19940\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: remove duplicate plugin context type (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19935\"\u003e#19935\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/d6d01c2292fa4f9603e05b95d81c8724314c20e0\"\u003ed6d01c2\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19935\"\u003e#19935\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.3 (2025-04-24)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: ignore malformed uris in tranform middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19853\"\u003e#19853\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e4d520141bcd83ad61f16767348b4a813bf9340a\"\u003ee4d5201\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19853\"\u003e#19853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/6b3fad02abd550bd7b79934ff92c58dbd7f33045\"\u003e\u003ccode\u003e6b3fad0\u003c/code\u003e\u003c/a\u003e release: v6.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003e\u003ccode\u003eca4da5d\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003e\u003ccode\u003efe28e47\u003c/code\u003e\u003c/a\u003e fix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/5487f4f641f70c47ea05fd101a4319897df048b3\"\u003e\u003ccode\u003e5487f4f\u003c/code\u003e\u003c/a\u003e release: v6.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e\u003ccode\u003e1114b5d\u003c/code\u003e\u003c/a\u003e fix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f12697c0f64b9a37196b9ab218a0911829d5b103\"\u003e\u003ccode\u003ef12697c\u003c/code\u003e\u003c/a\u003e release: v6.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003e\u003ccode\u003eca6455e\u003c/code\u003e\u003c/a\u003e feat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/0e173d83681daa31be10fa8a62d56b1ec84690af\"\u003e\u003ccode\u003e0e173d8\u003c/code\u003e\u003c/a\u003e release: v6.3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003e\u003ccode\u003ec59a222\u003c/code\u003e\u003c/a\u003e fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/3f337c5e24504e51188d29c970de1416ee523dbb\"\u003e\u003ccode\u003e3f337c5\u003c/code\u003e\u003c/a\u003e release: v6.3.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v6.4.2/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for vite since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `undici` from 6.19.4 to 6.24.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodejs/undici/releases\"\u003eundici's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.24.0\u003c/h2\u003e\n\u003ch1\u003eUndici v6.24.0 Security Release Notes (LTS)\u003c/h1\u003e\n\u003cp\u003eThis release backports fixes for security vulnerabilities affecting the v6 line.\u003c/p\u003e\n\u003ch2\u003eUpgrade guidance\u003c/h2\u003e\n\u003cp\u003eAll users on v6 should upgrade to \u003cstrong\u003ev6.24.0\u003c/strong\u003e or later.\u003c/p\u003e\n\u003ch2\u003eFixed advisories\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm\"\u003eGHSA-2mjp-6q6p-2qxm\u003c/a\u003e / CVE-2026-1525 (Medium)\u003cbr /\u003e\nInconsistent interpretation of HTTP requests (request/response smuggling class issue).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj\"\u003eGHSA-f269-vfmq-vjvj\u003c/a\u003e / CVE-2026-1528 (High)\u003cbr /\u003e\nMalicious WebSocket 64-bit frame length handling could crash the client.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq\"\u003eGHSA-4992-7rv2-5pvq\u003c/a\u003e / CVE-2026-1527 (Medium)\u003cbr /\u003e\nCRLF injection via the \u003ccode\u003eupgrade\u003c/code\u003e option.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8\"\u003eGHSA-v9p9-hfj2-hcw8\u003c/a\u003e / CVE-2026-2229 (High)\u003cbr /\u003e\nUnhandled exception from invalid \u003ccode\u003eserver_max_window_bits\u003c/code\u003e in WebSocket permessage-deflate negotiation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q\"\u003eGHSA-vrm6-8vpv-qv8q\u003c/a\u003e / CVE-2026-1526 (High)\u003cbr /\u003e\nUnbounded memory consumption in WebSocket permessage-deflate decompression.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNot applicable to v6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h\"\u003eGHSA-phc3-fgpg-7m6h\u003c/a\u003e / CVE-2026-2581 affects \u003ccode\u003e\u0026gt;= 7.17.0 \u0026lt; 7.24.0\u003c/code\u003e only.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAffected and patched ranges (v6)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-1525: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1528: affected \u003ccode\u003e\u0026gt;= 6.0.0 \u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1527: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-2229: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1526: affected \u003ccode\u003e\u0026lt; 6.24.0\u003c/code\u003e, patched \u003ccode\u003e6.24.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eReferences\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub Security Advisories: \u003ca href=\"https://github.com/nodejs/undici/security/advisories\"\u003ehttps://github.com/nodejs/undici/security/advisories\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1525: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1525\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1528: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1528\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1527: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1527\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-2229: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-2229\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-2229\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1526: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1526\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1526\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.23.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/8873c947271faf1ebc455bdc6158ecbc022ecfa9\"\u003e\u003ccode\u003e8873c94\u003c/code\u003e\u003c/a\u003e Bumped v6.24.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/411bd01a42e7917009bbf686f7628b99d67bbce9\"\u003e\u003ccode\u003e411bd01\u003c/code\u003e\u003c/a\u003e test(websocket): use node:assert for Node 18 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/844bf59699d778944f78a24ae819c0e8f295766e\"\u003e\u003ccode\u003e844bf59\u003c/code\u003e\u003c/a\u003e test: fix http2 lint regressions in backport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/a444e4f13e8958b4e1ac42bc0d53ace7fba0a9c1\"\u003e\u003ccode\u003ea444e4f\u003c/code\u003e\u003c/a\u003e test: stabilize h2 and tls-cert-leak under current test runner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/dc032a1050d5489b8ce9b4c22aafba98a942f87b\"\u003e\u003ccode\u003edc032a1\u003c/code\u003e\u003c/a\u003e fix: h2 CI (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4395\"\u003e#4395\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/4cd3f4b3a2ef910ba728c47ae78294d956410450\"\u003e\u003ccode\u003e4cd3f4b\u003c/code\u003e\u003c/a\u003e test: increase bitness in \u003ccode\u003etest/fixtures/*.pem\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/3659\"\u003e#3659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/7df6442194b7a54e9ac734335e6e0a56a9bc6666\"\u003e\u003ccode\u003e7df6442\u003c/code\u003e\u003c/a\u003e fix: adapt websocket frame-limit handling for v6 parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/4e0179ae643e6f4380f24cc3683c1b1ca2afb094\"\u003e\u003ccode\u003e4e0179a\u003c/code\u003e\u003c/a\u003e fix: reject duplicate content-length and host headers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/5a97f0893b53ba7d1d5549d3df7e55d9c2673f89\"\u003e\u003ccode\u003e5a97f08\u003c/code\u003e\u003c/a\u003e Fix websocket 64-bit length overflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/e43e898603dd5e0c14a75b08b83257598d664a39\"\u003e\u003ccode\u003ee43e898\u003c/code\u003e\u003c/a\u003e fix: validate upgrade header to prevent CRLF injection\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodejs/undici/compare/v6.19.4...v6.24.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for undici since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 8.1.4 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.1.4...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nanoid` from 3.3.7 to 3.3.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ai/nanoid/releases\"\u003enanoid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.3.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed React Native support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed React Native support (by \u003ca href=\"https://github.com/steida\"\u003e\u003ccode\u003e@​steida\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced npm package size.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ai/nanoid/blob/main/CHANGELOG.md\"\u003enanoid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.3.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed React Native support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed React Native support (by \u003ca href=\"https://github.com/steida\"\u003e\u003ccode\u003e@​steida\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced npm package size.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.3.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a way to break Nano ID by passing non-integer size (by \u003ca href=\"https://github.com/myndzi\"\u003e\u003ccode\u003e@​myndzi\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/37289ceee51a3194a1f121a1e5d2bbb864076b74\"\u003e\u003ccode\u003e37289ce\u003c/code\u003e\u003c/a\u003e Release 3.3.11 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/23690b77719ec8043c2509d28c1d74b0e2295b75\"\u003e\u003ccode\u003e23690b7\u003c/code\u003e\u003c/a\u003e Fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/c147962de7f5da3311a0e731030a28f49c5266a3\"\u003e\u003ccode\u003ec147962\u003c/code\u003e\u003c/a\u003e Fix RN support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/a83734e28fa071f51fe3614a5fb891f08a4b91b2\"\u003e\u003ccode\u003ea83734e\u003c/code\u003e\u003c/a\u003e Move to manually ESM/CJS dual package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/bb12e8a6f9c37ebe0b5ff2c697b8f9dcf34c8948\"\u003e\u003ccode\u003ebb12e8a\u003c/code\u003e\u003c/a\u003e Release 3.3.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/8f44264cd724080447f40620974163f1daca4612\"\u003e\u003ccode\u003e8f44264\u003c/code\u003e\u003c/a\u003e Fix Expo support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/adf9b0c05eeeebbbf391c16bbd93da2fc275e235\"\u003e\u003ccode\u003eadf9b0c\u003c/code\u003e\u003c/a\u003e Release 3.3.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/1c6f08825b4f17c4462bd1c19dbc3f1c5626b76f\"\u003e\u003ccode\u003e1c6f088\u003c/code\u003e\u003c/a\u003e Remove dev file from npm package\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/3044cd5e73f4cf31795f61f6e6b961c8c0a5c744\"\u003e\u003ccode\u003e3044cd5\u003c/code\u003e\u003c/a\u003e Release 3.3.8 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ai/nanoid/commit/4fe34959c34e5b3573889ed4f24fe91d1d3e7231\"\u003e\u003ccode\u003e4fe3495\u003c/code\u003e\u003c/a\u003e Update size limit\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ai/nanoid/compare/3.3.7...3.3.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 5.3.5 to 6.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.4.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.1/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.0/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.3.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.3.7/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.3.6\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.3.6/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.21\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.20\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/ca88ed7398288ce0c60176ac9a6392f10654c67c/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.2 (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003efe28e47\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22163\"\u003e#22163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003eca4da5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.1 (2025-10-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e1114b5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20968\"\u003e#20968\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20969\"\u003e#20969\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.4.0 (2025-10-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003eca6455e\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20932\"\u003e#20932\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.7 (2025-10-14)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003ec59a222\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20940\"\u003e#20940\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.6 (2025-09-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/0ab19ea9fcb66f544328f442cf6e70f7c0528d5f\"\u003e0ab19ea\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20736\"\u003e#20736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: upgrade sirv to 3.0.2 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20735\"\u003e#20735\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e11d24008b97d4ca731ecc1a3b95260a6d12e7e0\"\u003ee11d240\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20735\"\u003e#20735\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: detect ts support via \u003ccode\u003eprocess.features\u003c/code\u003e (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20544\"\u003e#20544\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/7d9922972b62329d37a71d4da5a4a382d0bf8a79\"\u003e7d99229\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20544\"\u003e#20544\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.5 (2025-05-05)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(ssr): handle uninitialized export access as undefined (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19959\"\u003e#19959\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fd38d076fe2455aac1e00a7b15cd51159bf12bb5\"\u003efd38d07\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19959\"\u003e#19959\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.4 (2025-04-30)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c22c43de612eebb6c182dd67850c24e4fab8cacb\"\u003ec22c43d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19965\"\u003e#19965\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(optimizer): return plain object when using \u003ccode\u003erequire\u003c/code\u003e to import externals in optimized dependenci (\u003ca href=\"https://github.com/vitejs/vite/commit/efc5eab253419fde0a6a48b8d2f233063d6a9643\"\u003eefc5eab\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19940\"\u003e#19940\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: remove duplicate plugin context type (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19935\"\u003e#19935\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/d6d01c2292fa4f9603e05b95d81c8724314c20e0\"\u003ed6d01c2\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19935\"\u003e#19935\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.3 (2025-04-24)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: ignore malformed uris in tranform middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19853\"\u003e#19853\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e4d520141bcd83ad61f16767348b4a813bf9340a\"\u003ee4d5201\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19853\"\u003e#19853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/6b3fad02abd550bd7b79934ff92c58dbd7f33045\"\u003e\u003ccode\u003e6b3fad0\u003c/code\u003e\u003c/a\u003e release: v6.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003e\u003ccode\u003eca4da5d\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003e\u003ccode\u003efe28e47\u003c/code\u003e\u003c/a\u003e fix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/5487f4f641f70c47ea05fd101a4319897df048b3\"\u003e\u003ccode\u003e5487f4f\u003c/code\u003e\u003c/a\u003e release: v6.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e\u003ccode\u003e1114b5d\u003c/code\u003e\u003c/a\u003e fix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f12697c0f64b9a37196b9ab218a0911829d5b103\"\u003e\u003ccode\u003ef12697c\u003c/code\u003e\u003c/a\u003e release: v6.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003e\u003ccode\u003eca6455e\u003c/code\u003e\u003c/a\u003e feat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/0e173d83681daa31be10fa8a62d56b1ec84690af\"\u003e\u003ccode\u003e0e173d8\u003c/code\u003e\u003c/a\u003e release: v6.3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003e\u003ccode\u003ec59a222\u003c/code\u003e\u003c/a\u003e fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/3f337c5e24504e51188d29c970de1416ee523dbb\"\u003e\u003ccode\u003e3f337c5\u003c/code\u003e\u003c/a\u003e release: v6.3.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v6.4.2/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for vite since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/AKJUS/solana-web3.js/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/AKJUS/solana-web3.js/pull/37","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/AKJUS%2Fsolana-web3.js/issues/37","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/37/packages"}},{"old_version":"7.2.3","new_version":"7.2.4","update_type":"patch","path":null,"pr_created_at":"2026-04-13T16:03:58.000Z","version_change":"7.2.3 → 7.2.4","issue":{"uuid":"4256250952","node_id":"PR_kwDOPtqpys7SCdJ8","number":4,"state":"closed","title":"Bump the npm_and_yarn group across 3 directories with 26 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-16T23:55:57.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-13T16:03:58.000Z","updated_at":"2026-04-16T23:55:59.000Z","time_to_close":287519,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":26,"packages":[{"name":"ai","old_version":"5.0.28","new_version":"5.0.52","repository_url":"https://github.com/vercel/ai"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"next","old_version":"15.3.3","new_version":"15.5.15","repository_url":"https://github.com/vercel/next.js"},{"name":"glob","old_version":"11.0.2","new_version":"12.0.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"validator","old_version":"13.15.15","new_version":"13.15.22","repository_url":"https://github.com/validatorjs/validator.js"},{"name":"@modelcontextprotocol/sdk","old_version":"1.12.1","new_version":"1.29.0","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.2.2","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"bn.js","old_version":"4.12.2","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"brace-expansion","old_version":"1.1.12","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"4.0.3","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"immutable","old_version":"5.1.2","new_version":"5.1.5","repository_url":"https://github.com/immutable-js/immutable-js"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"mdast-util-to-hast","old_version":"13.2.0","new_version":"13.2.1","repository_url":"https://github.com/syntax-tree/mdast-util-to-hast"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"qs","old_version":"6.14.0","new_version":"6.15.1","repository_url":"https://github.com/ljharb/qs"},{"name":"rollup","old_version":"4.43.0","new_version":"4.60.1","repository_url":"https://github.com/rollup/rollup"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"3.0.9","new_version":"3.1.2","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.13","repository_url":"https://github.com/isaacs/node-tar"},{"name":"undici","old_version":"7.10.0","new_version":"7.25.0","repository_url":"https://github.com/nodejs/undici"},{"name":"zx","old_version":"7.2.3","new_version":"7.2.4","repository_url":"https://github.com/google/zx"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 25 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ai](https://github.com/vercel/ai) | `5.0.28` | `5.0.52` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [next](https://github.com/vercel/next.js) | `15.3.3` | `15.5.15` |\n| [glob](https://github.com/isaacs/node-glob) | `11.0.2` | `12.0.0` |\n| [validator](https://github.com/validatorjs/validator.js) | `13.15.15` | `13.15.22` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.12.1` | `1.29.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.2.2` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.2` | `4.12.3` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.14` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.3` | `4.0.5` |\n| [immutable](https://github.com/immutable-js/immutable-js) | `5.1.2` | `5.1.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) | `13.2.0` | `13.2.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.1` |\n| [rollup](https://github.com/rollup/rollup) | `4.43.0` | `4.60.1` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `3.0.9` | `3.1.2` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.13` |\n| [undici](https://github.com/nodejs/undici) | `7.10.0` | `7.25.0` |\n| [zx](https://github.com/google/zx) | `7.2.3` | `7.2.4` |\n\nBumps the npm_and_yarn group with 4 updates in the /apps/www directory: [ai](https://github.com/vercel/ai), [lodash](https://github.com/lodash/lodash), [next](https://github.com/vercel/next.js) and [glob](https://github.com/isaacs/node-glob).\nBumps the npm_and_yarn group with 8 updates in the /templates/plate-template directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [next](https://github.com/vercel/next.js) | `15.4.6` | `15.5.15` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.14` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.13` |\n\n\nUpdates `ai` from 5.0.28 to 5.0.52\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63d5f669098343a49173d788fe1490127e882bd1\"\u003e\u003ccode\u003e63d5f66\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8895\"\u003e#8895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/930399bb9839a8baf3d349614106d78268775eed\"\u003e\u003ccode\u003e930399b\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): download files when intermediate file cannot be downloaded...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7ca78f19a51859de09171daa3b0cefcc9df90a16\"\u003e\u003ccode\u003e7ca78f1\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/gateway): Add new Qwen models to Gateway model string...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1cfc209a5f9f281565538f2880f9c6278ca6bf04\"\u003e\u003ccode\u003e1cfc209\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): \u003ccode\u003eOpenAILanguageModelOptions\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8858\"\u003e#8858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/347b7ecce9953ae427e7fcf5b0441a63a3d44431\"\u003e\u003ccode\u003e347b7ec\u003c/code\u003e\u003c/a\u003e ci: rename \u003ccode\u003ev5.0\u003c/code\u003e branch to \u003ccode\u003erelease-v*\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/85909a9f6448c7e6eb52d780abcca4f96679e719\"\u003e\u003ccode\u003e85909a9\u003c/code\u003e\u003c/a\u003e Backport: chore(ai): update test message (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8875\"\u003e#8875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c56822dd81d5d70bcd5ef230a875f96a224849a4\"\u003e\u003ccode\u003ec56822d\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the `UIMessageChu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1461adf5841cc3f164482fdff72b66b4b22bf866\"\u003e\u003ccode\u003e1461adf\u003c/code\u003e\u003c/a\u003e Backport: chore(examples): remove redundant OpenAI reasoning examples (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8871\"\u003e#8871\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6bd07df02d9f954b389e44da128fc6d1358462d9\"\u003e\u003ccode\u003e6bd07df\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8853\"\u003e#8853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a45d61aa32f2f319254c5e660731085bcd30f273\"\u003e\u003ccode\u003ea45d61a\u003c/code\u003e\u003c/a\u003e ci(release): remove incorrect changeset bump for \u003ccode\u003e@ai-sdk/baseten\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/compare/ai@5.0.28...ai@5.0.52\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 15.3.3 to 15.5.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.15\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(next/image): add lru disk cache and images.maximumDiskCacheSize (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91660\"\u003e#91660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix(pages-router): restore Content-Length and ETag for /_next/data/ JSON responses (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/90304\"\u003e#90304\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/lllomh\"\u003e\u003ccode\u003e@​lllomh\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003ev15.5.13\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: patch http-proxy to prevent request smuggling in rewrites (See: \u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ggv3-7p47-pfv8\"\u003eCVE-2026-29057\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/ztanner\"\u003e\u003ccode\u003e@​ztanner\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/412eb90b6587ec02e8361c92efa9091487e7348f\"\u003e\u003ccode\u003e412eb90\u003c/code\u003e\u003c/a\u003e v15.5.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/cb90de98be409653f39ec602072740b38689a4e5\"\u003e\u003ccode\u003ecb90de9\u003c/code\u003e\u003c/a\u003e [15.x] Avoid consuming cyclic models multiple times (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/74\"\u003e#74\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fffef9ef3059a4883def5b847315fb6017668846\"\u003e\u003ccode\u003efffef9e\u003c/code\u003e\u003c/a\u003e Fix CI for glibc linux builds\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d7b012d787c01e0435f8cdf2a47211891668d13b\"\u003e\u003ccode\u003ed7b012d\u003c/code\u003e\u003c/a\u003e v15.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/2b0525123245da5b1b9d1abedc636c5fd3ee1d07\"\u003e\u003ccode\u003e2b05251\u003c/code\u003e\u003c/a\u003e [backport] feat(next/image): add lru disk cache and `images.maximumDiskCacheS...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/f88cee9604f0ec8ab869a2f94ced984194277b9e\"\u003e\u003ccode\u003ef88cee9\u003c/code\u003e\u003c/a\u003e Backport: Fix(pages-router): restore Content-Length and ETag for /_next/data/...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/cfd5f533b08df3038476dcd54f1d6d660d85f069\"\u003e\u003ccode\u003ecfd5f53\u003c/code\u003e\u003c/a\u003e v15.5.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/15f28911fd272041707dbf6b7c07d62642593be8\"\u003e\u003ccode\u003e15f2891\u003c/code\u003e\u003c/a\u003e [backport]: fix: patch http-proxy to prevent request smuggling in rewrites (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d23f41c42506005fe6978e076a1ccbf8979e4925\"\u003e\u003ccode\u003ed23f41c\u003c/code\u003e\u003c/a\u003e v15.5.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/8e75765a6544dc0e6b20aefeade7d33190ffcb7c\"\u003e\u003ccode\u003e8e75765\u003c/code\u003e\u003c/a\u003e fix unlock in publish-native\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v15.3.3...v15.5.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.2 to 12.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2b03ccaf9fc397b6054d639cd5fbe97104d36221\"\u003e\u003ccode\u003e2b03cca\u003c/code\u003e\u003c/a\u003e 12.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d56203dc19a4af5c8f8177a3b67e63a14a246458\"\u003e\u003ccode\u003ed56203d\u003c/code\u003e\u003c/a\u003e prettier config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bb521e5d188a8cbbe86d5cef3bf57a49fdee7c59\"\u003e\u003ccode\u003ebb521e5\u003c/code\u003e\u003c/a\u003e Remove --shell option where unsafe to use\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2551fb51440d402fa2120457bf460e546ee9964d\"\u003e\u003ccode\u003e2551fb5\u003c/code\u003e\u003c/a\u003e 11.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146\"\u003e\u003ccode\u003e47473c0\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bc33fe1c6a47abd497703d79ad96036e7891ff62\"\u003e\u003ccode\u003ebc33fe1\u003c/code\u003e\u003c/a\u003e skip tilde test on systems that lack tilde expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/59bf9ca211bda5636c4fe9e32d41530c90a4f30d\"\u003e\u003ccode\u003e59bf9ca\u003c/code\u003e\u003c/a\u003e fix notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/dde4fa66c87e24b37bb5be28ed10c6e12019edac\"\u003e\u003ccode\u003edde4fa6\u003c/code\u003e\u003c/a\u003e docs(README): add #anchor and improve \u003ccode\u003enote\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/0559b0ed13c0f8147cd2ac9d48bb49684caaf20e\"\u003e\u003ccode\u003e0559b0e\u003c/code\u003e\u003c/a\u003e docs: add better links to path-scurry docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c9773c249b4b9ed6b2447222c226f9d20c6ce916\"\u003e\u003ccode\u003ec9773c2\u003c/code\u003e\u003c/a\u003e fix: correct typos in \u003ccode\u003eREADME.md\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v11.0.2...v12.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `validator` from 13.15.15 to 13.15.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/releases\"\u003evalidator's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e13.15.22\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003evalidatorjs/validator.js#2622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e-- made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003evalidatorjs/validator.js#2616\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e13.15.20\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003evalidatorjs/validator.js#2563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003evalidatorjs/validator.js#2556\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003evalidatorjs/validator.js#2576\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003evalidatorjs/validator.js#2574\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003evalidatorjs/validator.js#2584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003evalidatorjs/validator.js#2581\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003evalidatorjs/validator.js#2608\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md\"\u003evalidator's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e13.15.22\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e13.15.20\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2b5c17dbe03f2ca9ad9122c597f81e86ce1a9a1\"\u003e\u003ccode\u003ef2b5c17\u003c/code\u003e\u003c/a\u003e maintenance: 2511 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2627\"\u003e#2627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/d457ecaf55b0f3d8bd379d82757425d0d13dd382\"\u003e\u003ccode\u003ed457eca\u003c/code\u003e\u003c/a\u003e fix(isLength): correctly handle Unicode variation selectors (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2616\"\u003e#2616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2e3633f22fd3016656789d100bc451d857e7488\"\u003e\u003ccode\u003ef2e3633\u003c/code\u003e\u003c/a\u003e docs: add install instructions to contibution guide (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2621\"\u003e#2621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cf401458b8733d981a3724d634c795a9d612b516\"\u003e\u003ccode\u003ecf40145\u003c/code\u003e\u003c/a\u003e fix: URL validation for hostnames with ports (no protocol) (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2622\"\u003e#2622\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/4af61243ba0ae93f29e7689040e188b5849ff1b0\"\u003e\u003ccode\u003e4af6124\u003c/code\u003e\u003c/a\u003e maintenance: 2510 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2585\"\u003e#2585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/30d4fe02c16d36ed471f12da658c4b5d843781e0\"\u003e\u003ccode\u003e30d4fe0\u003c/code\u003e\u003c/a\u003e 13.15.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cbef5088f02d36caf978f378bb845fe49bdc0809\"\u003e\u003ccode\u003ecbef508\u003c/code\u003e\u003c/a\u003e fix(isURL): improve protocol detection. Resolves CVE-2025-56200 (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2608\"\u003e#2608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/6f436be36945e460ee624bf72a935a06daded859\"\u003e\u003ccode\u003e6f436be\u003c/code\u003e\u003c/a\u003e Fix typo in validators.test.js (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2581\"\u003e#2581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/3c857088d58197453957a2b924dfedea328003b6\"\u003e\u003ccode\u003e3c85708\u003c/code\u003e\u003c/a\u003e Fix: correct French VAT (FR) validation regex and add tests (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2584\"\u003e#2584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/eee525cd117d24ac905b9432f3f5a27e96aa9719\"\u003e\u003ccode\u003eeee525c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2491\"\u003e#2491\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2573\"\u003e#2573\u003c/a\u003e Simplify isBase64 to prevent stack overflow (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2574\"\u003e#2574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~wikirik\"\u003ewikirik\u003c/a\u003e, a new releaser for validator since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.12.1 to 1.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e\u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.29.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: treat v1.x as primary branch for npm latest tag (backport \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1577\"\u003e#1577\u003c/a\u003e) by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1749\"\u003emodelcontextprotocol/typescript-sdk#1749\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] fix: disallow null (infinite) requested TTL by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1339\"\u003emodelcontextprotocol/typescript-sdk#1339\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] fix: add missing size field to ResourceSchema by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1575\"\u003emodelcontextprotocol/typescript-sdk#1575\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd typings exports by \u003ca href=\"https://github.com/tdraier\"\u003e\u003ccode\u003e@​tdraier\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1623\"\u003emodelcontextprotocol/typescript-sdk#1623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev1.x npm audit fix by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1780\"\u003emodelcontextprotocol/typescript-sdk#1780\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev1.x \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e follow up -add missing types to package.json by \u003ca href=\"https://github.com/KKonstantinov\"\u003e\u003ccode\u003e@​KKonstantinov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1773\"\u003emodelcontextprotocol/typescript-sdk#1773\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x backport] Allow servers / clients to advertise extensions in the capability object by \u003ca href=\"https://github.com/localden\"\u003e\u003ccode\u003e@​localden\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1811\"\u003emodelcontextprotocol/typescript-sdk#1811\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(stdio): always set windowsHide on Windows, not just in Electron by \u003ca href=\"https://github.com/jnMetaCode\"\u003e\u003ccode\u003e@​jnMetaCode\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1640\"\u003emodelcontextprotocol/typescript-sdk#1640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.29.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1820\"\u003emodelcontextprotocol/typescript-sdk#1820\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tdraier\"\u003e\u003ccode\u003e@​tdraier\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1623\"\u003emodelcontextprotocol/typescript-sdk#1623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jnMetaCode\"\u003e\u003ccode\u003e@​jnMetaCode\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1640\"\u003emodelcontextprotocol/typescript-sdk#1640\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.28.0...v1.29.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.28.0...v1.29.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.28.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: use scopes_supported from resource metadata by default (fixes \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/580\"\u003e#580\u003c/a\u003e) by \u003ca href=\"https://github.com/antogyn\"\u003e\u003ccode\u003e@​antogyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/757\"\u003emodelcontextprotocol/typescript-sdk#757\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x backport] Default to client_secret_basic when server omits token_endpoint_auth_methods_supported by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1611\"\u003emodelcontextprotocol/typescript-sdk#1611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: reject plain JSON Schema objects passed as inputSchema by \u003ca href=\"https://github.com/tiluckdave\"\u003e\u003ccode\u003e@​tiluckdave\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1596\"\u003emodelcontextprotocol/typescript-sdk#1596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: clear _timeoutInfo in _onclose() and scope .finally() abort controller cleanup by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1462\"\u003emodelcontextprotocol/typescript-sdk#1462\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server/auth): RFC 8252 loopback port relaxation by \u003ca href=\"https://github.com/poteat\"\u003e\u003ccode\u003e@​poteat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1738\"\u003emodelcontextprotocol/typescript-sdk#1738\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.28.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1746\"\u003emodelcontextprotocol/typescript-sdk#1746\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/antogyn\"\u003e\u003ccode\u003e@​antogyn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/757\"\u003emodelcontextprotocol/typescript-sdk#757\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tiluckdave\"\u003e\u003ccode\u003e@​tiluckdave\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1596\"\u003emodelcontextprotocol/typescript-sdk#1596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/poteat\"\u003e\u003ccode\u003e@​poteat\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1738\"\u003emodelcontextprotocol/typescript-sdk#1738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.1...v1.28.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.1...v1.28.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: implement auth/pre-registration conformance scenario by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1545\"\u003emodelcontextprotocol/typescript-sdk#1545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add governance documentation for SEP-1730 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1547\"\u003emodelcontextprotocol/typescript-sdk#1547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: comprehensive feature documentation for SEP-1730 Tier 1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1548\"\u003emodelcontextprotocol/typescript-sdk#1548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent command injection in example URL opening (v1.x backport) by \u003ca href=\"https://github.com/maxisbey\"\u003e\u003ccode\u003e@​maxisbey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1579\"\u003emodelcontextprotocol/typescript-sdk#1579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: call onerror for silently swallowed transport errors by \u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.27.1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1581\"\u003emodelcontextprotocol/typescript-sdk#1581\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/e12cbd7078db388152f6e839abdbe09ba01f3f32\"\u003e\u003ccode\u003ee12cbd7\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.29.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1820\"\u003e#1820\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/3913fd4443a86536155e3ebef9edd2045c372c1e\"\u003e\u003ccode\u003e3913fd4\u003c/code\u003e\u003c/a\u003e fix(stdio): always set windowsHide on Windows, not just in Electron (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1640\"\u003e#1640\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/5608e78dd0d4ca6cd7dd03278419578f1780365a\"\u003e\u003ccode\u003e5608e78\u003c/code\u003e\u003c/a\u003e [v1.x backport] Allow servers / clients to advertise extensions in the capabi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/7213816788e634ffb9d09affe50f0295093bfb73\"\u003e\u003ccode\u003e7213816\u003c/code\u003e\u003c/a\u003e v1.x \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e follow up -add missing types to package.json (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1773\"\u003e#1773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/364f38ca2d8895aed7c37b7a0a1031bb7ae4841c\"\u003e\u003ccode\u003e364f38c\u003c/code\u003e\u003c/a\u003e v1.x npm audit fix (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1780\"\u003e#1780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/c95cc0943b045517e4cc414baf1f168b216c3142\"\u003e\u003ccode\u003ec95cc09\u003c/code\u003e\u003c/a\u003e Add typings exports (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1623\"\u003e#1623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/ddadaa6cc633fb5db0c094bf031b15b68a357820\"\u003e\u003ccode\u003eddadaa6\u003c/code\u003e\u003c/a\u003e [v1.x] fix: add missing size field to ResourceSchema (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1575\"\u003e#1575\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/2a158513028d9f862c4188b6957e78cd5663f26b\"\u003e\u003ccode\u003e2a15851\u003c/code\u003e\u003c/a\u003e [v1.x] fix: disallow null (infinite) requested TTL (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1339\"\u003e#1339\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/13e30f1d36de8442417fec695983bdb155c00768\"\u003e\u003ccode\u003e13e30f1\u003c/code\u003e\u003c/a\u003e fix: treat v1.x as primary branch for npm latest tag (backport \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1577\"\u003e#1577\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1749\"\u003e#1749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/a0565695218544fc53e99bf5b544a887d373cefa\"\u003e\u003ccode\u003ea056569\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.28.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1746\"\u003e#1746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.12.1...v1.29.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~pcarleton\"\u003epcarleton\u003c/a\u003e, a new releaser for \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Improve control character rejection, fixes \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-6v7q-wjvx-w8wg\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Reject control character injection attempts using paths. See \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/e9d09d6815b300b73e1297cdcf91786a979ef212\"\u003e\u003ccode\u003ee9d09d6\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/20327d35126e57e5fdbaae79a4b65222fbadc53c\"\u003e\u003ccode\u003e20327d3\u003c/code\u003e\u003c/a\u003e Move prevention of control character injection to more central place\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/ba40f9d60e1ff7b63de5d5bb272ae317e5382689\"\u003e\u003ccode\u003eba40f9d\u003c/code\u003e\u003c/a\u003e Update dev dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/6b0008b7cf5ca0b81d31604d15a9ff0bcbf1a5db\"\u003e\u003ccode\u003e6b0008b\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/2ecc8e2c500c5234115f06fd1dbde1aa03d70f4b\"\u003e\u003ccode\u003e2ecc8e2\u003c/code\u003e\u003c/a\u003e Reject control character injection attempts using paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/515d21fee0b05be5ab934af5acb79d1d977e8026\"\u003e\u003ccode\u003e515d21f\u003c/code\u003e\u003c/a\u003e Update security policy and reporting instructions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9744254b56061159751aee1b86ddd0f2ecef32ce\"\u003e\u003ccode\u003e9744254\u003c/code\u003e\u003c/a\u003e Link to security advisory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5d41e45073ed1a8a3b5e5a1bbfcd131e61295bf8\"\u003e\u003ccode\u003e5d41e45\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/49c2e73ed1cae4962ae38b33ab93a3548c2f5622\"\u003e\u003ccode\u003e49c2e73\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/2a2a0e6514357b9eda07c2f8afbd3f04727a7cd9\"\u003e\u003ccode\u003e2a2a0e6\u003c/code\u003e\u003c/a\u003e Skip invalid filenames\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.2 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.2...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 2.2.0 to 2.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README links by \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: release notes for the v1.20.4 release by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/674\"\u003eexpressjs/body-parser#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update URL-encoded parser description to include ISO-8859-1 encoding support by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/679\"\u003eexpressjs/body-parser#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use standard jsdoc tags everywhere by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/677\"\u003eexpressjs/body-parser#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/689\"\u003eexpressjs/body-parser#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/693\"\u003eexpressjs/body-parser#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.2.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/691\"\u003eexpressjs/body-parser#691\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\"\u003ehttps://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-13466\"\u003eCVE-2025-13466\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/593\"\u003eexpressjs/body-parser#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/594\"\u003eexpressjs/body-parser#594\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: type-is@^2.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/599\"\u003eexpressjs/body-parser#599\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/609\"\u003eexpressjs/body-parser#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/610\"\u003eexpressjs/body-parser#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/611\"\u003eexpressjs/body-parser#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/613\"\u003eexpressjs/body-parser#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/612\"\u003eexpressjs/body-parser#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add codeql github workflows scanning by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/614\"\u003eexpressjs/body-parser#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update CodeQL config to ignore the test directory by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/615\"\u003eexpressjs/body-parser#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/620\"\u003eexpressjs/body-parser#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/619\"\u003eexpressjs/body-parser#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): unpin devDependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/616\"\u003eexpressjs/body-parser#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/621\"\u003eexpressjs/body-parser#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/623\"\u003eexpressjs/body-parser#623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/624\"\u003eexpressjs/body-parser#624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/617\"\u003eexpressjs/body-parser#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/625\"\u003eexpressjs/body-parser#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/630\"\u003eexpressjs/body-parser#630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: move common request validation to read function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/600\"\u003eexpressjs/body-parser#600\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump iconv-lite by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/631\"\u003eexpressjs/body-parser#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: pull beta changelog forward into 2.0.0 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/629\"\u003eexpressjs/body-parser#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: optimize raw and text parsers with shared passthrough function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/634\"\u003eexpressjs/body-parser#634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/640\"\u003eexpressjs/body-parser#640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/639\"\u003eexpressjs/body-parser#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/636\"\u003eexpressjs/body-parser#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/637\"\u003eexpressjs/body-parser#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/638\"\u003eexpressjs/body-parser#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: raw-body@^3.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/641\"\u003eexpressjs/body-parser#641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.2.2 / 2026-01-07\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@^6.14.1\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.1 / 2025-11-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.1\u003c/li\u003e\n\u003cli\u003eiconv-lite@^0.7.0\n\u003cul\u003e\n\u003cli\u003eHandle split surrogate pairs when encoding UTF-8\u003c/li\u003e\n\u003cli\u003eAvoid false positives in \u003ccode\u003eencodingExists\u003c/code\u003e by using prototype-less objects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eraw-body@^3.0.1\u003c/li\u003e\n\u003cli\u003edebug@^4.4.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/3d248660b2e8b66732b232d7c758517fbf2420a6\"\u003e\u003ccode\u003e3d24866\u003c/code\u003e\u003c/a\u003e 2.2.2 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/8474a984c3ba36a1b4328ce019833b99caa0f08f\"\u003e\u003ccode\u003e8474a98\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/693\"\u003e#693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/03f17c2538552a57e6be537afca8c7587bd40aaa\"\u003e\u003ccode\u003e03f17c2\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/689\"\u003e#689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ea1f25e503c1b2f7ba6f8562724ae0fcd247fb75\"\u003e\u003ccode\u003eea1f25e\u003c/code\u003e\u003c/a\u003e docs: use standard jsdoc tags everywhere (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d7deef8ec61307fa28c22bc443cf8ed2f267945a\"\u003e\u003ccode\u003ed7deef8\u003c/code\u003e\u003c/a\u003e docs: update URL-encoded parser description to include ISO-8859-1 encoding su...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b6f52aabc65137c5227c8a462bddb761daeb96e7\"\u003e\u003ccode\u003eb6f52aa\u003c/code\u003e\u003c/a\u003e docs: release notes for the v1.20.4 release (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2965ca4af4883109cb2f651f4ce12da310902a0c\"\u003e\u003ccode\u003e2965ca4\u003c/code\u003e\u003c/a\u003e docs: update links (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d96b63da8d7445de317736471633bac83ec76cbb\"\u003e\u003ccode\u003ed96b63d\u003c/code\u003e\u003c/a\u003e 2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/659\"\u003e#659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63\"\u003e\u003ccode\u003eb204886\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2025-13466\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/e20e3512e085c1162e8ffe36ac65c705a8017251\"\u003e\u003ccode\u003ee20e351\u003c/code\u003e\u003c/a\u003e feat: remove \u003ccode\u003ehistory.md\u003c/code\u003e from being packaged on publish (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.0...v2.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.12 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 4.0.2 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 4.0.2 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev4.0.3 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5\"\u003e\u003ccode\u003ef06f3e4\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75\"\u003e\u003ccode\u003e0179a48\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683\"\u003e\u003ccode\u003e4568cae\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a\"\u003e\u003ccode\u003e4de0ffa\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/u...\n\n_Description has been truncated_","html_url":"https://github.com/dporkka/plate/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dporkka%2Fplate/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"}},{"old_version":"8.7.0","new_version":"8.8.5","update_type":"minor","path":null,"pr_created_at":"2026-04-03T06:31:57.000Z","version_change":"8.7.0 → 8.8.5","issue":{"uuid":"4198704259","node_id":"PR_kwDOMB-e7s7PvLp-","number":49,"state":"open","title":"Bump the npm_and_yarn group across 17 directories with 22 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-03T06:31:57.000Z","updated_at":"2026-04-03T06:32:10.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":22,"packages":[{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"9.0.5","new_version":"9.0.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"9.0.3","new_version":"9.0.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"7.4.6","new_version":"7.4.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"5.1.6","new_version":"5.1.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"10.0.1","new_version":"10.2.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"webpack","old_version":"5.100.0","new_version":"5.105.4","repository_url":"https://github.com/webpack/webpack"},{"name":"zx","old_version":"8.7.0","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"@tootallnate/once","old_version":"3.0.0","new_version":"3.0.1","repository_url":"https://github.com/TooTallNate/once"},{"name":"brace-expansion","old_version":"1.1.12","new_version":"1.1.13","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"flatted","old_version":"3.3.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"playwright","old_version":"1.53.2","new_version":"1.59.1","repository_url":"https://github.com/microsoft/playwright"},{"name":"tar-fs","old_version":"2.1.3","new_version":"2.1.4","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tar-fs","old_version":"3.0.10","new_version":"3.1.2","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"svgo","old_version":"2.8.0","new_version":"2.8.2","repository_url":"https://github.com/svg/svgo"},{"name":"undici","old_version":"7.9.0","new_version":"7.24.7","repository_url":"https://github.com/nodejs/undici"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.3` | `9.0.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `7.4.6` | `7.4.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `10.0.1` | `10.2.5` |\n| [webpack](https://github.com/webpack/webpack) | `5.100.0` | `5.105.4` |\n| [zx](https://github.com/google/zx) | `8.7.0` | `8.8.5` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `3.0.0` | `3.0.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.13` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.1` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [playwright](https://github.com/microsoft/playwright) | `1.53.2` | `1.59.1` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.1.3` | `2.1.4` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `3.0.10` | `3.1.2` |\n| [svgo](https://github.com/svg/svgo) | `2.8.0` | `2.8.2` |\n| [undici](https://github.com/nodejs/undici) | `7.9.0` | `7.24.7` |\n\nBumps the npm_and_yarn group with 9 updates in the /build directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.13` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.2` | `2.0.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.0` | `2.3.2` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.1.3` | `2.1.4` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [jws](https://github.com/brianloveswords/node-jws) | `4.0.0` | `4.0.1` |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.8.10` | `0.8.12` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.0` | `5.5.10` |\n| [qs](https://github.com/ljharb/qs) | `6.13.0` | `6.15.0` |\n\nBumps the npm_and_yarn group with 4 updates in the /build/npm/gyp directory: [glob](https://github.com/isaacs/node-glob), [minimatch](https://github.com/isaacs/minimatch), [tar](https://github.com/isaacs/node-tar) and [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 1 update in the /extensions/css-language-features directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 2 updates in the /extensions/git directory: [picomatch](https://github.com/micromatch/picomatch) and [file-type](https://github.com/sindresorhus/file-type).\nBumps the npm_and_yarn group with 1 update in the /extensions/html-language-features directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 1 update in the /extensions/json-language-features directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 4 updates in the /extensions/markdown-language-features directory: [minimatch](https://github.com/isaacs/minimatch), [brace-expansion](https://github.com/juliangruber/brace-expansion), [picomatch](https://github.com/micromatch/picomatch) and [dompurify](https://github.com/cure53/DOMPurify).\nBumps the npm_and_yarn group with 1 update in the /extensions/microsoft-authentication directory: [jws](https://github.com/brianloveswords/node-jws).\nBumps the npm_and_yarn group with 1 update in the /extensions/notebook-renderers directory: [@tootallnate/once](https://github.com/TooTallNate/once).\nBumps the npm_and_yarn group with 4 updates in the /extensions/npm directory: [minimatch](https://github.com/isaacs/minimatch), [brace-expansion](https://github.com/juliangruber/brace-expansion), [js-yaml](https://github.com/nodeca/js-yaml) and [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 1 update in the /extensions/vscode-api-tests directory: [node-forge](https://github.com/digitalbazaar/forge).\nBumps the npm_and_yarn group with 4 updates in the /remote directory: [@tootallnate/once](https://github.com/TooTallNate/once), [picomatch](https://github.com/micromatch/picomatch), [tar-fs](https://github.com/mafintosh/tar-fs) and [undici](https://github.com/nodejs/undici).\nBumps the npm_and_yarn group with 3 updates in the /test/automation directory: [minimatch](https://github.com/isaacs/minimatch), [brace-expansion](https://github.com/juliangruber/brace-expansion) and [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 2 updates in the /test/integration/browser directory: [minimatch](https://github.com/isaacs/minimatch) and [brace-expansion](https://github.com/juliangruber/brace-expansion).\nBumps the npm_and_yarn group with 1 update in the /test/monaco directory: [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 2 updates in the /test/smoke directory: [minimatch](https://github.com/isaacs/minimatch) and [brace-expansion](https://github.com/juliangruber/brace-expansion).\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 9.0.5 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 9.0.3 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 7.4.6 to 7.4.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 5.1.6 to 5.1.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 10.0.1 to 10.2.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack` from 5.100.0 to 5.105.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/releases\"\u003ewebpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.105.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eModule.getSourceBasicTypes\u003c/code\u003e to distinguish basic source types and clarify how modules with non-basic source types like \u003ccode\u003eremote\u003c/code\u003e still produce JavaScript output. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20546\"\u003e#20546\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003ecreateRequire\u003c/code\u003e in expressions. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20549\"\u003e#20549\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed types for multi stats. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20556\"\u003e#20556\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove empty needless js output for normal css module. (by \u003ca href=\"https://github.com/JSerFeng\"\u003e\u003ccode\u003e@​JSerFeng\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20162\"\u003e#20162\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate \u003ccode\u003eenhanced-resolve\u003c/code\u003e to support new features for \u003ccode\u003etsconfig.json\u003c/code\u003e. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20555\"\u003e#20555\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNarrows export presence guard detection to explicit existence checks on namespace imports only, i.e. patterns like \u0026quot;x\u0026quot; in ns. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20561\"\u003e#20561\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.105.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eContext modules now handle rejections correctly. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20455\"\u003e#20455\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnly mark asset modules as side-effect-free when \u003ccode\u003eexperimental.futureDefaults\u003c/code\u003e is set to true, so asset-copying use cases (e.g. \u003ccode\u003eimport \u0026quot;./x.png\u0026quot;\u003c/code\u003e) won’t break unless the option is enabled. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20535\"\u003e#20535\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd the missing \u003cstrong\u003ewebpack_exports\u003c/strong\u003e declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20463\"\u003e#20463\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed HMR failure for CSS modules with \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e when exportType !== \u0026quot;link\u0026quot;. When exportType is not \u0026quot;link\u0026quot;, CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e CSS to work correctly during hot module replacement. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20514\"\u003e#20514\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20454\"\u003e#20454\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDo not crash when a referenced chunk is not a runtime chunk. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20461\"\u003e#20461\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some types. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20412\"\u003e#20412\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20510\"\u003e#20510\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded \u003ccode\u003ecreateRequire\u003c/code\u003e support for ECMA modules. (by \u003ca href=\"https://github.com/stefanbinoj\"\u003e\u003ccode\u003e@​stefanbinoj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20497\"\u003e#20497\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded category for CJS reexport dependency to fix issues with ECMA modules. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20444\"\u003e#20444\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImplement immutable bytes for \u003ccode\u003ebytes\u003c/code\u003e import attribute to match tc39 spec. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20481\"\u003e#20481\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed deterministic search for graph roots regardless of edge order. (by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20452\"\u003e#20452\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.105.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eWebpackPluginInstance\u003c/code\u003e type regression. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20440\"\u003e#20440\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.105.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/blob/main/CHANGELOG.md\"\u003ewebpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.105.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eModule.getSourceBasicTypes\u003c/code\u003e to distinguish basic source types and clarify how modules with non-basic source types like \u003ccode\u003eremote\u003c/code\u003e still produce JavaScript output. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20546\"\u003e#20546\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003ecreateRequire\u003c/code\u003e in expressions. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20549\"\u003e#20549\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed types for multi stats. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20556\"\u003e#20556\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove empty needless js output for normal css module. (by \u003ca href=\"https://github.com/JSerFeng\"\u003e\u003ccode\u003e@​JSerFeng\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20162\"\u003e#20162\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate \u003ccode\u003eenhanced-resolve\u003c/code\u003e to support new features for \u003ccode\u003etsconfig.json\u003c/code\u003e. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20555\"\u003e#20555\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNarrows export presence guard detection to explicit existence checks on namespace imports only, i.e. patterns like \u0026quot;x\u0026quot; in ns. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20561\"\u003e#20561\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.105.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eContext modules now handle rejections correctly. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20455\"\u003e#20455\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnly mark asset modules as side-effect-free when \u003ccode\u003eexperimental.futureDefaults\u003c/code\u003e is set to true, so asset-copying use cases (e.g. \u003ccode\u003eimport \u0026quot;./x.png\u0026quot;\u003c/code\u003e) won’t break unless the option is enabled. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20535\"\u003e#20535\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd the missing \u003cstrong\u003ewebpack_exports\u003c/strong\u003e declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20463\"\u003e#20463\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed HMR failure for CSS modules with \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e when exportType !== \u0026quot;link\u0026quot;. When exportType is not \u0026quot;link\u0026quot;, CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e CSS to work correctly during hot module replacement. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20514\"\u003e#20514\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20454\"\u003e#20454\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDo not crash when a referenced chunk is not a runtime chunk. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20461\"\u003e#20461\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some types. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20412\"\u003e#20412\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20510\"\u003e#20510\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded \u003ccode\u003ecreateRequire\u003c/code\u003e support for ECMA modules. (by \u003ca href=\"https://github.com/stefanbinoj\"\u003e\u003ccode\u003e@​stefanbinoj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20497\"\u003e#20497\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded category for CJS reexport dependency to fix issues with ECMA modules. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20444\"\u003e#20444\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImplement immutable bytes for \u003ccode\u003ebytes\u003c/code\u003e import attribute to match tc39 spec. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20481\"\u003e#20481\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed deterministic search for graph roots regardless of edge order. (by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20452\"\u003e#20452\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.105.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eWebpackPluginInstance\u003c/code\u003e type regression. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20440\"\u003e#20440\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/27c13b44c861908793f160f9f7413b32543c0522\"\u003e\u003ccode\u003e27c13b4\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20550\"\u003e#20550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/9b2f41ee98e01a9265c430d2c52fa6a9db0e177a\"\u003e\u003ccode\u003e9b2f41e\u003c/code\u003e\u003c/a\u003e chore: bump terser plugin (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20569\"\u003e#20569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/eafe0605b018dd4e19a46d45fb5d72442772aff1\"\u003e\u003ccode\u003eeafe060\u003c/code\u003e\u003c/a\u003e fix: narrow the export presence guard detection (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20561\"\u003e#20561\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/75d605cb57b23257ee88f99ada7938273ea3a1ff\"\u003e\u003ccode\u003e75d605c\u003c/code\u003e\u003c/a\u003e refactor: add AppendOnlyStackedSet iteration support and tests (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20560\"\u003e#20560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/afa607d0967f6b0259bfe9f62d99ef97db64bdac\"\u003e\u003ccode\u003eafa607d\u003c/code\u003e\u003c/a\u003e refactor: remove unused code (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20562\"\u003e#20562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/40989026fa542ceffa2821e5d25ae0d87c0bd09b\"\u003e\u003ccode\u003e4098902\u003c/code\u003e\u003c/a\u003e test: add source files for web-webworker and web-webworker-auto-public-path (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/f97be67fdd3c59acff2c0da7dd9f04835b037e4c\"\u003e\u003ccode\u003ef97be67\u003c/code\u003e\u003c/a\u003e refactor: fix duplicated word in Compilation JSDoc (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20547\"\u003e#20547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/9d76fff9f645d194c293f12dadf029173e9ed1d1\"\u003e\u003ccode\u003e9d76fff\u003c/code\u003e\u003c/a\u003e refactor: add Module.getSourceBasicTypes for basic JS type detection (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20546\"\u003e#20546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/a3d7839376784b2e44987b77f7d6bcc2ed3a0bdc\"\u003e\u003ccode\u003ea3d7839\u003c/code\u003e\u003c/a\u003e fix: types for multi stats (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20556\"\u003e#20556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/b8e9b057bebccf6268d9b348bc23b056c66a067b\"\u003e\u003ccode\u003eb8e9b05\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003eenhanced-resolve\u003c/code\u003e to support new features for \u003ccode\u003etsconfig.json\u003c/code\u003e (#...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpack/webpack/compare/v5.100.0...v5.105.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for webpack since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 8.7.0 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.7.0...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tootallnate/once` from 3.0.0 to 3.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/releases\"\u003e\u003ccode\u003e@​tootallnate/once\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e28dbc5d: Fix promise hang when \u003ccode\u003eAbortSignal\u003c/code\u003e is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/blob/master/CHANGELOG.md\"\u003e\u003ccode\u003e@​tootallnate/once\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e28dbc5d: Fix promise hang when \u003ccode\u003eAbortSignal\u003c/code\u003e is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b31c7623e18b128325a05da02aa0832ee289b893\"\u003e\u003ccode\u003eb31c762\u003c/code\u003e\u003c/a\u003e Fix publish?\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/d2f7407721c023426c1af0712dbd71a3ca91d899\"\u003e\u003ccode\u003ed2f7407\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/TooTallNate/once/issues/9\"\u003e#9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/081645cb260aa86a55e5bffad2f1b52155cee8ea\"\u003e\u003ccode\u003e081645c\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/f01fa45d958113c60f54bf7f83e460741d811a47\"\u003e\u003ccode\u003ef01fa45\u003c/code\u003e\u003c/a\u003e Fix Release job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/28dbc5d7f9342ddfb6014ca5f3dc4206048db9cb\"\u003e\u003ccode\u003e28dbc5d\u003c/code\u003e\u003c/a\u003e Add Changesets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/e66503b7f028a9fe7d22e2547d17cea71be05937\"\u003e\u003ccode\u003ee66503b\u003c/code\u003e\u003c/a\u003e Use pnpm in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/6ec8b43f617a6feeb78ab98a4eb999123b664d2b\"\u003e\u003ccode\u003e6ec8b43\u003c/code\u003e\u003c/a\u003e Fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b9f43cc5259bee2952d91ad3cdbd201a82df448a\"\u003e\u003ccode\u003eb9f43cc\u003c/code\u003e\u003c/a\u003e Fix promise hang when \u003ccode\u003eAbortSignal\u003c/code\u003e is aborted\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/a8c9dc3b7a241f992ebcde5b6b76ad5f97ce99af\"\u003e\u003ccode\u003ea8c9dc3\u003c/code\u003e\u003c/a\u003e Add pnpm-lock.yaml file\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/TooTallNate/once/compare/3.0.0...v3.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​tootallnate/once\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.12 to 1.1.13\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v1.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.1...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `playwright` from 1.53.2 to 1.59.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/playwright/releases\"\u003eplaywright's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.59.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e[Windows]\u003c/strong\u003e Reverted hiding console window when spawning browser processes, which caused regressions including broken \u003ccode\u003ecodegen\u003c/code\u003e, \u003ccode\u003e--ui\u003c/code\u003e and \u003ccode\u003eshow\u003c/code\u003e commands (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39990\"\u003e#39990\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.59.0\u003c/h2\u003e\n\u003ch2\u003e🎬 Screencast\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-page#page-screencast\"\u003epage.screencast\u003c/a\u003e API provides a unified interface for capturing page content with:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eScreencast recordings\u003c/li\u003e\n\u003cli\u003eAction annotations\u003c/li\u003e\n\u003cli\u003eVisual overlays\u003c/li\u003e\n\u003cli\u003eReal-time frame capture\u003c/li\u003e\n\u003cli\u003eAgentic video receipts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003cstrong\u003eScreencast recording\u003c/strong\u003e — record video with precise start/stop control, as an alternative to the \u003ca href=\"https://playwright.dev/docs/api/class-browser#browser-new-context-option-record-video\"\u003e\u003ccode\u003erecordVideo\u003c/code\u003e\u003c/a\u003e option:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait page.screencast.start({ path: 'video.webm' });\r\n// ... perform actions ...\r\nawait page.screencast.stop();\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cstrong\u003eAction annotations\u003c/strong\u003e — enable built-in visual annotations that highlight interacted elements and display action titles during recording:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait page.screencast.showActions({ position: 'top-right' });\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003ca href=\"https://playwright.dev/docs/api/class-screencast#screencast-show-actions\"\u003escreencast.showActions()\u003c/a\u003e accepts \u003ccode\u003eposition\u003c/code\u003e (\u003ccode\u003e'top-left'\u003c/code\u003e, \u003ccode\u003e'top'\u003c/code\u003e, \u003ccode\u003e'top-right'\u003c/code\u003e, \u003ccode\u003e'bottom-left'\u003c/code\u003e, \u003ccode\u003e'bottom'\u003c/code\u003e, \u003ccode\u003e'bottom-right'\u003c/code\u003e), \u003ccode\u003eduration\u003c/code\u003e (ms per annotation), and \u003ccode\u003efontSize\u003c/code\u003e (px). Returns a disposable to stop showing actions.\u003c/p\u003e\n\u003cp\u003eAction annotations can also be enabled in test fixtures via the \u003ccode\u003evideo\u003c/code\u003e option:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e// playwright.config.ts\r\nexport default defineConfig({\r\n  use: {\r\n    video: {\r\n      mode: 'on',\r\n      show: {\r\n        actions: { position: 'top-left' },\r\n        test: { position: 'top-right' },\r\n      },\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/d466ac5358cae058cdc75d2ae3ab3ad220042730\"\u003e\u003ccode\u003ed466ac5\u003c/code\u003e\u003c/a\u003e chore: mark v1.59.1 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40005\"\u003e#40005\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/530e7e5f0021730948605a5788790d353d9cf444\"\u003e\u003ccode\u003e530e7e5\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/4004\"\u003e#4004\u003c/a\u003e): fix(cli): kill-all should kill dashboard\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9aa216c8d7f866e8a8fa94ca55d86e81a8f4decb\"\u003e\u003ccode\u003e9aa216c\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39994\"\u003e#39994\u003c/a\u003e): Revert \u0026quot;fix(windows): hide console window when spawning ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/01b2b1533e0bfa1c582117e3ec109fcb57657747\"\u003e\u003ccode\u003e01b2b15\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39980\"\u003e#39980\u003c/a\u003e): chore: more release notes fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/a5cb6c9a2f52078de075413beb812e3180d195ba\"\u003e\u003ccode\u003ea5cb6c9\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39972\"\u003e#39972\u003c/a\u003e): chore: expose browser.bind and browser.unbind APIs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/99a17b58541798b03257c57a9e5589db2394f89e\"\u003e\u003ccode\u003e99a17b5\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39975\"\u003e#39975\u003c/a\u003e): chore: support opening .trace files via .link indirection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/43607c3b71d89445a6473708429eeecd6f571d6e\"\u003e\u003ccode\u003e43607c3\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39974\"\u003e#39974\u003c/a\u003e): chore(webkit): update Safari user-agent version to 26.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/62cabe19eb07e329086e5cb20441737cf51367d0\"\u003e\u003ccode\u003e62cabe1\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39969\"\u003e#39969\u003c/a\u003e): chore(npm): include all *.md from lib (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39970\"\u003e#39970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/0c65a759af337ba5143ebbe34afe4141482ce2d4\"\u003e\u003ccode\u003e0c65a75\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39968\"\u003e#39968\u003c/a\u003e): chore: screencast.showActions api\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/f04155b09034c21719162146d6016de9933a2dbe\"\u003e\u003ccode\u003ef04155b\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/39958\"\u003e#39958\u003c/a\u003e): chore: release notes for langs v1.59\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/playwright/compare/v1.53.2...v1.59.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for playwright since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar-fs` from 2.1.3 to 2.1.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/f421a235565b6a6d305bdf87e999ebdfae9dd1cc\"\u003e\u003ccode\u003ef421a23\u003c/code\u003e\u003c/a\u003e 2.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/c412fa130e216d4c01392f6fb62c8725c1a4ac8b\"\u003e\u003ccode\u003ec412fa1\u003c/code\u003e\u003c/a\u003e refactor to same pattern as v3\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mafintosh/tar-fs/compare/v2.1.3...v2.1.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar-fs` from 3.0.10 to 3.1.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/f421a235565b6a6d305bdf87e999ebdfae9dd1cc\"\u003e\u003ccode\u003ef421a23\u003c/code\u003e\u003c/a\u003e 2.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/c412fa130e216d4c01392f6fb62c8725c1a4ac8b\"\u003e\u003ccode\u003ec412fa1\u003c/code\u003e\u003c/a\u003e refactor to same pattern as v3\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mafintosh/tar-fs/compare/v2.1.3...v2.1.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `svgo` from 2.8.0 to 2.8.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/svg/svgo/releases\"\u003esvgo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.8.2\u003c/h2\u003e\n\u003cp\u003eThis is effectively just a re-release of SVGO v2.8.1, but with \u003ccode\u003e*.test.js\u003c/code\u003e files omitted. It seems something was wrong with the configuration in the v2.8.0 tag and I hadn't noticed it included a few extra files. :sweat_smile:\u003c/p\u003e\n\u003cp\u003eWe'll deprecate v2.8.1, and I'll include the change log here.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMigrates from our unsupported fork of sax (\u003ca href=\"https://www.npmjs.com/package/@trysound/sax\"\u003e\u003ccode\u003e@​trysound/sax\u003c/code\u003e\u003c/a\u003e) to the upstream version of sax (\u003ca href=\"https://www.npmjs.com/package/sax\"\u003esax\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNo longer throws error when encountering comments in DTD.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMetrics\u003c/h2\u003e\n\u003cp\u003eBefore and after of the browser bundle of each respective version:\u003c/p\u003e\n\u003ctable...\n\n_Description has been truncated_","html_url":"https://github.com/SherfeyInv/vscode/pull/49","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SherfeyInv%2Fvscode/issues/49","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/49/packages"}},{"old_version":"4.3.0","new_version":"8.8.5","update_type":"major","path":null,"pr_created_at":"2026-04-02T14:09:47.000Z","version_change":"4.3.0 → 8.8.5","issue":{"uuid":"4194868901","node_id":"PR_kwDOGZklnc7PkuKY","number":114,"state":"closed","title":"Bump the npm_and_yarn group across 3 directories with 20 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-03T06:20:33.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-02T14:09:47.000Z","updated_at":"2026-04-03T06:20:42.000Z","time_to_close":58246,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":20,"packages":[{"name":"rollup","old_version":"2.60.0","new_version":"2.80.0","repository_url":"https://github.com/rollup/rollup"},{"name":"vite","old_version":"2.9.17","new_version":"5.4.21","repository_url":"https://github.com/vitejs/vite"},{"name":"zx","old_version":"4.3.0","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"@angular/common","old_version":"13.1.2","new_version":"19.2.16","repository_url":"https://github.com/angular/angular"},{"name":"@angular/compiler","old_version":"13.1.2","new_version":"19.2.18","repository_url":"https://github.com/angular/angular"},{"name":"@angular/core","old_version":"13.1.2","new_version":"19.2.20","repository_url":"https://github.com/angular/angular"},{"name":"@babel/helpers","old_version":"7.16.7","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.13","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"express","old_version":"4.17.2","new_version":"4.22.1","repository_url":"https://github.com/expressjs/express"},{"name":"flatted","old_version":"3.2.4","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"handlebars","old_version":"4.7.7","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"http-proxy-middleware","old_version":"2.0.1","new_version":"2.0.9","repository_url":"https://github.com/chimurai/http-proxy-middleware"},{"name":"immutable","old_version":"4.0.0","new_version":"4.3.8","repository_url":"https://github.com/immutable-js/immutable-js"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"pug-code-gen","old_version":"3.0.2","new_version":"3.0.4","repository_url":"https://github.com/pugjs/pug"},{"name":"yaml","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 17 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [rollup](https://github.com/rollup/rollup) | `2.60.0` | `2.80.0` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `2.9.17` | `5.4.21` |\n| [zx](https://github.com/google/zx) | `4.3.0` | `8.8.5` |\n| [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common) | `13.1.2` | `19.2.16` |\n| [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) | `13.1.2` | `19.2.18` |\n| [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `13.1.2` | `19.2.20` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.16.7` | `7.29.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.13` |\n| [express](https://github.com/expressjs/express) | `4.17.2` | `4.22.1` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.4` | `3.4.2` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.7` | `4.7.9` |\n| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.1` | `2.0.9` |\n| [immutable](https://github.com/immutable-js/immutable-js) | `4.0.0` | `4.3.8` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [pug-code-gen](https://github.com/pugjs/pug) | `3.0.2` | `3.0.4` |\n| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |\n\nBumps the npm_and_yarn group with 3 updates in the /examples/angular directory: [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common), [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) and [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core).\nBumps the npm_and_yarn group with 3 updates in the /packages/widget-angular directory: [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common), [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) and [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core).\n\nUpdates `rollup` from 2.60.0 to 2.80.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/releases\"\u003erollup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev.2.79.2\u003c/h2\u003e\n\u003ch2\u003e2.79.2\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2024-09-26\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a vulnerability in generated code that affects IIFE, UMD and CJS bundles when run in a browser context (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/5671\"\u003e#5671\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/5671\"\u003e#5671\u003c/a\u003e: Fix DOM Clobbering CVE (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/blob/v2.80.0/CHANGELOG.md\"\u003erollup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.80.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6277\"\u003e#6277\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6277\"\u003e#6277\u003c/a\u003e: Validate bundle stays within output dir (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.79.2\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2024-09-26\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eResolve CVE-2024-43788 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/5677\"\u003e#5677\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/5677\"\u003e#5677\u003c/a\u003e: resolve DOM Clobbering CVE-2024-43788 (backport to v2) (\u003ca href=\"https://github.com/fabianszabo\"\u003e\u003ccode\u003e@​fabianszabo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.79.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2022-09-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid massive performance degradation when creating thousands of chunks (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4643\"\u003e#4643\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/4639\"\u003e#4639\u003c/a\u003e: fix: typo docs and contributors link in CONTRIBUTING.md (\u003ca href=\"https://github.com/takurinton\"\u003e\u003ccode\u003e@​takurinton\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/4641\"\u003e#4641\u003c/a\u003e: Update type definition of resolveId (\u003ca href=\"https://github.com/ivanjonas\"\u003e\u003ccode\u003e@​ivanjonas\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/4643\"\u003e#4643\u003c/a\u003e: Improve performance of chunk naming collision check (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.79.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2022-08-31\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eamd.forceJsExtensionForImports\u003c/code\u003e to enforce using \u003ccode\u003e.js\u003c/code\u003e extensions for relative AMD imports (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4607\"\u003e#4607\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/4607\"\u003e#4607\u003c/a\u003e: add option to keep extensions for amd (\u003ca href=\"https://github.com/wh1tevs\"\u003e\u003ccode\u003e@​wh1tevs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/d17ae15336a45c3c59b2a4aacac2b14186035d28\"\u003e\u003ccode\u003ed17ae15\u003c/code\u003e\u003c/a\u003e 2.80.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/d6dee5e99bb82aac0bee1df4ab9efbde455452c3\"\u003e\u003ccode\u003ed6dee5e\u003c/code\u003e\u003c/a\u003e Validate bundle stays within output dir (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6277\"\u003e#6277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/c9bd03d12e96c46122a0372d3bbe9b468cee57da\"\u003e\u003ccode\u003ec9bd03d\u003c/code\u003e\u003c/a\u003e 2.79.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/48aef33cf2f2a6dfb175afb3bcd6a977c81f1d5c\"\u003e\u003ccode\u003e48aef33\u003c/code\u003e\u003c/a\u003e fix: resolve DOM Clobbering CVE-2024-43788 (backport to v2) (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/5677\"\u003e#5677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/69ff4181e701a0fe0026d0ba147f31bc86beffa8\"\u003e\u003ccode\u003e69ff418\u003c/code\u003e\u003c/a\u003e 2.79.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/04dce1bc734c22924b02c3d57061710dcb6395e4\"\u003e\u003ccode\u003e04dce1b\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/159137e6425a97c126645110d19d0533643d5ee7\"\u003e\u003ccode\u003e159137e\u003c/code\u003e\u003c/a\u003e fix: typo docs and contributors link in CONTRIBUTING.md (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4639\"\u003e#4639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/e1392b3905de33dc432a5692f9a6ec60103ea2f6\"\u003e\u003ccode\u003ee1392b3\u003c/code\u003e\u003c/a\u003e Update type definition of resolveId (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4641\"\u003e#4641\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/7836357aaeb1fb103318bca3f0ee8beacdec0470\"\u003e\u003ccode\u003e7836357\u003c/code\u003e\u003c/a\u003e Improve performance of chunk naming collision check (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4643\"\u003e#4643\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/71d20c9d4a75b51b95c56df43ba1efd934158acb\"\u003e\u003ccode\u003e71d20c9\u003c/code\u003e\u003c/a\u003e Reduce permissions for repl-artefacts.yml workflow (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/4630\"\u003e#4630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rollup/rollup/compare/v2.60.0...v2.80.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 2.9.17 to 5.4.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.4.21\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.20\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/ca88ed7398288ce0c60176ac9a6392f10654c67c/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.21 (2025-10-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970\"\u003e#20970\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c\"\u003ecad1d31\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20968\"\u003e#20968\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20970\"\u003e#20970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update CHANGELOG (\u003ca href=\"https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c\"\u003eca88ed7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.20 (2025-09-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea\"\u003e482000f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20736\"\u003e#20736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: port sirv@3.0.2 changes to sirv@2.0.4 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20737\"\u003e#20737\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/4f1c35bcbb5830290c694aa14b6789e07450f069\"\u003e4f1c35b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20737\"\u003e#20737\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.19 (2025-04-30)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e, check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966\"\u003e#19966\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0\"\u003e766947e\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19965\"\u003e#19965\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19966\"\u003e#19966\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.18 (2025-04-10)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830\"\u003e#19830\u003c/a\u003e, reject requests with \u003ccode\u003e#\u003c/code\u003e in request-target (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831\"\u003e#19831\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f\"\u003e823675b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19830\"\u003e#19830\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19831\"\u003e#19831\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.17 (2025-04-03)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19782\"\u003e#19782\u003c/a\u003e, fs check with svg and relative paths (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19784\"\u003e#19784\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/84b2b46ed129be8215108e789a90adbb33a9c42c\"\u003e84b2b46\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19782\"\u003e#19782\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19784\"\u003e#19784\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.16 (2025-03-31)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19761\"\u003e#19761\u003c/a\u003e, fs check in transform middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19762\"\u003e#19762\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/b627c50d359f3bd9b602408fbbf462cf4a2f019c\"\u003eb627c50\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19761\"\u003e#19761\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19762\"\u003e#19762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.15 (2025-03-24)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19702\"\u003e#19702\u003c/a\u003e, fs raw query with query separators (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19703\"\u003e#19703\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/807d7f06d33ab49c48a2a3501da3eea1906c0d41\"\u003e807d7f0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19702\"\u003e#19702\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19703\"\u003e#19703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.14 (2025-01-21)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: \u003ccode\u003epreview.allowedHosts\u003c/code\u003e with specific values was not respected (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19246\"\u003e#19246\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/9df6e6beabf0d18988ec13b8b742d2aba29662f9\"\u003e9df6e6b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19246\"\u003e#19246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: allow CORS from loopback addresses by default (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19249\"\u003e#19249\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/7d1699ccf673e2790704756d89d2e1e4ee478fb4\"\u003e7d1699c\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19249\"\u003e#19249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/adce3c22c64cc9d44cc8f45cc92b543e3e4bf385\"\u003e\u003ccode\u003eadce3c2\u003c/code\u003e\u003c/a\u003e release: v5.4.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c\"\u003e\u003ccode\u003ecad1d31\u003c/code\u003e\u003c/a\u003e fix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970\"\u003e#20970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c\"\u003e\u003ccode\u003eca88ed7\u003c/code\u003e\u003c/a\u003e chore: update CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/997700f01c7199daf7330d33a7fd3a43b2e9e3ba\"\u003e\u003ccode\u003e997700f\u003c/code\u003e\u003c/a\u003e release: v5.4.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea\"\u003e\u003ccode\u003e482000f\u003c/code\u003e\u003c/a\u003e fix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/80a333a23103ced0442d4463d1191433d90f5e19\"\u003e\u003ccode\u003e80a333a\u003c/code\u003e\u003c/a\u003e release: v5.4.19\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0\"\u003e\u003ccode\u003e766947e\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e, check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966\"\u003e#19966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/731b77d19d36f5682a5441b49cb2f6473389ad99\"\u003e\u003ccode\u003e731b77d\u003c/code\u003e\u003c/a\u003e release: v5.4.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f\"\u003e\u003ccode\u003e823675b\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830\"\u003e#19830\u003c/a\u003e, reject requests with \u003ccode\u003e#\u003c/code\u003e in request-target (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831\"\u003e#19831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/0a2518a98d2354c61ee8ef51f7d00fa92aebb511\"\u003e\u003ccode\u003e0a2518a\u003c/code\u003e\u003c/a\u003e release: v5.4.17\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v5.4.21/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 4.3.0 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/4.3.0...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@angular/common` from 13.1.2 to 19.2.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e\u003ccode\u003e@​angular/common\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.16\u003c/h2\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003cimg src=\"https://img.shields.io/badge/05fe6686a9-fix-green\" alt=\"fix - 05fe6686a9\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.15\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/70d0639bc19e376af1a0491898f54a026d3227e2\"\u003e\u003cimg src=\"https://img.shields.io/badge/70d0639bc1-fix-green\" alt=\"fix - 70d0639bc1\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eintroduce \u003ccode\u003eBootstrapContext\u003c/code\u003e for improved server bootstrapping (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/63639\"\u003e#63639\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eThe server-side bootstrapping process has been changed to eliminate the reliance on a global platform injector.\u003c/p\u003e\n\u003cp\u003eBefore:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst bootstrap = () =\u0026gt; bootstrapApplication(AppComponent, config);\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAfter:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst bootstrap = (context: BootstrapContext) =\u0026gt;\r\n  bootstrapApplication(AppComponent, config, context);\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eA schematic is provided to automatically update \u003ccode\u003emain.server.ts\u003c/code\u003e files to pass the \u003ccode\u003eBootstrapContext\u003c/code\u003e to the \u003ccode\u003ebootstrapApplication\u003c/code\u003e call.\u003c/p\u003e\n\u003cp\u003eIn addition, \u003ccode\u003egetPlatform()\u003c/code\u003e and \u003ccode\u003edestroyPlatform()\u003c/code\u003e will now return \u003ccode\u003enull\u003c/code\u003e and be a no-op respectively when running in a server environment.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information please see: \u003ca href=\"https://github.com/angular/angular/security/advisories/GHSA-68x2-mx4q-78m7\"\u003ehttps://github.com/angular/angular/security/advisories/GHSA-68x2-mx4q-78m7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e18.2.14\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/9d1fb33f5eeadd9da48d0306463235e6d33f82b1\"\u003e\u003cimg src=\"https://img.shields.io/badge/9d1fb33f5e-fix-green\" alt=\"fix - 9d1fb33f5e\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eintroduce \u003ccode\u003eBootstrapContext\u003c/code\u003e for improved server bootstrapping (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/63640\"\u003e#63640\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eThe server-side bootstrapping process has been changed to eliminate the reliance on a global platform injector.\u003c/p\u003e\n\u003cp\u003eBefore:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst bootstrap = () =\u0026gt; bootstrapApplication(AppComponent, config);\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAfter:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst bootstrap = (context: BootstrapContext) =\u0026gt;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e\u003ccode\u003e@​angular/common\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e19.2.16 (2025-11-26)\u003c/h1\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e05fe6686a9\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e20.3.14 (2025-11-25)\u003c/h1\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f\"\u003e0276479e7d\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.0.1 (2025-11-25)\u003c/h1\u003e\n\u003ch3\u003ecompiler-cli\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/39c577bc362b263896b38c9486131d4342b8f1a8\"\u003e39c577bc36\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edo not type check native controls with ControlValueAccessor\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/8d3a89a477e273b9b2223b6db775955e35105963\"\u003e8d3a89a477\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eescape angular control flow in jsdoc\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/bc34083d349a7d30efb43df97de0509fd85a1996\"\u003ebc34083d34\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eignore non-existent files\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0ea1e071742a031d9afb7a39f8e23082cd88ca2e\"\u003e0ea1e07174\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eapply bootstrap-options migration to \u003ccode\u003eplatformBrowserDynamic\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/70507b8c1ce733b8232a12fa45037ee219b5b102\"\u003e70507b8c1c\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edebug data causing memory leak for root effects\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/a55482fca3b7e4f39d95f8ff236b6619e59b8190\"\u003ea55482fca3\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003enotify profiler events in case of errors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/49ad7c650818ee7db321a24c89282dbf9bb250f3\"\u003e49ad7c6508\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003euse injected \u003ccode\u003eDOCUMENT\u003c/code\u003e for \u003ccode\u003eCSP_NONCE\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1ec099315b0f429d0b0f07c9b1bf686668db6b\"\u003ecc1ec09931\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eperf\u003c/td\u003e\n\u003ctd\u003eavoid repeat searches for field directive\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eforms\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7d5c7cf99aa5c6490f8bea950b04bd56073582a1\"\u003e7d5c7cf99a\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efeat\u003c/td\u003e\n\u003ctd\u003eadd DI option for classes on \u003ccode\u003eField\u003c/code\u003e directive\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/8acf5d27563ec51cc76971732d50e1f4142a3fe3\"\u003e8acf5d2756\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow dynamic \u003ccode\u003etype\u003c/code\u003e bindings on signal form controls\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003ccode\u003e05fe668\u003c/code\u003e\u003c/a\u003e fix(http): prevent XSRF token leakage to protocol-relative URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/12e2302a0425f3a2b09cb00d743cbdb099a5eb31\"\u003e\u003ccode\u003e12e2302\u003c/code\u003e\u003c/a\u003e build: update common's locales to use rules_js (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61630\"\u003e#61630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/9701047b9f41175a498b8bb35563e2ed277b83e1\"\u003e\u003ccode\u003e9701047\u003c/code\u003e\u003c/a\u003e test(common): Add circular deps test to 19.2.x (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61651\"\u003e#61651\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/2c876b4fc5d89ce925b1403e239c7d162e39346b\"\u003e\u003ccode\u003e2c876b4\u003c/code\u003e\u003c/a\u003e fix(common): avoid injecting ApplicationRef in FetchBackend (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61649\"\u003e#61649\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/8e54b5773f8f74bdd2e2c0a4c89c84543c99b834\"\u003e\u003ccode\u003e8e54b57\u003c/code\u003e\u003c/a\u003e build: move private testing helpers outside \u003ccode\u003eplatform-browser/testing\u003c/code\u003e (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61571\"\u003e#61571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/2b1b14f4d3751b9b3c351ddc412ecdcb2aea4781\"\u003e\u003ccode\u003e2b1b14f\u003c/code\u003e\u003c/a\u003e fix(core): cleanup \u003ccode\u003erxResource\u003c/code\u003e abort listener (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/58306\"\u003e#58306\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/126efc9972e18806e71977d51a55f8ec2f0514d6\"\u003e\u003ccode\u003e126efc9\u003c/code\u003e\u003c/a\u003e fix(common): cancel reader when app is destroyed (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61528\"\u003e#61528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/efda8724535a8560a64b28cc2bf81df5931af686\"\u003e\u003ccode\u003eefda872\u003c/code\u003e\u003c/a\u003e fix(common): prevent reading chunks if app is destroyed (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61354\"\u003e#61354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/c43fd3a39c8d7b6ab23037a87456f6acfb4eb08f\"\u003e\u003ccode\u003ec43fd3a\u003c/code\u003e\u003c/a\u003e build: migrate common to use rules_js based toolchain (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61434\"\u003e#61434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/185b7801ee0eede67f0ca5a501833eb4f392098b\"\u003e\u003ccode\u003e185b780\u003c/code\u003e\u003c/a\u003e build: migrate \u003ccode\u003epackages/core/schematics\u003c/code\u003e to \u003ccode\u003ets_project\u003c/code\u003e (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61420\"\u003e#61420\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/19.2.16/packages/common\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@angular/compiler` from 13.1.2 to 19.2.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e\u003ccode\u003e@​angular/compiler\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.18\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003cimg src=\"https://img.shields.io/badge/26cdc53d9c-fix-green\" alt=\"fix - 26cdc53d9c\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.17\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003cimg src=\"https://img.shields.io/badge/7c42e2ebeb-fix-green\" alt=\"fix - 7c42e2ebeb\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.16\u003c/h2\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003cimg src=\"https://img.shields.io/badge/05fe6686a9-fix-green\" alt=\"fix - 05fe6686a9\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.15\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/70d0639bc19e376af1a0491898f54a026d3227e2\"\u003e\u003cimg src=\"https://img.shields.io/badge/70d0639bc1-fix-green\" alt=\"fix - 70d0639bc1\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eintroduce \u003ccode\u003eBootstrapContext\u003c/code\u003e for improved server bootstrapping (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/63639\"\u003e#63639\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eThe server-side bootstrapping process has been changed to eliminate the reliance on a global platform injector.\u003c/p\u003e\n\u003cp\u003eBefore:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst bootstrap = () =\u0026gt; bootstrapApplication(AppComponent, config);\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAfter:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst bootstrap = (context: BootstrapContext) =\u0026gt;\r\n  bootstrapApplication(AppComponent, config, context);\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eA schematic is provided to automatically update \u003ccode\u003emain.server.ts\u003c/code\u003e files to pass the \u003ccode\u003eBootstrapContext\u003c/code\u003e to the \u003ccode\u003ebootstrapApplication\u003c/code\u003e call.\u003c/p\u003e\n\u003cp\u003eIn addition, \u003ccode\u003egetPlatform()\u003c/code\u003e and \u003ccode\u003edestroyPlatform()\u003c/code\u003e will now return \u003ccode\u003enull\u003c/code\u003e and be a no-op respectively when running in a server environment.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information please see: \u003ca href=\"https://github.com/angular/angular/security/advisories/GHSA-68x2-mx4q-78m7\"\u003ehttps://github.com/angular/angular/security/advisories/GHSA-68x2-mx4q-78m7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e18.2.14\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/9d1fb33f5eeadd9da48d0306463235e6d33f82b1\"\u003e\u003cimg src=\"https://img.shields.io/badge/9d1fb33f5e-fix-green\" alt=\"fix - 9d1fb33f5e\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eintroduce \u003ccode\u003eBootstrapContext\u003c/code\u003e for improved server bootstrapping (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/63640\"\u003e#63640\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e\u003ccode\u003e@​angular/compiler\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e19.2.18 (2026-01-07)\u003c/h1\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e26cdc53d9c\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.0.7 (2026-01-07)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/8e808740c9311daa0f1c9bab8596ed5e54bdcc6a\"\u003e8e808740c9\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ebetter types for a few expression AST nodes\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/63b1cdcf70e6de448e8fa4ba1732d7bd7b5400d1\"\u003e63b1cdcf70\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eproduce accurate span for typeof and void expressions\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/3c3ae0cb64bb112d7167fd9b0bf7739f0c9e6a39\"\u003e3c3ae0cb64\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprovide location information for literal map keys\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/523dbaf1c3646ce27f1cf2e4cfc84c730fea8da9\"\u003e523dbaf1c3\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003estop ThisReceiver inheritance from ImplicitReceiver\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecompiler-cli\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/4d9c4567edfb8dd424a3336ef54ffdfc6ca7c15f\"\u003e4d9c4567ed\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eensure component import diagnostics are reported within the \u003ccode\u003eimports\u003c/code\u003e expression\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cd405685afbfad530de7fb841ad352d2b702a9a4\"\u003ecd405685af\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003efix up spelling of diagnostic\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/778460fccac13d8667bb53fa24ba977a930c0253\"\u003e778460fcca\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esupport qualified names in \u003ccode\u003etypeof\u003c/code\u003e type references\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c74674eb07491f808f79976e3e21787a841aefb\"\u003e7c74674eb0\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eavoid leaking view data in animations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0edbee4550e85b933e9bd2ba3c5511ef6fbf7304\"\u003e0edbee4550\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eexplicitly cast signal node value to String\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/f9c29572d28feef878c73edad562b3a6451825a6\"\u003ef9c29572d2\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eforms\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/e3fba182f90a2673040cf267a970c54c07d4840f\"\u003ee3fba182f9\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efeat\u003c/td\u003e\n\u003ctd\u003eadd \u003ccode\u003e[formField]\u003c/code\u003e directive\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/561772b152458e1d91d4bf3ef45d9645a731f2b1\"\u003e561772b152\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow custom controls to require \u003ccode\u003edirty\u003c/code\u003e input\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/f0fb1d8581671ca499bcb4790b0549825eb36a91\"\u003ef0fb1d8581\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow custom controls to require \u003ccode\u003ehidden\u003c/code\u003e input\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ec110f170bbba95f023c8ae0e4429c35bfedc572\"\u003eec110f170b\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow custom controls to require \u003ccode\u003epending\u003c/code\u003e input\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ae1dc16bb0d30b6e87b0f98b7989e6685d856e31\"\u003eae1dc16bb0\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eclean up abort listener after timeout\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/9748b0d5da6ffb1fd2498b23cc452240f46e0549\"\u003e9748b0d5da\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esupport custom controls with non signal-based models\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/6bd22df987e433a9e3cb759e35eb6403991cf4b7\"\u003e6bd22df987\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eSupport readonly arrays in signal forms\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003erouter\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/41cd4a6af800cf7807c46862c99ae036457d8fa7\"\u003e41cd4a6af8\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eFix RouterLink href not updating with \u003ccode\u003equeryParamsHandling\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5e9e09aee0c08901d2a4d48b60bd13692c73e76e\"\u003e5e9e09aee0\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ehandle errors from view transition \u003ccode\u003eupdateCallbackDone\u003c/code\u003e promise\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.0.6 (2025-12-17)\u003c/h1\u003e\n\u003ch2\u003eBreaking Changes (affecting only experimental features)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003ccode\u003e26cdc53\u003c/code\u003e\u003c/a\u003e fix(core): sanitize sensitive attributes on SVG script elements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003ccode\u003e7c42e2e\u003c/code\u003e\u003c/a\u003e fix(compiler): prevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/24bab55f0c89c4fe6037780fd7b2e8c8aa5429b2\"\u003e\u003ccode\u003e24bab55\u003c/code\u003e\u003c/a\u003e fix(compiler): lexer support for template literals in object literals (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61601\"\u003e#61601\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/fc2483e7e96f8a26293f6862cbd27417b4e40809\"\u003e\u003ccode\u003efc2483e\u003c/code\u003e\u003c/a\u003e refactor(compiler): avoid duplication between \u003ccode\u003eFactoryTarget\u003c/code\u003e type (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61571\"\u003e#61571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/8e54b5773f8f74bdd2e2c0a4c89c84543c99b834\"\u003e\u003ccode\u003e8e54b57\u003c/code\u003e\u003c/a\u003e build: move private testing helpers outside \u003ccode\u003eplatform-browser/testing\u003c/code\u003e (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61571\"\u003e#61571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/44bb328eaea028524206d0d2b9f12702c9bf3861\"\u003e\u003ccode\u003e44bb328\u003c/code\u003e\u003c/a\u003e fix(compiler): avoid conflicts between HMR code and local symbols (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61550\"\u003e#61550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/1007079aeea013291900109c86fab36c9cac50c4\"\u003e\u003ccode\u003e1007079\u003c/code\u003e\u003c/a\u003e build: update compiler-cli to not be stamped when used for the compiler in ng...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/0d025c5013292fdba65d91982ae8aaee61583d57\"\u003e\u003ccode\u003e0d025c5\u003c/code\u003e\u003c/a\u003e build: support new \u003ccode\u003eng_project\u003c/code\u003e rule (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61336\"\u003e#61336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/899cb4ab49e284185f2093f2b48f1adba8cb3d47\"\u003e\u003ccode\u003e899cb4a\u003c/code\u003e\u003c/a\u003e refactor: add explicit types for exports relying on inferred call return type...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/1312eb1600648c94a0063667c2095165462f27ef\"\u003e\u003ccode\u003e1312eb1\u003c/code\u003e\u003c/a\u003e build: remove irrelevant madge circular deps tests (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61209\"\u003e#61209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/v19.2.18/packages/compiler\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@angular/core` from 13.1.2 to 19.2.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e\u003ccode\u003e@​angular/core\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.20\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5be912eb55fe88e8621e2ce82470d51b7d950ceb\"\u003e\u003cimg src=\"https://img.shields.io/badge/5be912eb55-fix-green\" alt=\"fix - 5be912eb55\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b89b0a83a4d21bbb6f8534bbf56aece12af24595\"\u003e\u003cimg src=\"https://img.shields.io/badge/b89b0a83a4-fix-green\" alt=\"fix - b89b0a83a4\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize translated attribute bindings with interpolations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/621c7071adffbe5dd45a5c954b6b6138e0870844\"\u003e\u003cimg src=\"https://img.shields.io/badge/621c7071ad-fix-green\" alt=\"fix - 621c7071ad\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.19\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/747548721d051c21e388a302d20d53fb3ab16367\"\u003e\u003cimg src=\"https://img.shields.io/badge/747548721d-fix-green\" alt=\"fix - 747548721d\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eblock creation of sensitive URI attributes from ICU messages\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAngular now only applies known attributes from HTML in translated ICU content. Unknown attributes are dropped and not rendered.\u003c/p\u003e\n\u003cp\u003e(cherry picked from commit 03da204b6daa5e4583e0d0968c2107390bbd8235)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.18\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003cimg src=\"https://img.shields.io/badge/26cdc53d9c-fix-green\" alt=\"fix - 26cdc53d9c\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.17\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003cimg src=\"https://img.shields.io/badge/7c42e2ebeb-fix-green\" alt=\"fix - 7c42e2ebeb\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.16\u003c/h2\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003cimg src=\"https://img.shields.io/badge/05fe6686a9-fix-green\" alt=\"fix - 05fe6686a9\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.15\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/70d0639bc19e376af1a0491898f54a026d3227e2\"\u003e\u003cimg src=\"https://img.shields.io/badge/70d0639bc1-fix-green\" alt=\"fix - 70d0639bc1\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eintroduce \u003ccode\u003eBootstrapContext\u003c/code\u003e for improved server bootstrapping (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/63639\"\u003e#63639\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eThe server-side bootstrapping process has been changed to eliminate the reliance on a global platform injector.\u003c/p\u003e\n\u003cp\u003eBefore:\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e\u003ccode\u003e@​angular/core\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e19.2.20 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5be912eb55fe88e8621e2ce82470d51b7d950ceb\"\u003e5be912eb55\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b89b0a83a4d21bbb6f8534bbf56aece12af24595\"\u003eb89b0a83a4\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated attribute bindings with interpolations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/621c7071adffbe5dd45a5c954b6b6138e0870844\"\u003e621c7071ad\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e20.3.18 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/02fbf08890ec6ac2efb6c2ec4f17e56497cb81d2\"\u003e02fbf08890\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/72126f9a08c185a9b93461bab67841c4e84c9b17\"\u003e72126f9a08\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated attribute bindings with interpolations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/626bc8bc20e485cad2094c4a5d9417fb9a71dda8\"\u003e626bc8bc20\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e22.0.0-next.3 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/78dea55351fb305b33a919c43a6b363137eca166\"\u003e78dea55351\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/999c14eaab981d12bf2b1d9b1fd6766157f7b1cc\"\u003e999c14eaab\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ereverts \u0026quot;feat(core): add support for nested animations\u0026quot;\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/de0eb4c6566011e1a34d529a273ec3d5b6bf17d5\"\u003ede0eb4c656\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.2.4 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ed2d324f9cc12aab6cfa0569ef10b73243a62c65\"\u003eed2d324f9c\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/621c7071adffbe5dd45a5c954b6b6138e0870844\"\u003e\u003ccode\u003e621c707\u003c/code\u003e\u003c/a\u003e fix(core): sanitize translated form attributes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/b89b0a83a4d21bbb6f8534bbf56aece12af24595\"\u003e\u003ccode\u003eb89b0a8\u003c/code\u003e\u003c/a\u003e fix(core): sanitize translated attribute bindings with interpolations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/747548721d051c21e388a302d20d53fb3ab16367\"\u003e\u003ccode\u003e7475487\u003c/code\u003e\u003c/a\u003e fix(core): block creation of sensitive URI attributes from ICU messages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003ccode\u003e26cdc53\u003c/code\u003e\u003c/a\u003e fix(core): sanitize sensitive attributes on SVG script elements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003ccode\u003e7c42e2e\u003c/code\u003e\u003c/a\u003e fix(compiler): prevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/70d0639bc19e376af1a0491898f54a026d3227e2\"\u003e\u003ccode\u003e70d0639\u003c/code\u003e\u003c/a\u003e fix(core): introduce \u003ccode\u003eBootstrapContext\u003c/code\u003e for improved server bootstrapping (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/6\"\u003e#6\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/73d3e001d2a2fa3218d769c0834c12a762d86882\"\u003e\u003ccode\u003e73d3e00\u003c/code\u003e\u003c/a\u003e build: fix failing test (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/61683\"\u003e#61683\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/9e1cd4966202d89c7310ab84c50b2c4231a0213e\"\u003e\u003ccode\u003e9e1cd49\u003c/code\u003e\u003c/a\u003e fix(migrations): preserve comments when removing unused imports (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/61674\"\u003e#61674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/a6d5479cc75a91447daf3877d62b68a5740d3c74\"\u003e\u003ccode\u003ea6d5479\u003c/code\u003e\u003c/a\u003e build: migrate platform-server to rules_js (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/61619\"\u003e#61619\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/2a269449745c836e4b99215e36ea10fbe87e9e21\"\u003e\u003ccode\u003e2a26944\u003c/code\u003e\u003c/a\u003e build: migrate platform-browser and platform-browser-dynamic package to use r...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/v19.2.20/packages/core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/helpers` from 7.16.7 to 7.29.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e\u003ccode\u003e@​babel/helpers\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17789\"\u003e#17789\u003c/a\u003e [7.x backport] preset-env include/exclude should accept bugfix plugins (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17813\"\u003e#17813\u003c/a\u003e chore: update eslint peer deps (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.1 (2026-02-04)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17771\"\u003e#17771\u003c/a\u003e [7.x backport] fix: ensure \u003ccode\u003etargets.esmodules\u003c/code\u003e is validated (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17776\"\u003e#17776\u003c/a\u003e [7.x backport] Fix undefined when 64 indents (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.2/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.2 to 4.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh...\n\n_Description has been truncated_","html_url":"https://github.com/livechat/chat-widget-adapters/pull/114","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/livechat%2Fchat-widget-adapters/issues/114","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/114/packages"}},{"old_version":"8.7.0","new_version":"8.8.5","update_type":"minor","path":null,"pr_created_at":"2026-04-01T02:54:59.000Z","version_change":"8.7.0 → 8.8.5","issue":{"uuid":"4183691446","node_id":"PR_kwDOPqqgTc7PH-lH","number":2,"state":"closed","title":"Bump the npm_and_yarn group across 14 directories with 24 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-03T07:19:21.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-01T02:54:59.000Z","updated_at":"2026-04-03T07:19:23.000Z","time_to_close":188662,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":24,"packages":[{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"9.0.5","new_version":"9.0.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"9.0.3","new_version":"9.0.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"7.4.6","new_version":"7.4.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"5.1.6","new_version":"5.1.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"10.0.1","new_version":"10.2.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"webpack","old_version":"5.100.0","new_version":"5.105.4","repository_url":"https://github.com/webpack/webpack"},{"name":"zx","old_version":"8.7.0","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"@tootallnate/once","old_version":"3.0.0","new_version":"3.0.1","repository_url":"https://github.com/TooTallNate/once"},{"name":"brace-expansion","old_version":"1.1.12","new_version":"1.1.13","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"form-data","old_version":"4.0.0","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"braces","old_version":"2.3.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"flatted","old_version":"3.3.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"playwright","old_version":"1.53.2","new_version":"1.59.0","repository_url":"https://github.com/microsoft/playwright"},{"name":"tar-fs","old_version":"2.1.3","new_version":"2.1.4","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tar-fs","old_version":"3.0.10","new_version":"3.1.2","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"svgo","old_version":"2.8.0","new_version":"2.8.2","repository_url":"https://github.com/svg/svgo"},{"name":"undici","old_version":"7.9.0","new_version":"7.24.6","repository_url":"https://github.com/nodejs/undici"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 15 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.3` | `9.0.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `7.4.6` | `7.4.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `10.0.1` | `10.2.5` |\n| [webpack](https://github.com/webpack/webpack) | `5.100.0` | `5.105.4` |\n| [zx](https://github.com/google/zx) | `8.7.0` | `8.8.5` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `3.0.0` | `3.0.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.13` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.5` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [braces](https://github.com/micromatch/braces) | `2.3.2` | `3.0.3` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.1` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [playwright](https://github.com/microsoft/playwright) | `1.53.2` | `1.59.0` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.1.3` | `2.1.4` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `3.0.10` | `3.1.2` |\n| [svgo](https://github.com/svg/svgo) | `2.8.0` | `2.8.2` |\n| [undici](https://github.com/nodejs/undici) | `7.9.0` | `7.24.6` |\n\nBumps the npm_and_yarn group with 7 updates in the /build directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.13` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.2` | `2.0.3` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.0` | `2.3.2` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.1.3` | `2.1.4` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [jws](https://github.com/brianloveswords/node-jws) | `4.0.0` | `4.0.1` |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.8.10` | `0.8.12` |\n| [qs](https://github.com/ljharb/qs) | `6.13.0` | `6.15.0` |\n\nBumps the npm_and_yarn group with 1 update in the /extensions directory: [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 1 update in the /extensions/json-language-features directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 4 updates in the /extensions/markdown-language-features directory: [minimatch](https://github.com/isaacs/minimatch), [brace-expansion](https://github.com/juliangruber/brace-expansion), [picomatch](https://github.com/micromatch/picomatch) and [dompurify](https://github.com/cure53/DOMPurify).\nBumps the npm_and_yarn group with 1 update in the /extensions/microsoft-authentication directory: [jws](https://github.com/brianloveswords/node-jws).\nBumps the npm_and_yarn group with 1 update in the /extensions/notebook-renderers directory: [@tootallnate/once](https://github.com/TooTallNate/once).\nBumps the npm_and_yarn group with 4 updates in the /extensions/npm directory: [minimatch](https://github.com/isaacs/minimatch), [brace-expansion](https://github.com/juliangruber/brace-expansion), [js-yaml](https://github.com/nodeca/js-yaml) and [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 1 update in the /extensions/vscode-api-tests directory: [node-forge](https://github.com/digitalbazaar/forge).\nBumps the npm_and_yarn group with 4 updates in the /remote directory: [@tootallnate/once](https://github.com/TooTallNate/once), [picomatch](https://github.com/micromatch/picomatch), [tar-fs](https://github.com/mafintosh/tar-fs) and [undici](https://github.com/nodejs/undici).\nBumps the npm_and_yarn group with 3 updates in the /test/automation directory: [minimatch](https://github.com/isaacs/minimatch), [brace-expansion](https://github.com/juliangruber/brace-expansion) and [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 2 updates in the /test/integration/browser directory: [minimatch](https://github.com/isaacs/minimatch) and [brace-expansion](https://github.com/juliangruber/brace-expansion).\nBumps the npm_and_yarn group with 8 updates in the /test/mcp directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `1.1.13` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `8.2.0` | `8.4.1` |\n| [playwright](https://github.com/microsoft/playwright) | `1.55.0-alpha-2025-08-12` | `1.60.0-alpha-1774999321000` |\n| [@playwright/mcp](https://github.com/microsoft/playwright-mcp) | `0.0.34` | `0.0.70` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.17.3` | `1.26.0` |\n\nBumps the npm_and_yarn group with 3 updates in the /test/smoke directory: [minimatch](https://github.com/isaacs/minimatch), [brace-expansion](https://github.com/juliangruber/brace-expansion) and [form-data](https://github.com/form-data/form-data).\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 9.0.5 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 9.0.3 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 7.4.6 to 7.4.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 5.1.6 to 5.1.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 10.0.1 to 10.2.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack` from 5.100.0 to 5.105.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/releases\"\u003ewebpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.105.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eModule.getSourceBasicTypes\u003c/code\u003e to distinguish basic source types and clarify how modules with non-basic source types like \u003ccode\u003eremote\u003c/code\u003e still produce JavaScript output. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20546\"\u003e#20546\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003ecreateRequire\u003c/code\u003e in expressions. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20549\"\u003e#20549\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed types for multi stats. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20556\"\u003e#20556\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove empty needless js output for normal css module. (by \u003ca href=\"https://github.com/JSerFeng\"\u003e\u003ccode\u003e@​JSerFeng\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20162\"\u003e#20162\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate \u003ccode\u003eenhanced-resolve\u003c/code\u003e to support new features for \u003ccode\u003etsconfig.json\u003c/code\u003e. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20555\"\u003e#20555\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNarrows export presence guard detection to explicit existence checks on namespace imports only, i.e. patterns like \u0026quot;x\u0026quot; in ns. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20561\"\u003e#20561\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.105.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eContext modules now handle rejections correctly. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20455\"\u003e#20455\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnly mark asset modules as side-effect-free when \u003ccode\u003eexperimental.futureDefaults\u003c/code\u003e is set to true, so asset-copying use cases (e.g. \u003ccode\u003eimport \u0026quot;./x.png\u0026quot;\u003c/code\u003e) won’t break unless the option is enabled. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20535\"\u003e#20535\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd the missing \u003cstrong\u003ewebpack_exports\u003c/strong\u003e declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20463\"\u003e#20463\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed HMR failure for CSS modules with \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e when exportType !== \u0026quot;link\u0026quot;. When exportType is not \u0026quot;link\u0026quot;, CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e CSS to work correctly during hot module replacement. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20514\"\u003e#20514\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20454\"\u003e#20454\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDo not crash when a referenced chunk is not a runtime chunk. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20461\"\u003e#20461\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some types. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20412\"\u003e#20412\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20510\"\u003e#20510\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded \u003ccode\u003ecreateRequire\u003c/code\u003e support for ECMA modules. (by \u003ca href=\"https://github.com/stefanbinoj\"\u003e\u003ccode\u003e@​stefanbinoj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20497\"\u003e#20497\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded category for CJS reexport dependency to fix issues with ECMA modules. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20444\"\u003e#20444\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImplement immutable bytes for \u003ccode\u003ebytes\u003c/code\u003e import attribute to match tc39 spec. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20481\"\u003e#20481\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed deterministic search for graph roots regardless of edge order. (by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20452\"\u003e#20452\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.105.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eWebpackPluginInstance\u003c/code\u003e type regression. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20440\"\u003e#20440\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.105.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/blob/main/CHANGELOG.md\"\u003ewebpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.105.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eModule.getSourceBasicTypes\u003c/code\u003e to distinguish basic source types and clarify how modules with non-basic source types like \u003ccode\u003eremote\u003c/code\u003e still produce JavaScript output. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20546\"\u003e#20546\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003ecreateRequire\u003c/code\u003e in expressions. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20549\"\u003e#20549\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed types for multi stats. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20556\"\u003e#20556\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove empty needless js output for normal css module. (by \u003ca href=\"https://github.com/JSerFeng\"\u003e\u003ccode\u003e@​JSerFeng\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20162\"\u003e#20162\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate \u003ccode\u003eenhanced-resolve\u003c/code\u003e to support new features for \u003ccode\u003etsconfig.json\u003c/code\u003e. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20555\"\u003e#20555\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNarrows export presence guard detection to explicit existence checks on namespace imports only, i.e. patterns like \u0026quot;x\u0026quot; in ns. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20561\"\u003e#20561\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.105.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eContext modules now handle rejections correctly. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20455\"\u003e#20455\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnly mark asset modules as side-effect-free when \u003ccode\u003eexperimental.futureDefaults\u003c/code\u003e is set to true, so asset-copying use cases (e.g. \u003ccode\u003eimport \u0026quot;./x.png\u0026quot;\u003c/code\u003e) won’t break unless the option is enabled. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20535\"\u003e#20535\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd the missing \u003cstrong\u003ewebpack_exports\u003c/strong\u003e declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20463\"\u003e#20463\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed HMR failure for CSS modules with \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e when exportType !== \u0026quot;link\u0026quot;. When exportType is not \u0026quot;link\u0026quot;, CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e CSS to work correctly during hot module replacement. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20514\"\u003e#20514\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20454\"\u003e#20454\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDo not crash when a referenced chunk is not a runtime chunk. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20461\"\u003e#20461\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some types. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20412\"\u003e#20412\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20510\"\u003e#20510\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded \u003ccode\u003ecreateRequire\u003c/code\u003e support for ECMA modules. (by \u003ca href=\"https://github.com/stefanbinoj\"\u003e\u003ccode\u003e@​stefanbinoj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20497\"\u003e#20497\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded category for CJS reexport dependency to fix issues with ECMA modules. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20444\"\u003e#20444\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImplement immutable bytes for \u003ccode\u003ebytes\u003c/code\u003e import attribute to match tc39 spec. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20481\"\u003e#20481\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed deterministic search for graph roots regardless of edge order. (by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20452\"\u003e#20452\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.105.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eWebpackPluginInstance\u003c/code\u003e type regression. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20440\"\u003e#20440\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/27c13b44c861908793f160f9f7413b32543c0522\"\u003e\u003ccode\u003e27c13b4\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20550\"\u003e#20550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/9b2f41ee98e01a9265c430d2c52fa6a9db0e177a\"\u003e\u003ccode\u003e9b2f41e\u003c/code\u003e\u003c/a\u003e chore: bump terser plugin (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20569\"\u003e#20569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/eafe0605b018dd4e19a46d45fb5d72442772aff1\"\u003e\u003ccode\u003eeafe060\u003c/code\u003e\u003c/a\u003e fix: narrow the export presence guard detection (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20561\"\u003e#20561\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/75d605cb57b23257ee88f99ada7938273ea3a1ff\"\u003e\u003ccode\u003e75d605c\u003c/code\u003e\u003c/a\u003e refactor: add AppendOnlyStackedSet iteration support and tests (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20560\"\u003e#20560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/afa607d0967f6b0259bfe9f62d99ef97db64bdac\"\u003e\u003ccode\u003eafa607d\u003c/code\u003e\u003c/a\u003e refactor: remove unused code (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20562\"\u003e#20562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/40989026fa542ceffa2821e5d25ae0d87c0bd09b\"\u003e\u003ccode\u003e4098902\u003c/code\u003e\u003c/a\u003e test: add source files for web-webworker and web-webworker-auto-public-path (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/f97be67fdd3c59acff2c0da7dd9f04835b037e4c\"\u003e\u003ccode\u003ef97be67\u003c/code\u003e\u003c/a\u003e refactor: fix duplicated word in Compilation JSDoc (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20547\"\u003e#20547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/9d76fff9f645d194c293f12dadf029173e9ed1d1\"\u003e\u003ccode\u003e9d76fff\u003c/code\u003e\u003c/a\u003e refactor: add Module.getSourceBasicTypes for basic JS type detection (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20546\"\u003e#20546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/a3d7839376784b2e44987b77f7d6bcc2ed3a0bdc\"\u003e\u003ccode\u003ea3d7839\u003c/code\u003e\u003c/a\u003e fix: types for multi stats (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20556\"\u003e#20556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/b8e9b057bebccf6268d9b348bc23b056c66a067b\"\u003e\u003ccode\u003eb8e9b05\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003eenhanced-resolve\u003c/code\u003e to support new features for \u003ccode\u003etsconfig.json\u003c/code\u003e (#...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpack/webpack/compare/v5.100.0...v5.105.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for webpack since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 8.7.0 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.7.0...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tootallnate/once` from 3.0.0 to 3.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/releases\"\u003e\u003ccode\u003e@​tootallnate/once\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e28dbc5d: Fix promise hang when \u003ccode\u003eAbortSignal\u003c/code\u003e is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/blob/master/CHANGELOG.md\"\u003e\u003ccode\u003e@​tootallnate/once\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e28dbc5d: Fix promise hang when \u003ccode\u003eAbortSignal\u003c/code\u003e is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b31c7623e18b128325a05da02aa0832ee289b893\"\u003e\u003ccode\u003eb31c762\u003c/code\u003e\u003c/a\u003e Fix publish?\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/d2f7407721c023426c1af0712dbd71a3ca91d899\"\u003e\u003ccode\u003ed2f7407\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/TooTallNate/once/issues/9\"\u003e#9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/081645cb260aa86a55e5bffad2f1b52155cee8ea\"\u003e\u003ccode\u003e081645c\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/f01fa45d958113c60f54bf7f83e460741d811a47\"\u003e\u003ccode\u003ef01fa45\u003c/code\u003e\u003c/a\u003e Fix Release job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/28dbc5d7f9342ddfb6014ca5f3dc4206048db9cb\"\u003e\u003ccode\u003e28dbc5d\u003c/code\u003e\u003c/a\u003e Add Changesets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/e66503b7f028a9fe7d22e2547d17cea71be05937\"\u003e\u003ccode\u003ee66503b\u003c/code\u003e\u003c/a\u003e Use pnpm in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/6ec8b43f617a6feeb78ab98a4eb999123b664d2b\"\u003e\u003ccode\u003e6ec8b43\u003c/code\u003e\u003c/a\u003e Fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b9f43cc5259bee2952d91ad3cdbd201a82df448a\"\u003e\u003ccode\u003eb9f43cc\u003c/code\u003e\u003c/a\u003e Fix promise hang when \u003ccode\u003eAbortSignal\u003c/code\u003e is aborted\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/a8c9dc3b7a241f992ebcde5b6b76ad5f97ce99af\"\u003e\u003ccode\u003ea8c9dc3\u003c/code\u003e\u003c/a\u003e Add pnpm-lock.yaml file\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/TooTallNate/once/compare/3.0.0...v3.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​tootallnate/once\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.12 to 1.1.13\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v1.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 3.0.1 to 3.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.3...v3.0.4\"\u003ev3.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/f5e7eb024bc3fc7e2074ff80f143a4f4cbc1dbda\"\u003e\u003ccode\u003ef5e7eb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/1a78b5dd05e508d67e97764d812ac7c6d92ea88d\"\u003e\u003ccode\u003e1a78b5d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/b22a64ef94ba4f3f6ff7d1ac72a54cca128567df\"\u003e\u003ccode\u003eb22a64e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/11d9f7338f18a59b431832a3562b49baece0a432\"\u003e\u003ccode\u003e11d9f73\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.2...v3.0.3\"\u003ev3.0.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/7fecefe4ba8f775634aff86a698776ad95ecffb5\"\u003e\u003ccode\u003e7fecefe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003ecross-spawn\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003epuppeteer\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/8261fcb8bf5944d30ae3bd04b91b71d6a9932ef4\"\u003e\u003ccode\u003e8261fcb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b82f59093cdbadb4b7ec0922d33ae7ab048b82ff\"\u003e\u003ccode\u003eb82f590\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/e5df7f24383342264bd73dee3274818a40d04065\"\u003e\u003ccode\u003ee5df7f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5a5bafee894fead10da49e1fa2b084e17f2e1034\"\u003e\u003ccode\u003e5a5bafe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.2\"\u003ev3.0.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] clean up ignores \u003ca href=\"https://github.com/form-data/form-data/commit/3217b3ded8e382e51171d5c74c6038a21cc54440\"\u003e\u003ccode\u003e3217b3d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: move util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e) \u003ca href=\"https://github.com/form-data/form-data/commit/edb555a811f6f7e4668db4831551cf41c1de1cac\"\u003e\u003ccode\u003eedb555a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/9c82fcdf0858b2764060a87803a55375ffbee6ed\"\u003e\u003ccode\u003e9c82fcd\u003c/code\u003e\u003c/a\u003e v3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e [meta] remove local commit hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/002b9b0c4862576305292ac44f7be25ec7ccea0e\"\u003e\u003ccode\u003e002b9b0\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e [Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.0 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.3...v3.0.4\"\u003ev3.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/f5e7eb024bc3fc7e2074ff80f143a4f4cbc1dbda\"\u003e\u003ccode\u003ef5e7eb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/1a78b5dd05e508d67e97764d812ac7c6d92ea88d\"\u003e\u003ccode\u003e1a78b5d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/b22a64ef94ba4f3f6ff7d1ac72a54cca128567df\"\u003e\u003ccode\u003eb22a64e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/11d9f7338f18a59b431832a3562b49baece0a432\"\u003e\u003ccode\u003e11d9f73\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.2...v3.0.3\"\u003ev3.0.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/7fecefe4ba8f775634aff86a698776ad95ecffb5\"\u003e\u003ccode\u003e7fecefe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003ecross-spawn\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003epuppeteer\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/8261fcb8bf5944d30ae3bd04b91b71d6a9932ef4\"\u003e\u003ccode\u003e8261fcb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b82f59093cdbadb4b7ec0922d33ae7ab048b82ff\"\u003e\u003ccode\u003eb82f590\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/e5df7f24383342264bd73dee3274818a40d04065\"\u003e\u003ccode\u003ee5df7f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5a5bafee894fead10da49e1fa2b084e17f2e1034\"\u003e\u003ccode\u003e5a5bafe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.2\"\u003ev3.0.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] clean up ignores \u003ca href=\"https://github.com/form-data/form-data/commit/3217b3ded8e382e51171d5c74c6038a21cc54440\"\u003e\u003ccode\u003e3217b3d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: move util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e) \u003ca href=\"https://github.com/form-data/form-data/commit/edb555a811f6f7e4668db4831551cf41c1de1cac\"\u003e\u003ccode\u003eedb555a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/9c82fcdf0858b2764060a87803a55375ffbee6ed\"\u003e\u003ccode\u003e9c82fcd\u003c/code\u003e\u003c/a\u003e v3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e [meta] remove local commit hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/002b9b0c4862576305292ac44f7be25ec7ccea0e\"\u003e\u003ccode\u003e002b9b0\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e [Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `braces` from 2.3.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/braces/blob/master/CHANGELOG.md\"\u003ebraces's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e[3.0.0] - 2018-04-08\u003c/h2\u003e\n\u003cp\u003ev3.0 is a complete refactor, resulting in a faster, smaller codebase, with fewer deps, and a more accurate parser and compiler.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking Changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented \u003ccode\u003e.makeRe\u003c/code\u003e method was removed\u003c/li\u003e\n\u003cli\u003eRequire Node.js \u0026gt;= 8.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNon-breaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCaching was removed\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/braces/commits/3.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.1...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli...\n\n_Description has been truncated_","html_url":"https://github.com/dporkka/openvscode-server/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dporkka%2Fopenvscode-server/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"8.8.1","new_version":"8.8.5","update_type":"patch","path":null,"pr_created_at":"2026-03-30T06:19:53.000Z","version_change":"8.8.1 → 8.8.5","issue":{"uuid":"4167802141","node_id":"PR_kwDONtK1tM7OgDiL","number":610,"state":"closed","title":"Bump the npm_and_yarn group across 2 directories with 17 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-04-01T08:24:54.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-30T06:19:53.000Z","updated_at":"2026-04-01T08:24:56.000Z","time_to_close":180301,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":17,"packages":[{"name":"ai","old_version":"4.3.19","new_version":"5.0.52","repository_url":"https://github.com/vercel/ai"},{"name":"zx","old_version":"8.8.1","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"axios","old_version":"1.11.0","new_version":"1.14.0","repository_url":"https://github.com/axios/axios"},{"name":"bn.js","old_version":"5.2.2","new_version":"5.2.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"simple-git","old_version":"3.28.0","new_version":"3.33.0","repository_url":"https://github.com/steveukx/git-js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 6 updates in the /packages/indexer directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ai](https://github.com/vercel/ai) | `4.3.19` | `5.0.52` |\n| [zx](https://github.com/google/zx) | `8.8.1` | `8.8.5` |\n| [axios](https://github.com/axios/axios) | `1.11.0` | `1.14.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `5.2.2` | `5.2.3` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.28.0` | `3.33.0` |\n\nBumps the npm_and_yarn group with 12 updates in the /packages/web directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `1.13.2` | `1.14.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [dompurify](https://github.com/cure53/DOMPurify) | `3.3.0` | `3.3.2` |\n| [next](https://github.com/vercel/next.js) | `16.1.0` | `16.1.7` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [h3](https://github.com/h3js/h3) | `1.15.4` | `1.15.10` |\n| [hono](https://github.com/honojs/hono) | `4.10.6` | `4.11.4` |\n| [immutable](https://github.com/immutable-js/immutable-js) | `5.1.4` | `5.1.5` |\n| [markdown-it](https://github.com/markdown-it/markdown-it) | `14.1.0` | `14.1.1` |\n| [socket.io-parser](https://github.com/socketio/socket.io) | `4.2.4` | `4.2.6` |\n\n\nUpdates `ai` from 4.3.19 to 5.0.52\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63d5f669098343a49173d788fe1490127e882bd1\"\u003e\u003ccode\u003e63d5f66\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8895\"\u003e#8895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/930399bb9839a8baf3d349614106d78268775eed\"\u003e\u003ccode\u003e930399b\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): download files when intermediate file cannot be downloaded...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7ca78f19a51859de09171daa3b0cefcc9df90a16\"\u003e\u003ccode\u003e7ca78f1\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/gateway): Add new Qwen models to Gateway model string...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1cfc209a5f9f281565538f2880f9c6278ca6bf04\"\u003e\u003ccode\u003e1cfc209\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): \u003ccode\u003eOpenAILanguageModelOptions\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8858\"\u003e#8858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/347b7ecce9953ae427e7fcf5b0441a63a3d44431\"\u003e\u003ccode\u003e347b7ec\u003c/code\u003e\u003c/a\u003e ci: rename \u003ccode\u003ev5.0\u003c/code\u003e branch to \u003ccode\u003erelease-v*\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/85909a9f6448c7e6eb52d780abcca4f96679e719\"\u003e\u003ccode\u003e85909a9\u003c/code\u003e\u003c/a\u003e Backport: chore(ai): update test message (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8875\"\u003e#8875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c56822dd81d5d70bcd5ef230a875f96a224849a4\"\u003e\u003ccode\u003ec56822d\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the `UIMessageChu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1461adf5841cc3f164482fdff72b66b4b22bf866\"\u003e\u003ccode\u003e1461adf\u003c/code\u003e\u003c/a\u003e Backport: chore(examples): remove redundant OpenAI reasoning examples (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8871\"\u003e#8871\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6bd07df02d9f954b389e44da128fc6d1358462d9\"\u003e\u003ccode\u003e6bd07df\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8853\"\u003e#8853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a45d61aa32f2f319254c5e660731085bcd30f273\"\u003e\u003ccode\u003ea45d61a\u003c/code\u003e\u003c/a\u003e ci(release): remove incorrect changeset bump for \u003ccode\u003e@ai-sdk/baseten\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/compare/ai@4.3.19...ai@5.0.52\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 8.8.1 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.8.1...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.11.0 to 1.14.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.14.0\u003c/h2\u003e\n\u003cp\u003eThis release focuses on compatibility fixes, adapter stability improvements, and test/tooling modernisation.\u003c/p\u003e\n\u003ch2\u003e⚠️ Important Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBreaking Changes:\u003c/strong\u003e None identified in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAction Required:\u003c/strong\u003e If you rely on env-based proxy behaviour or CJS resolution edge-cases, validate your integration after upgrade (notably \u003ccode\u003eproxy-from-env\u003c/code\u003e v2 alignment and \u003ccode\u003emain\u003c/code\u003e entry compatibility fix).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRuntime Features:\u003c/strong\u003e No new end-user features were introduced in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTest Coverage Expansion:\u003c/strong\u003e Added broader smoke/module test coverage for CJS and ESM package usage. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7510\"\u003e#7510\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Trim trailing CRLF in normalised header values. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7456\"\u003e#7456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2:\u003c/strong\u003e Close detached HTTP/2 sessions on timeout to avoid lingering sessions. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7457\"\u003e#7457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Cancel \u003ccode\u003eReadableStream\u003c/code\u003e created during request-stream capability probing to prevent async resource leaks. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7515\"\u003e#7515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Handling:\u003c/strong\u003e Fixed env proxy behavior with \u003ccode\u003eproxy-from-env\u003c/code\u003e v2 usage. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7499\"\u003e#7499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCommonJS Compatibility:\u003c/strong\u003e Fixed package \u003ccode\u003emain\u003c/code\u003e entry regression affecting CJS consumers. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7532\"\u003e#7532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eSecurity/Dependencies:\u003c/strong\u003e Updated \u003ccode\u003eformidable\u003c/code\u003e and refreshed package set to newer versions. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7533\"\u003e#7533\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/10556\"\u003e#10556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTooling:\u003c/strong\u003e Continued migration to Vitest and modernised CI/test harnesses. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7484\"\u003e#7484\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7489\"\u003e#7489\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7498\"\u003e#7498\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild/Lint Stack:\u003c/strong\u003e Rollup, ESLint, TypeScript, and related dev-dependency updates. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7508\"\u003e#7508\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7509\"\u003e#7509\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7522\"\u003e#7522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Clarified JSON parsing and adapter-related docs/comments. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7398\"\u003e#7398\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7460\"\u003e#7460\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7478\"\u003e#7478\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve Axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aviu16\"\u003e\u003ccode\u003e@​aviu16\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7456\"\u003e#7456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NETIZEN-11\"\u003e\u003ccode\u003e@​NETIZEN-11\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7460\"\u003e#7460\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fedotov\"\u003e\u003ccode\u003e@​fedotov\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7457\"\u003e#7457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nthbotast\"\u003e\u003ccode\u003e@​nthbotast\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7478\"\u003e#7478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7398\"\u003e#7398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/penkzhou\"\u003e\u003ccode\u003e@​penkzhou\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7515\"\u003e#7515\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cem\u003eFull Changelog: \u003ca href=\"https://github.com/axios/axios/compare/v1.13.6...v1.14.0\"\u003ev1.13.6...v1.14.0\u003c/a\u003e\u003c/em\u003e\u003c/p\u003e\n\u003ch2\u003ev1.13.6\u003c/h2\u003e\n\u003cp\u003eThis release focuses on platform compatibility, error handling improvements, and code quality maintenance.\u003c/p\u003e\n\u003ch2\u003e⚠️ Important Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBreaking Changes:\u003c/strong\u003e None identified in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAction Required:\u003c/strong\u003e Users targeting React Native should verify their integration, particularly if relying on specific Blob or FormData behaviours, as improvements have been made to support these objects.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native Blob Support:\u003c/strong\u003e Axios now includes support for React Native Blob objects. Thanks to \u003ca href=\"https://github.com/moh3n9595\"\u003e\u003ccode\u003e@​moh3n9595\u003c/code\u003e\u003c/a\u003e for the initial implementation. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/5764\"\u003e#5764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCode Quality:\u003c/strong\u003e Implemented prettier across the codebase and resolved associated formatting issues. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7385\"\u003e#7385\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eEnvironment Compatibility:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eFixed module exports for React Native and Browserify environments. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7386\"\u003e#7386\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.13.2...v1.13.3\"\u003e1.13.3\u003c/a\u003e (2026-01-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ehttp2:\u003c/strong\u003e Use port 443 for HTTPS connections by default. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7256\"\u003e#7256\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d7e60653460480ffacecf85383012ca1baa6263e\"\u003ed7e6065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003einterceptor:\u003c/strong\u003e handle the error in the same interceptor (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6269\"\u003e#6269\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/5945e40bb171d4ac4fc195df276cf952244f0f89\"\u003e5945e40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emain field in package.json should correspond to cjs artifacts (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5756\"\u003e#5756\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7373fbff24cd92ce650d99ff6f7fe08c2e2a0a04\"\u003e7373fbf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epackage.json:\u003c/strong\u003e add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5754\"\u003e#5754\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/b89217e3e91de17a3d55e2b8f39ceb0e9d8aeda8\"\u003eb89217e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esilentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7257\"\u003e#7257\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7d19335e43d6754a1a9a66e424f7f7da259895bf\"\u003e7d19335\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eturn AxiosError into a native error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5394\"\u003e#5394\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5558\"\u003e#5558\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/1c6a86dd2c0623ee1af043a8491dbc96d40e883b\"\u003e1c6a86d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e add handlers to AxiosInterceptorManager interface (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5551\"\u003e#5551\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/8d1271b49fc226ed7defd07cd577bd69a55bb13a\"\u003e8d1271b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e restore AxiosError.cause type from unknown to Error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7327\"\u003e#7327\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d8233d9e8e9a64bfba9bbe01d475ba417510b82b\"\u003ed8233d9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eunclear error message is thrown when specifying an empty proxy authorization (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6314\"\u003e#6314\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/6ef867e684adf7fb2343e3b29a79078a3c76dc29\"\u003e6ef867e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eundefined\u003c/code\u003e as a value in AxiosRequestConfig (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5560\"\u003e#5560\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/095033c626895ecdcda2288050b63dcf948db3bd\"\u003e095033c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd automatic minor and patch upgrades to dependabot (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6053\"\u003e#6053\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/65a7584eda6164980ddb8cf5372f0afa2a04c1ed\"\u003e65a7584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd Node.js coverage script using c8 (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/7289\"\u003e#7289\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7294\"\u003e#7294\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/ec9d94e9f88da13e9219acadf65061fb38ce080a\"\u003eec9d94e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded copilot instructions (\u003ca href=\"https://github.com/axios/axios/commit/3f83143bfe617eec17f9d7dcf8bafafeeae74c26\"\u003e3f83143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with frozen prototypes (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6265\"\u003e#6265\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/860e03396a536e9b926dacb6570732489c9d7012\"\u003e860e033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenhance pipeFileToResponse with error handling (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7169\"\u003e#7169\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/88d78842541610692a04282233933d078a8a2552\"\u003e88d7884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Intellisense for string literals in a widened union (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6134\"\u003e#6134\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/f73474d02c5aa957b2daeecee65508557fd3c6e5\"\u003ef73474d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com//redirect.github.com/microsoft/TypeScript/issues/33471/issues/issuecomment-1376364329\"\u003emicrosoft/TypeScript#33471\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eReverts\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRevert \u0026quot;fix: silentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7\"\u003e#7\u003c/a\u003e…\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7298\"\u003e#7298\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/a4230f5581b3f58b6ff531b6dbac377a4fd7942a\"\u003ea4230f5\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e \u003ca href=\"https://redirect.github.com/axios/axios/issues/7\"\u003e#7\u003c/a\u003e \u003ca href=\"https://redirect.github.com/axios/axios/issues/7298\"\u003e#7298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7334\"\u003e#7334\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/2d6ad5e48bd29b0b2b5e7e95fb473df98301543a\"\u003e2d6ad5e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/ashvin2005\" title=\"+1752/-4 ([#7218](https://github.com/axios/axios/issues/7218) [#7218](https://github.com/axios/axios/issues/7218) )\"\u003eAshvin Tiwari\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/mochinikunj\" title=\"+940/-12 ([#7294](https://github.com/axios/axios/issues/7294) [#7294](https://github.com/axios/axios/issues/7294) )\"\u003eNikunj Mochi\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/imanchalsingh\" title=\"+544/-102 ([#7169](https://github.com/axios/axios/issues/7169) [#7185](https://github.com/axios/axios/issues/7185) )\"\u003eAnchal Singh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/jasonsaayman\" title=\"+317/-73 ([#7334](https://github.com/axios/axios/issues/7334) [#7298](https://github.com/axios/axios/issues/7298) )\"\u003ejasonsaayman\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/brodo\" title=\"+99/-120 ([#5558](https://github.com/axios/axios/issues/5558) )\"\u003eJulian Dax\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/AKASHDHARDUBEY\" title=\"+167/-0 ([#7287](https://github.com/axios/axios/issues/7287) [#7288](https://github.com/axios/axios/issues/7288) )\"\u003eAkash Dhar Dubey\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/madhumitaaa\" title=\"+20/-68 ([#7198](https://github.com/axios/axios/issues/7198) )\"\u003eMadhumita\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Tackoil\" title=\"+80/-2 ([#6269](https://github.com/axios/axios/issues/6269) )\"\u003eTackoil\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/justindhillon\" title=\"+41/-41 ([#6324](https://github.com/axios/axios/issues/6324) [#6315](https://github.com/axios/axios/issues/6315) )\"\u003eJustin Dhillon\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Rudrxxx\" title=\"+71/-2 ([#7257](https://github.com/axios/axios/issues/7257) )\"\u003eRudransh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/WuMingDao\" title=\"+36/-36 ([#7215](https://github.com/axios/axios/issues/7215) )\"\u003eWuMingDao\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/codenomnom\" title=\"+70/-0 ([#7201](https://github.com/axios/axios/issues/7201) [#7201](https://github.com/axios/axios/issues/7201) )\"\u003ecodenomnom\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Nandann018-ux\" title=\"+60/-10 ([#7272](https://github.com/axios/axios/issues/7272) )\"\u003eNandan Acharya\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/KernelDeimos\" title=\"+22/-40 ([#7042](https://github.com/axios/axios/issues/7042) )\"\u003eEric Dubé\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/tiborpilz\" title=\"+40/-4 ([#5551](https://github.com/axios/axios/issues/5551) )\"\u003eTibor Pilz\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/joaoGabriel55\" title=\"+31/-4 ([#6314](https://github.com/axios/axios/issues/6314) )\"\u003eGabriel Quaresma\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/turadg\" title=\"+23/-6 ([#6265](https://github.com/axios/axios/issues/6265) )\"\u003eTuradg Aleahmad\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/46bee3dea75ef53a8eae49f3b7487e6341de6074\"\u003e\u003ccode\u003e46bee3d\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.14.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10563\"\u003e#10563\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/518aff569043116c87ce78e3d83877d5251f2a16\"\u003e\u003ccode\u003e518aff5\u003c/code\u003e\u003c/a\u003e chore: add AI Moderator workflow for spam detection (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10551\"\u003e#10551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b7dfda3e7cf9e85f6063d90334318f82842b42d0\"\u003e\u003ccode\u003eb7dfda3\u003c/code\u003e\u003c/a\u003e chore(sponsor): update sponsor block (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10557\"\u003e#10557\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9aa34d52918c13eaa445d884a24e9e20e71a7a93\"\u003e\u003ccode\u003e9aa34d5\u003c/code\u003e\u003c/a\u003e fix: updated release flow to match the current flows (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10562\"\u003e#10562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e9e5ebe483b3f0cecbb5a4c9fa95a316ea5d0645\"\u003e\u003ccode\u003ee9e5ebe\u003c/code\u003e\u003c/a\u003e Update packages to latest version (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10556\"\u003e#10556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4d8931ca8a92e53c5dcf02cf46d1016a10e60ec0\"\u003e\u003ccode\u003e4d8931c\u003c/code\u003e\u003c/a\u003e fix: formidable dependency vulnerable to arbitrary (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7533\"\u003e#7533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3a6f5c1ae1f9b58198e9f3109896a2c11d017c58\"\u003e\u003ccode\u003e3a6f5c1\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump \u003ccode\u003e@​babel/preset-env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7531\"\u003e#7531\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/bcfd2997dc93b56669dd03b29b83d8a868797937\"\u003e\u003ccode\u003ebcfd299\u003c/code\u003e\u003c/a\u003e fix: bug axios breaks commonjs compatibility main entry (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7532\"\u003e#7532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/d6dcbfd53e9506d9c8c0b1fd09c4d960bea9b9f0\"\u003e\u003ccode\u003ed6dcbfd\u003c/code\u003e\u003c/a\u003e fix: dependabot uses the correct labels (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7530\"\u003e#7530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5dd7ba78b8960fb29e39b6918ee5cb9a2130f15c\"\u003e\u003ccode\u003e5dd7ba7\u003c/code\u003e\u003c/a\u003e chore: upgrade to latest ts (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7522\"\u003e#7522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.11.0...v1.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 5.2.2 to 5.2.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/indutny/bn.js/blob/master/CHANGELOG.md\"\u003ebn.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.3 / 2026-02-19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ea6c072a951493ca99e5cd5f8da3851b90116271\"\u003e\u003ccode\u003eea6c072\u003c/code\u003e\u003c/a\u003e 5.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/33df26b5771e824f303a79ec6407409376baa64b\"\u003e\u003ccode\u003e33df26b\u003c/code\u003e\u003c/a\u003e fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v5.2.2...v5.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `simple-git` from 3.28.0 to 3.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/releases\"\u003esimple-git's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esimple-git@3.33.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea263635: Use \u003ccode\u003epathspec\u003c/code\u003e wrappers for remote and local paths when running either \u003ccode\u003egit.clone\u003c/code\u003e or \u003ccode\u003egit.mirror\u003c/code\u003e to\navoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ee253a0d: Enhanced \u003ccode\u003egit -c\u003c/code\u003e checks in \u003ccode\u003eunsafe\u003c/code\u003e plugin.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JohannesLks\"\u003e\u003ccode\u003e@​JohannesLks\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/CodeAnt-AI-Security\"\u003e\u003ccode\u003e@​CodeAnt-AI-Security\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8d02097: Enhanced clone unsafe switch detection.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e23b070f: Fix regex for detecting unsafe clone options\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/stevenwdv\"\u003e\u003ccode\u003e@​stevenwdv\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e1effd8e: Enhances the \u003ccode\u003eunsafe\u003c/code\u003e plugin to block additional cases where the \u003ccode\u003e-u\u003c/code\u003e switch may be disguised\nalong with other single character options.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JuHwiSang\"\u003e\u003ccode\u003e@​JuHwiSang\u003c/code\u003e\u003c/a\u003e for identifying this as vulnerability.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed5fd4fe: Use task runner for logging use of deprecated (already no-op) functions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.31.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea44184f: Resolve NPM publish steps\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.30.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md\"\u003esimple-git's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.33.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea263635: Use \u003ccode\u003epathspec\u003c/code\u003e wrappers for remote and local paths when running either \u003ccode\u003egit.clone\u003c/code\u003e or \u003ccode\u003egit.mirror\u003c/code\u003e to\navoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ee253a0d: Enhanced \u003ccode\u003egit -c\u003c/code\u003e checks in \u003ccode\u003eunsafe\u003c/code\u003e plugin.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JohannesLks\"\u003e\u003ccode\u003e@​JohannesLks\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/CodeAnt-AI-Security\"\u003e\u003ccode\u003e@​CodeAnt-AI-Security\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8d02097: Enhanced clone unsafe switch detection.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e23b070f: Fix regex for detecting unsafe clone options\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/stevenwdv\"\u003e\u003ccode\u003e@​stevenwdv\u003c/code\u003e\u003c/a\u003e for reporting this issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.32.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e1effd8e: Enhances the \u003ccode\u003eunsafe\u003c/code\u003e plugin to block additional cases where the \u003ccode\u003e-u\u003c/code\u003e switch may be disguised\nalong with other single character options.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JuHwiSang\"\u003e\u003ccode\u003e@​JuHwiSang\u003c/code\u003e\u003c/a\u003e for identifying this as vulnerability.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed5fd4fe: Use task runner for logging use of deprecated (already no-op) functions.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.31.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/8bbbabc827fc05824e0e4bd51746e9ca0109b353\"\u003e\u003ccode\u003e8bbbabc\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/a263635ca4729c276eba869ae8c97cbb00fc4eb9\"\u003e\u003ccode\u003ea263635\u003c/code\u003e\u003c/a\u003e Clone API use pathspec (\u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1132\"\u003e#1132\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/e253a0d1bf9d013228f856209b3b8a7c5980a54b\"\u003e\u003ccode\u003ee253a0d\u003c/code\u003e\u003c/a\u003e Fix/block unsafe 2603 (\u003ca href=\"https://github.com/steveukx/git-js/tree/HEAD/simple-git/issues/1135\"\u003e#1135\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/a1170e506eeeaade4a242bfbf6d0620d57872364\"\u003e\u003ccode\u003ea1170e5\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/f7042088aa2dac59e3c49a84d7a2f4b26048a257\"\u003e\u003ccode\u003ef704208\u003c/code\u003e\u003c/a\u003e In extension to CVE-2022-25912, switch to case-insensitive check for `protoco...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/4bb20811eb35c0fa5437553cad4eb8ebf8f6f6e6\"\u003e\u003ccode\u003e4bb2081\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/7ae7537737bafc1e6559a28816785b10926fb095\"\u003e\u003ccode\u003e7ae7537\u003c/code\u003e\u003c/a\u003e Match tokens to word boundary\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/c47ad103b07ce768cf69aec63e0c9f7f77a1ab0f\"\u003e\u003ccode\u003ec47ad10\u003c/code\u003e\u003c/a\u003e Lint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/8d02097b726c2bc5360b4f55ee3ecb7e09648e4d\"\u003e\u003ccode\u003e8d02097\u003c/code\u003e\u003c/a\u003e Enhanced clone switch detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/steveukx/git-js/commit/f6909a52807512cb4e29a654db2dcd409b019113\"\u003e\u003ccode\u003ef6909a5\u003c/code\u003e\u003c/a\u003e Remove test timeout override\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/steveukx/git-js/commits/simple-git@3.33.0/simple-git\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for simple-git since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 8.8.1 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.8.1...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.11.0 to 1.14.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.14.0\u003c/h2\u003e\n\u003cp\u003eThis release focuses on compatibility fixes, adapter stability improvements, and test/tooling modernisation.\u003c/p\u003e\n\u003ch2\u003e⚠️ Important Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBreaking Changes:\u003c/strong\u003e None identified in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAction Required:\u003c/strong\u003e If you rely on env-based proxy behaviour or CJS resolution edge-cases, validate your integration after upgrade (notably \u003ccode\u003eproxy-from-env\u003c/code\u003e v2 alignment and \u003ccode\u003emain\u003c/code\u003e entry compatibility fix).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRuntime Features:\u003c/strong\u003e No new end-user features were introduced in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTest Coverage Expansion:\u003c/strong\u003e Added broader smoke/module test coverage for CJS and ESM package usage. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7510\"\u003e#7510\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Trim trailing CRLF in normalised header values. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7456\"\u003e#7456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2:\u003c/strong\u003e Close detached HTTP/2 sessions on timeout to avoid lingering sessions. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7457\"\u003e#7457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Cancel \u003ccode\u003eReadableStream\u003c/code\u003e created during request-stream capability probing to prevent async resource leaks. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7515\"\u003e#7515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Handling:\u003c/strong\u003e Fixed env proxy behavior with \u003ccode\u003eproxy-from-env\u003c/code\u003e v2 usage. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7499\"\u003e#7499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCommonJS Compatibility:\u003c/strong\u003e Fixed package \u003ccode\u003emain\u003c/code\u003e entry regression affecting CJS consumers. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7532\"\u003e#7532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eSecurity/Dependencies:\u003c/strong\u003e Updated \u003ccode\u003eformidable\u003c/code\u003e and refreshed package set to newer versions. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7533\"\u003e#7533\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/10556\"\u003e#10556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTooling:\u003c/strong\u003e Continued migration to Vitest and modernised CI/test harnesses. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7484\"\u003e#7484\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7489\"\u003e#7489\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7498\"\u003e#7498\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild/Lint Stack:\u003c/strong\u003e Rollup, ESLint, TypeScript, and related dev-dependency updates. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7508\"\u003e#7508\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7509\"\u003e#7509\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7522\"\u003e#7522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Clarified JSON parsing and adapter-related docs/comments. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7398\"\u003e#7398\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7460\"\u003e#7460\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7478\"\u003e#7478\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve Axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aviu16\"\u003e\u003ccode\u003e@​aviu16\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7456\"\u003e#7456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NETIZEN-11\"\u003e\u003ccode\u003e@​NETIZEN-11\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7460\"\u003e#7460\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fedotov\"\u003e\u003ccode\u003e@​fedotov\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7457\"\u003e#7457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nthbotast\"\u003e\u003ccode\u003e@​nthbotast\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7478\"\u003e#7478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7398\"\u003e#7398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/penkzhou\"\u003e\u003ccode\u003e@​penkzhou\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7515\"\u003e#7515\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cem\u003eFull Changelog: \u003ca href=\"https://github.com/axios/axios/compare/v1.13.6...v1.14.0\"\u003ev1.13.6...v1.14.0\u003c/a\u003e\u003c/em\u003e\u003c/p\u003e\n\u003ch2\u003ev1.13.6\u003c/h2\u003e\n\u003cp\u003eThis release focuses on platform compatibility, error handling improvements, and code quality maintenance.\u003c/p\u003e\n\u003ch2\u003e⚠️ Important Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBreaking Changes:\u003c/strong\u003e None identified in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAction Required:\u003c/strong\u003e Users targeting React Native should verify their integration, particularly if relying on specific Blob or FormData behaviours, as improvements have been made to support these objects.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native Blob Support:\u003c/strong\u003e Axios now includes support for React Native Blob objects. Thanks to \u003ca href=\"https://github.com/moh3n9595\"\u003e\u003ccode\u003e@​moh3n9595\u003c/code\u003e\u003c/a\u003e for the initial implementation. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/5764\"\u003e#5764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCode Quality:\u003c/strong\u003e Implemented prettier across the codebase and resolved associated formatting issues. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7385\"\u003e#7385\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eEnvironment Compatibility:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eFixed module exports for React Native and Browserify environments. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7386\"\u003e#7386\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.13.2...v1.13.3\"\u003e1.13.3\u003c/a\u003e (2026-01-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ehttp2:\u003c/strong\u003e Use port 443 for HTTPS connections by default. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7256\"\u003e#7256\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d7e60653460480ffacecf85383012ca1baa6263e\"\u003ed7e6065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003einterceptor:\u003c/strong\u003e handle the error in the same interceptor (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6269\"\u003e#6269\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/5945e40bb171d4ac4fc195df276cf952244f0f89\"\u003e5945e40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emain field in package.json should correspond to cjs artifacts (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5756\"\u003e#5756\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7373fbff24cd92ce650d99ff6f7fe08c2e2a0a04\"\u003e7373fbf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epackage.json:\u003c/strong\u003e add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5754\"\u003e#5754\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/b89217e3e91de17a3d55e2b8f39ceb0e9d8aeda8\"\u003eb89217e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esilentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7257\"\u003e#7257\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7d19335e43d6754a1a9a66e424f7f7da259895bf\"\u003e7d19335\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eturn AxiosError into a native error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5394\"\u003e#5394\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5558\"\u003e#5558\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/1c6a86dd2c0623ee1af043a8491dbc96d40e883b\"\u003e1c6a86d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e add handlers to AxiosInterceptorManager interface (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5551\"\u003e#5551\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/8d1271b49fc226ed7defd07cd577bd69a55bb13a\"\u003e8d1271b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e restore AxiosError.cause type from unknown to Error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7327\"\u003e#7327\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d8233d9e8e9a64bfba9bbe01d475ba417510b82b\"\u003ed8233d9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eunclear error message is thrown when specifying an empty proxy authorization (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6314\"\u003e#6314\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/6ef867e684adf7fb2343e3b29a79078a3c76dc29\"\u003e6ef867e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eundefined\u003c/code\u003e as a value in AxiosRequestConfig (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5560\"\u003e#5560\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/095033c626895ecdcda2288050b63dcf948db3bd\"\u003e095033c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd automatic minor and patch upgrades to dependabot (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6053\"\u003e#6053\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/65a7584eda6164980ddb8cf5372f0afa2a04c1ed\"\u003e65a7584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd Node.js coverage script using c8 (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/7289\"\u003e#7289\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7294\"\u003e#7294\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/ec9d94e9f88da13e9219acadf65061fb38ce080a\"\u003eec9d94e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded copilot instructions (\u003ca href=\"https://github.com/axios/axios/commit/3f83143bfe617eec17f9d7dcf8bafafeeae74c26\"\u003e3f83143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with frozen prototypes (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6265\"\u003e#6265\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/860e03396a536e9b926dacb6570732489c9d7012\"\u003e860e033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenhance pipeFileToResponse with error handling (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7169\"\u003e#7169\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/88d78842541610692a04282233933d078a8a2552\"\u003e88d7884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Intellisense for string literals in a widened union (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6134\"\u003e#6134\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/f73474d02c5aa957b2daeecee65508557fd3c6e5\"\u003ef73474d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com//redirect.github.com/microsoft/TypeScript/issues/33471/issues/issuecomment-1376364329\"\u003emicrosoft/TypeScript#33471\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eReverts\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRevert \u0026quot;fix: silentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7\"\u003e#7\u003c/a\u003e…\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7298\"\u003e#7298\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/a4230f5581b3f58b6ff531b6dbac377a4fd7942a\"\u003ea4230f5\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e \u003ca href=\"https://redirect.github.com/axios/axios/issues/7\"\u003e#7\u003c/a\u003e \u003ca href=\"https://redirect.github.com/axios/axios/issues/7298\"\u003e#7298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7334\"\u003e#7334\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/2d6ad5e48bd29b0b2b5e7e95fb473df98301543a\"\u003e2d6ad5e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/ashvin2005\" title=\"+1752/-4 ([#7218](https://github.com/axios/axios/issues/7218) [#7218](https://github.com/axios/axios/issues/7218) )\"\u003eAshvin Tiwari\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/mochinikunj\" title=\"+940/-12 ([#7294](https://github.com/axios/axios/issues/7294) [#7294](https://github.com/axios/axios/issues/7294) )\"\u003eNikunj Mochi\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/imanchalsingh\" title=\"+544/-102 ([#7169](https://github.com/axios/axios/issues/7169) [#7185](https://github.com/axios/axios/issues/7185) )\"\u003eAnchal Singh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/jasonsaayman\" title=\"+317/-73 ([#7334](https://github.com/axios/axios/issues/7334) [#7298](https://github.com/axios/axios/issues/7298) )\"\u003ejasonsaayman\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/brodo\" title=\"+99/-120 ([#5558](https://github.com/axios/axios/issues/5558) )\"\u003eJulian Dax\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/AKASHDHARDUBEY\" title=\"+167/-0 ([#7287](https://github.com/axios/axios/issues/7287) [#7288](https://github.com/axios/axios/issues/7288) )\"\u003eAkash Dhar Dubey\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/madhumitaaa\" title=\"+20/-68 ([#7198](https://github.com/axios/axios/issues/7198) )\"\u003eMadhumita\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Tackoil\" title=\"+80/-2 ([#6269](https://github.com/axios/axios/issues/6269) )\"\u003eTackoil\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/justindhillon\" title=\"+41/-41 ([#6324](https://github.com/axios/axios/issues/6324) [#6315](https://github.com/axios/axios/issues/6315) )\"\u003eJustin Dhillon\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Rudrxxx\" title=\"+71/-2 ([#7257](https://github.com/axios/axios/issues/7257) )\"\u003eRudransh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/WuMingDao\" title=\"+36/-36 ([#7215](https://github.com/axios/axios/issues/7215) )\"\u003eWuMingDao\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/codenomnom\" title=\"+70/-0 ([#7201](https://github.com/axios/axios/issues/7201) [#7201](https://github.com/axios/axios/issues/7201) )\"\u003ecodenomnom\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Nandann018-ux\" title=\"+60/-10 ([#7272](https://github.com/axios/axios/issues/7272) )\"\u003eNandan Acharya\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/KernelDeimos\" title=\"+22/-40 ([#7042](https://github.com/axios/axios/issues/7042) )\"\u003eEric Dubé\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/tiborpilz\" title=\"+40/-4 ([#5551](https://github.com/axios/axios/issues/5551) )\"\u003eTibor Pilz\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/joaoGabriel55\" title=\"+31/-4 ([#6314](https://github.com/axios/axios/issues/6314) )\"\u003eGabriel Quaresma\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/turadg\" title=\"+23/-6 ([#6265](https://github.com/axios/axios/issues/6265) )\"\u003eTuradg Aleahmad\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/46bee3dea75ef53a8eae49f3b7487e6341de6074\"\u003e\u003ccode\u003e46bee3d\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.14.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10563\"\u003e#10563\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/518aff569043116c87ce78e3d83877d5251f2a16\"\u003e\u003ccode\u003e518aff5\u003c/code\u003e\u003c/a\u003e chore: add AI Moderator workflow for spam detection (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10551\"\u003e#10551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b7dfda3e7cf9e85f6063d90334318f82842b42d0\"\u003e\u003ccode\u003eb7dfda3\u003c/code\u003e\u003c/a\u003e chore(sponsor): update sponsor block (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10557\"\u003e#10557\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9aa34d52918c13eaa445d884a24e9e20e71a7a93\"\u003e\u003ccode\u003e9aa34d5\u003c/code\u003e\u003c/a\u003e fix: updated release flow to match the current flows (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10562\"\u003e#10562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e9e5ebe483b3f0cecbb5a4c9fa95a316ea5d0645\"\u003e\u003ccode\u003ee9e5ebe\u003c/code\u003e\u003c/a\u003e Update packages to latest version (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10556\"\u003e#10556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4d8931ca8a92e53c5dcf02cf46d1016a10e60ec0\"\u003e\u003ccode\u003e4d8931c\u003c/code\u003e\u003c/a\u003e fix: formidable dependency vulnerable to arbitrary (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7533\"\u003e#7533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3a6f5c1ae1f9b58198e9f3109896a2c11d017c58\"\u003e\u003ccode\u003e3a6f5c1\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump \u003ccode\u003e@​babel/preset-env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7531\"\u003e#7531\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/bcfd2997dc93b56669dd03b29b83d8a868797937\"\u003e\u003ccode\u003ebcfd299\u003c/code\u003e\u003c/a\u003e fix: bug axios breaks commonjs compatibility main entry (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7532\"\u003e#7532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/d6dcbfd53e9506d9c8c0b1fd09c4d960bea9b9f0\"\u003e\u003ccode\u003ed6dcbfd\u003c/code\u003e\u003c/a\u003e fix: dependabot uses the correct labels (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7530\"\u003e#7530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/5dd7ba78b8960fb29e39b6918ee5cb9a2130f15c\"\u003e\u003ccode\u003e5dd7ba7\u003c/code\u003e\u003c/a\u003e chore: upgrade to latest ts (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7522\"\u003e#7522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.11.0...v1.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 5.2.2 to 5.2.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/indutny/bn.js/blob/master/CHANGELOG.md\"\u003ebn.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.3 / 2026-02-19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ea6c072a951493ca99e5cd5f8da3851b90116271\"\u003e\u003ccode\u003eea6c072\u003c/code\u003e\u003c/a\u003e 5.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/33df26b5771e824f303a79ec6407409376baa64b\"\u003e\u003ccode\u003e33df26b\u003c/code\u003e\u003c/a\u003e fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v5.2.2...v5.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.2 to 1.14.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.14.0\u003c/h2\u003e\n\u003cp\u003eThis release focuses on compatibility fixes, adapter stability improvements, and test/tooling modernisation.\u003c/p\u003e\n\u003ch2\u003e⚠️ Important Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBreaking Changes:\u003c/strong\u003e None identified in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAction Required:\u003c/strong\u003e If you rely on env-based proxy behaviour or CJS resolution edge-cases, validate your integration after upgrade (notably \u003ccode\u003eproxy-from-env\u003c/code\u003e v2 alignment and \u003ccode\u003emain\u003c/code\u003e entry compatibility fix).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRuntime Features:\u003c/strong\u003e No new end-user features were introduced in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTest Coverage Expansion:\u003c/strong\u003e Added broader smoke/module test coverage for CJS and ESM package usage. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7510\"\u003e#7510\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHeaders:\u003c/strong\u003e Trim trailing CRLF in normalised header values. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7456\"\u003e#7456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHTTP/2:\u003c/strong\u003e Close detached HTTP/2 sessions on timeout to avoid lingering sessions. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7457\"\u003e#7457\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFetch Adapter:\u003c/strong\u003e Cancel \u003ccode\u003eReadableStream\u003c/code\u003e created during request-stream capability probing to prevent async resource leaks. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7515\"\u003e#7515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Handling:\u003c/strong\u003e Fixed env proxy behavior with \u003ccode\u003eproxy-from-env\u003c/code\u003e v2 usage. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7499\"\u003e#7499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCommonJS Compatibility:\u003c/strong\u003e Fixed package \u003ccode\u003emain\u003c/code\u003e entry regression affecting CJS consumers. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7532\"\u003e#7532\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eSecurity/Dependencies:\u003c/strong\u003e Updated \u003ccode\u003eformidable\u003c/code\u003e and refreshed package set to newer versions. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7533\"\u003e#7533\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/10556\"\u003e#10556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTooling:\u003c/strong\u003e Continued migration to Vitest and modernised CI/test harnesses. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7484\"\u003e#7484\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7489\"\u003e#7489\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7498\"\u003e#7498\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBuild/Lint Stack:\u003c/strong\u003e Rollup, ESLint, TypeScript, and related dev-dependency updates. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7508\"\u003e#7508\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7509\"\u003e#7509\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7522\"\u003e#7522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Clarified JSON parsing and adapter-related docs/comments. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7398\"\u003e#7398\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7460\"\u003e#7460\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/axios/axios/pull/7478\"\u003e#7478\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve Axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aviu16\"\u003e\u003ccode\u003e@​aviu16\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/...\n\n_Description has been truncated_","html_url":"https://github.com/ringecosystem/degov/pull/610","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ringecosystem%2Fdegov/issues/610","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/610/packages"}},{"old_version":"7.2.4","new_version":"8.8.5","update_type":"major","path":null,"pr_created_at":"2026-03-26T23:23:16.000Z","version_change":"7.2.4 → 8.8.5","issue":{"uuid":"4147965589","node_id":"PR_kwDORrmcVc7N4x3P","number":18,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 9 directories with 6 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-26T23:23:16.000Z","updated_at":"2026-03-26T23:24:24.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":6,"packages":[{"name":"picomatch","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/micromatch/picomatch"},{"name":"esbuild","old_version":"0.21.5","new_version":"0.27.4","repository_url":"https://github.com/evanw/esbuild"},{"name":"esbuild","old_version":"0.14.54","new_version":"0.27.4","repository_url":"https://github.com/evanw/esbuild"},{"name":"zx","old_version":"7.2.4","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"esbuild","old_version":"0.14.54","new_version":"0.27.4","repository_url":"https://github.com/evanw/esbuild"},{"name":"ws","old_version":"8.13.0","new_version":"8.17.1","repository_url":"https://github.com/websockets/ws"},{"name":"esbuild","old_version":"0.19.12","new_version":"0.27.4","repository_url":"https://github.com/evanw/esbuild"},{"name":"esbuild","old_version":"0.17.19","new_version":"0.27.4","repository_url":"https://github.com/evanw/esbuild"},{"name":"octokit","old_version":"2.1.0","new_version":"5.0.5","repository_url":"https://github.com/octokit/octokit.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /docs directory: [picomatch](https://github.com/micromatch/picomatch).\nBumps the npm_and_yarn group with 1 update in the /packages/bun directory: [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 2 updates in the /packages/bun/bench directory: [esbuild](https://github.com/evanw/esbuild) and [zx](https://github.com/google/zx).\nBumps the npm_and_yarn group with 1 update in the /packages/bun/bench/scanner directory: [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 1 update in the /packages/bun/bench/websocket-server directory: [ws](https://github.com/websockets/ws).\nBumps the npm_and_yarn group with 1 update in the /packages/bun/packages/bun-inspector-frontend directory: [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 2 updates in the /packages/bun/packages/bun-release directory: [esbuild](https://github.com/evanw/esbuild) and [octokit](https://github.com/octokit/octokit.js).\nBumps the npm_and_yarn group with 1 update in the /packages/bun/packages/bun-vscode directory: [esbuild](https://github.com/evanw/esbuild).\nBumps the npm_and_yarn group with 1 update in the /packages/bun/packages/bun-vscode/example directory: [elysia](https://github.com/elysiajs/elysia).\n\nUpdates `picomatch` from 4.0.3 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.0.4\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ehttps://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e5474fc1a4d7991870058170407dda8a42be5334\"\u003e\u003ccode\u003ee5474fc\u003c/code\u003e\u003c/a\u003e Publish 4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903\"\u003e\u003ccode\u003e4516eb5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d\"\u003e\u003ccode\u003e5eceecd\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/0db7dd70651ca7c8265601c0442a996ed32e3238\"\u003e\u003ccode\u003e0db7dd7\u003c/code\u003e\u003c/a\u003e Run benchmark again against latest minimatch version (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/161\"\u003e#161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/95003777eb1c60dec09495a8231fa2ba4054d76a\"\u003e\u003ccode\u003e9500377\u003c/code\u003e\u003c/a\u003e docs: clarify what brace expansion syntax is and isn't supported (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/2661f23eca86c8b4a2b14815b9b2b3b74bd5a171\"\u003e\u003ccode\u003e2661f23\u003c/code\u003e\u003c/a\u003e fix typo in globstars.js test name (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/138\"\u003e#138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/1798b07e9df59500b9cf567294d44d559032f4c7\"\u003e\u003ccode\u003e1798b07\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003emakeRe\u003c/code\u003e example (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/9d76bc57a03b7f57cc4ca516c8071daf632bafd8\"\u003e\u003ccode\u003e9d76bc5\u003c/code\u003e\u003c/a\u003e chore: undocument removed options (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e4d718bbfb47e4f030ab2612b5b04a9297fe272d\"\u003e\u003ccode\u003ee4d718b\u003c/code\u003e\u003c/a\u003e Remove unused time-require (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/38dffeb16221cc8eb8981524fb6895dd2aaaba76\"\u003e\u003ccode\u003e38dffeb\u003c/code\u003e\u003c/a\u003e chore(deps): pin dependencies (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/158\"\u003e#158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.21.5 to 0.27.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.27.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix a regression with CSS media queries (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eVersion 0.25.11 of esbuild introduced support for parsing media queries. This unintentionally introduced a regression with printing media queries that use the \u003ccode\u003e\u0026lt;media-type\u0026gt; and \u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e grammar. Specifically, esbuild was failing to wrap an \u003ccode\u003eor\u003c/code\u003e clause with parentheses when inside \u003ccode\u003e\u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e. This release fixes the regression.\u003c/p\u003e\n\u003cp\u003eHere is an example:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\n@media only screen and ((min-width: 10px) or (min-height: 10px)) {\n  a { color: red }\n}\n\u003cp\u003e/* Old output (incorrect) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and (min-width: 10px) or (min-height: 10px) {\na {\ncolor: red;\n}\n}\u003c/p\u003e\n\u003cp\u003e/* New output (correct) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and ((min-width: 10px) or (min-height: 10px)) {\na {\ncolor: red;\n}\n}\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix an edge case with the \u003ccode\u003einject\u003c/code\u003e feature (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes an edge case where esbuild's \u003ccode\u003einject\u003c/code\u003e feature could not be used with arbitrary module namespace names exported using an \u003ccode\u003eexport {} from\u003c/code\u003e statement with bundling disabled and a target environment where arbitrary module namespace names is unsupported.\u003c/p\u003e\n\u003cp\u003eWith the fix, the following \u003ccode\u003einject\u003c/code\u003e file:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport jquery from 'jquery';\nexport { jquery as 'window.jQuery' };\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eCan now always be rewritten as this without esbuild sometimes incorrectly generating an error:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eexport { default as 'window.jQuery' } from 'jquery';\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAttempt to improve API handling of huge metafiles (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release contains a few changes that attempt to improve the behavior of esbuild's JavaScript API with huge metafiles (esbuild's name for the build metadata, formatted as a JSON object). The JavaScript API is designed to return the metafile JSON as a JavaScript object in memory, which makes it easy to access from within a JavaScript-based plugin. Multiple people have encountered issues where this API breaks down with a pathologically-large metafile.\u003c/p\u003e\n\u003cp\u003eThe primary issue is that V8 has an implementation-specific maximum string length, so using the \u003ccode\u003eJSON.parse\u003c/code\u003e API with large enough strings is impossible. This release will now attempt to use a fallback JavaScript-based JSON parser that operates directly on the UTF8-encoded JSON bytes instead of using \u003ccode\u003eJSON.parse\u003c/code\u003e when the JSON metafile is too big to fit in a JavaScript string. The new fallback path has not yet been heavily-tested. The metafile will also now be generated with whitespace removed if the bundle is significantly large, which will reduce the size of the metafile JSON slightly.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2024\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2024 (versions 0.19.12 through 0.24.2).\u003c/p\u003e\n\u003ch2\u003e0.24.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix regression with \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003eimport.meta\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4010\"\u003e#4010\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4012\"\u003e#4012\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4013\"\u003e#4013\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous change in version 0.24.1 to use a more expression-like parser for \u003ccode\u003edefine\u003c/code\u003e values to allow quoted property names introduced a regression that removed the ability to use \u003ccode\u003e--define:import.meta=...\u003c/code\u003e. Even though \u003ccode\u003eimport\u003c/code\u003e is normally a keyword that can't be used as an identifier, ES modules special-case the \u003ccode\u003eimport.meta\u003c/code\u003e expression to behave like an identifier anyway. This change fixes the regression.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/sapphi-red\"\u003e\u003ccode\u003e@​sapphi-red\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.24.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow \u003ccode\u003ees2024\u003c/code\u003e as a target in \u003ccode\u003etsconfig.json\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4004\"\u003e#4004\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eTypeScript recently \u003ca href=\"https://devblogs.microsoft.com/typescript/announcing-typescript-5-7/#support-for---target-es2024-and---lib-es2024\"\u003eadded \u003ccode\u003ees2024\u003c/code\u003e\u003c/a\u003e as a compilation target, so esbuild now supports this in the \u003ccode\u003etarget\u003c/code\u003e field of \u003ccode\u003etsconfig.json\u003c/code\u003e files, such as in the following configuration file:\u003c/p\u003e\n\u003cpre lang=\"json\"\u003e\u003ccode\u003e{\n  \u0026quot;compilerOptions\u0026quot;: {\n    \u0026quot;target\u0026quot;: \u0026quot;ES2024\u0026quot;\n  }\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAs a reminder, the only thing that esbuild uses this field for is determining whether or not to use legacy TypeScript behavior for class fields. You can read more in \u003ca href=\"https://esbuild.github.io/content-types/#tsconfig-json\"\u003ethe documentation\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/billyjanitsch\"\u003e\u003ccode\u003e@​billyjanitsch\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow automatic semicolon insertion after \u003ccode\u003eget\u003c/code\u003e/\u003ccode\u003eset\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eThis change fixes a grammar bug in the parser that incorrectly treated the following code as a syntax error:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003eclass Foo {\n  get\n  *x() {}\n  set\n  *y() {}\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThe above code will be considered valid starting with this release. This change to esbuild follows a \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/pull/60225\"\u003esimilar change to TypeScript\u003c/a\u003e which will allow this syntax starting with TypeScript 5.7.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow quoted property names in \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4008\"\u003e#4008\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe \u003ccode\u003edefine\u003c/code\u003e and \u003ccode\u003epure\u003c/code\u003e API options now accept identifier expressions containing quoted property names. Previously all identifiers in the identifier expression had to be bare identifiers. This change now makes \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e consistent with \u003ccode\u003e--global-name\u003c/code\u003e, which already supported quoted property names. For example, the following is now possible:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f9c9012cdb05135873722184b01f078ea7de8d98\"\u003e\u003ccode\u003ef9c9012\u003c/code\u003e\u003c/a\u003e publish 0.27.4 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/207dbc761ea95a81a8b32cc7f9fae46361faaed7\"\u003e\u003ccode\u003e207dbc7\u003c/code\u003e\u003c/a\u003e js api: fall back to js-based metafile json parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1ca56dc65155b0d887904c683cd43f7618ae621e\"\u003e\u003ccode\u003e1ca56dc\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e: auto-minify metafile for large bundles\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e3823aa485d3cd3f6c11718e4c124b54ebc425e5\"\u003e\u003ccode\u003ee3823aa\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e: add uint cast to stdio int parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/d50e88c00aaa424712eddda2f28aae299db4e0de\"\u003e\u003ccode\u003ed50e88c\u003c/code\u003e\u003c/a\u003e chore: correct copy\u0026amp;paste panic message (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4399\"\u003e#4399\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/8b829b1bdfeb2b11aa16a643b5bfee108066cab0\"\u003e\u003ccode\u003e8b829b1\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e: incorrect error for inject edge case\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/4384badefe3a07b80b3f3eba832c17d0c806dd4c\"\u003e\u003ccode\u003e4384bad\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e: parens for \u003ccode\u003eor\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9129e00e6c36a3e374820cb5e3fc2cd319c8ab85\"\u003e\u003ccode\u003e9129e00\u003c/code\u003e\u003c/a\u003e publish 0.27.3 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e20e4115acda9c9f052fdd1ec8d7d5c5489e837b\"\u003e\u003ccode\u003ee20e411\u003c/code\u003e\u003c/a\u003e small fix to release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0dc0f2dee556460bd7b81d5bbbae5a2f86449ab6\"\u003e\u003ccode\u003e0dc0f2d\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4322\"\u003e#4322\u003c/a\u003e: parse and print CSS \u003ccode\u003e@scope\u003c/code\u003e rules\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.21.5...v0.27.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for esbuild since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.14.54 to 0.27.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.27.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix a regression with CSS media queries (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eVersion 0.25.11 of esbuild introduced support for parsing media queries. This unintentionally introduced a regression with printing media queries that use the \u003ccode\u003e\u0026lt;media-type\u0026gt; and \u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e grammar. Specifically, esbuild was failing to wrap an \u003ccode\u003eor\u003c/code\u003e clause with parentheses when inside \u003ccode\u003e\u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e. This release fixes the regression.\u003c/p\u003e\n\u003cp\u003eHere is an example:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\n@media only screen and ((min-width: 10px) or (min-height: 10px)) {\n  a { color: red }\n}\n\u003cp\u003e/* Old output (incorrect) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and (min-width: 10px) or (min-height: 10px) {\na {\ncolor: red;\n}\n}\u003c/p\u003e\n\u003cp\u003e/* New output (correct) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and ((min-width: 10px) or (min-height: 10px)) {\na {\ncolor: red;\n}\n}\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix an edge case with the \u003ccode\u003einject\u003c/code\u003e feature (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes an edge case where esbuild's \u003ccode\u003einject\u003c/code\u003e feature could not be used with arbitrary module namespace names exported using an \u003ccode\u003eexport {} from\u003c/code\u003e statement with bundling disabled and a target environment where arbitrary module namespace names is unsupported.\u003c/p\u003e\n\u003cp\u003eWith the fix, the following \u003ccode\u003einject\u003c/code\u003e file:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport jquery from 'jquery';\nexport { jquery as 'window.jQuery' };\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eCan now always be rewritten as this without esbuild sometimes incorrectly generating an error:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eexport { default as 'window.jQuery' } from 'jquery';\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAttempt to improve API handling of huge metafiles (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release contains a few changes that attempt to improve the behavior of esbuild's JavaScript API with huge metafiles (esbuild's name for the build metadata, formatted as a JSON object). The JavaScript API is designed to return the metafile JSON as a JavaScript object in memory, which makes it easy to access from within a JavaScript-based plugin. Multiple people have encountered issues where this API breaks down with a pathologically-large metafile.\u003c/p\u003e\n\u003cp\u003eThe primary issue is that V8 has an implementation-specific maximum string length, so using the \u003ccode\u003eJSON.parse\u003c/code\u003e API with large enough strings is impossible. This release will now attempt to use a fallback JavaScript-based JSON parser that operates directly on the UTF8-encoded JSON bytes instead of using \u003ccode\u003eJSON.parse\u003c/code\u003e when the JSON metafile is too big to fit in a JavaScript string. The new fallback path has not yet been heavily-tested. The metafile will also now be generated with whitespace removed if the bundle is significantly large, which will reduce the size of the metafile JSON slightly.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2024\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2024 (versions 0.19.12 through 0.24.2).\u003c/p\u003e\n\u003ch2\u003e0.24.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix regression with \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003eimport.meta\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4010\"\u003e#4010\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4012\"\u003e#4012\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4013\"\u003e#4013\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous change in version 0.24.1 to use a more expression-like parser for \u003ccode\u003edefine\u003c/code\u003e values to allow quoted property names introduced a regression that removed the ability to use \u003ccode\u003e--define:import.meta=...\u003c/code\u003e. Even though \u003ccode\u003eimport\u003c/code\u003e is normally a keyword that can't be used as an identifier, ES modules special-case the \u003ccode\u003eimport.meta\u003c/code\u003e expression to behave like an identifier anyway. This change fixes the regression.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/sapphi-red\"\u003e\u003ccode\u003e@​sapphi-red\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.24.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow \u003ccode\u003ees2024\u003c/code\u003e as a target in \u003ccode\u003etsconfig.json\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4004\"\u003e#4004\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eTypeScript recently \u003ca href=\"https://devblogs.microsoft.com/typescript/announcing-typescript-5-7/#support-for---target-es2024-and---lib-es2024\"\u003eadded \u003ccode\u003ees2024\u003c/code\u003e\u003c/a\u003e as a compilation target, so esbuild now supports this in the \u003ccode\u003etarget\u003c/code\u003e field of \u003ccode\u003etsconfig.json\u003c/code\u003e files, such as in the following configuration file:\u003c/p\u003e\n\u003cpre lang=\"json\"\u003e\u003ccode\u003e{\n  \u0026quot;compilerOptions\u0026quot;: {\n    \u0026quot;target\u0026quot;: \u0026quot;ES2024\u0026quot;\n  }\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAs a reminder, the only thing that esbuild uses this field for is determining whether or not to use legacy TypeScript behavior for class fields. You can read more in \u003ca href=\"https://esbuild.github.io/content-types/#tsconfig-json\"\u003ethe documentation\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/billyjanitsch\"\u003e\u003ccode\u003e@​billyjanitsch\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow automatic semicolon insertion after \u003ccode\u003eget\u003c/code\u003e/\u003ccode\u003eset\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eThis change fixes a grammar bug in the parser that incorrectly treated the following code as a syntax error:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003eclass Foo {\n  get\n  *x() {}\n  set\n  *y() {}\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThe above code will be considered valid starting with this release. This change to esbuild follows a \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/pull/60225\"\u003esimilar change to TypeScript\u003c/a\u003e which will allow this syntax starting with TypeScript 5.7.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow quoted property names in \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4008\"\u003e#4008\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe \u003ccode\u003edefine\u003c/code\u003e and \u003ccode\u003epure\u003c/code\u003e API options now accept identifier expressions containing quoted property names. Previously all identifiers in the identifier expression had to be bare identifiers. This change now makes \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e consistent with \u003ccode\u003e--global-name\u003c/code\u003e, which already supported quoted property names. For example, the following is now possible:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f9c9012cdb05135873722184b01f078ea7de8d98\"\u003e\u003ccode\u003ef9c9012\u003c/code\u003e\u003c/a\u003e publish 0.27.4 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/207dbc761ea95a81a8b32cc7f9fae46361faaed7\"\u003e\u003ccode\u003e207dbc7\u003c/code\u003e\u003c/a\u003e js api: fall back to js-based metafile json parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1ca56dc65155b0d887904c683cd43f7618ae621e\"\u003e\u003ccode\u003e1ca56dc\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e: auto-minify metafile for large bundles\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e3823aa485d3cd3f6c11718e4c124b54ebc425e5\"\u003e\u003ccode\u003ee3823aa\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e: add uint cast to stdio int parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/d50e88c00aaa424712eddda2f28aae299db4e0de\"\u003e\u003ccode\u003ed50e88c\u003c/code\u003e\u003c/a\u003e chore: correct copy\u0026amp;paste panic message (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4399\"\u003e#4399\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/8b829b1bdfeb2b11aa16a643b5bfee108066cab0\"\u003e\u003ccode\u003e8b829b1\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e: incorrect error for inject edge case\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/4384badefe3a07b80b3f3eba832c17d0c806dd4c\"\u003e\u003ccode\u003e4384bad\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e: parens for \u003ccode\u003eor\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9129e00e6c36a3e374820cb5e3fc2cd319c8ab85\"\u003e\u003ccode\u003e9129e00\u003c/code\u003e\u003c/a\u003e publish 0.27.3 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e20e4115acda9c9f052fdd1ec8d7d5c5489e837b\"\u003e\u003ccode\u003ee20e411\u003c/code\u003e\u003c/a\u003e small fix to release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0dc0f2dee556460bd7b81d5bbbae5a2f86449ab6\"\u003e\u003ccode\u003e0dc0f2d\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4322\"\u003e#4322\u003c/a\u003e: parse and print CSS \u003ccode\u003e@scope\u003c/code\u003e rules\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.21.5...v0.27.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for esbuild since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 7.2.4 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/7.2.4...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.14.54 to 0.27.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.27.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix a regression with CSS media queries (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eVersion 0.25.11 of esbuild introduced support for parsing media queries. This unintentionally introduced a regression with printing media queries that use the \u003ccode\u003e\u0026lt;media-type\u0026gt; and \u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e grammar. Specifically, esbuild was failing to wrap an \u003ccode\u003eor\u003c/code\u003e clause with parentheses when inside \u003ccode\u003e\u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e. This release fixes the regression.\u003c/p\u003e\n\u003cp\u003eHere is an example:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\n@media only screen and ((min-width: 10px) or (min-height: 10px)) {\n  a { color: red }\n}\n\u003cp\u003e/* Old output (incorrect) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and (min-width: 10px) or (min-height: 10px) {\na {\ncolor: red;\n}\n}\u003c/p\u003e\n\u003cp\u003e/* New output (correct) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and ((min-width: 10px) or (min-height: 10px)) {\na {\ncolor: red;\n}\n}\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix an edge case with the \u003ccode\u003einject\u003c/code\u003e feature (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes an edge case where esbuild's \u003ccode\u003einject\u003c/code\u003e feature could not be used with arbitrary module namespace names exported using an \u003ccode\u003eexport {} from\u003c/code\u003e statement with bundling disabled and a target environment where arbitrary module namespace names is unsupported.\u003c/p\u003e\n\u003cp\u003eWith the fix, the following \u003ccode\u003einject\u003c/code\u003e file:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport jquery from 'jquery';\nexport { jquery as 'window.jQuery' };\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eCan now always be rewritten as this without esbuild sometimes incorrectly generating an error:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eexport { default as 'window.jQuery' } from 'jquery';\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAttempt to improve API handling of huge metafiles (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release contains a few changes that attempt to improve the behavior of esbuild's JavaScript API with huge metafiles (esbuild's name for the build metadata, formatted as a JSON object). The JavaScript API is designed to return the metafile JSON as a JavaScript object in memory, which makes it easy to access from within a JavaScript-based plugin. Multiple people have encountered issues where this API breaks down with a pathologically-large metafile.\u003c/p\u003e\n\u003cp\u003eThe primary issue is that V8 has an implementation-specific maximum string length, so using the \u003ccode\u003eJSON.parse\u003c/code\u003e API with large enough strings is impossible. This release will now attempt to use a fallback JavaScript-based JSON parser that operates directly on the UTF8-encoded JSON bytes instead of using \u003ccode\u003eJSON.parse\u003c/code\u003e when the JSON metafile is too big to fit in a JavaScript string. The new fallback path has not yet been heavily-tested. The metafile will also now be generated with whitespace removed if the bundle is significantly large, which will reduce the size of the metafile JSON slightly.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2024\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2024 (versions 0.19.12 through 0.24.2).\u003c/p\u003e\n\u003ch2\u003e0.24.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix regression with \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003eimport.meta\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4010\"\u003e#4010\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4012\"\u003e#4012\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4013\"\u003e#4013\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous change in version 0.24.1 to use a more expression-like parser for \u003ccode\u003edefine\u003c/code\u003e values to allow quoted property names introduced a regression that removed the ability to use \u003ccode\u003e--define:import.meta=...\u003c/code\u003e. Even though \u003ccode\u003eimport\u003c/code\u003e is normally a keyword that can't be used as an identifier, ES modules special-case the \u003ccode\u003eimport.meta\u003c/code\u003e expression to behave like an identifier anyway. This change fixes the regression.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/sapphi-red\"\u003e\u003ccode\u003e@​sapphi-red\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.24.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow \u003ccode\u003ees2024\u003c/code\u003e as a target in \u003ccode\u003etsconfig.json\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4004\"\u003e#4004\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eTypeScript recently \u003ca href=\"https://devblogs.microsoft.com/typescript/announcing-typescript-5-7/#support-for---target-es2024-and---lib-es2024\"\u003eadded \u003ccode\u003ees2024\u003c/code\u003e\u003c/a\u003e as a compilation target, so esbuild now supports this in the \u003ccode\u003etarget\u003c/code\u003e field of \u003ccode\u003etsconfig.json\u003c/code\u003e files, such as in the following configuration file:\u003c/p\u003e\n\u003cpre lang=\"json\"\u003e\u003ccode\u003e{\n  \u0026quot;compilerOptions\u0026quot;: {\n    \u0026quot;target\u0026quot;: \u0026quot;ES2024\u0026quot;\n  }\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAs a reminder, the only thing that esbuild uses this field for is determining whether or not to use legacy TypeScript behavior for class fields. You can read more in \u003ca href=\"https://esbuild.github.io/content-types/#tsconfig-json\"\u003ethe documentation\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/billyjanitsch\"\u003e\u003ccode\u003e@​billyjanitsch\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow automatic semicolon insertion after \u003ccode\u003eget\u003c/code\u003e/\u003ccode\u003eset\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eThis change fixes a grammar bug in the parser that incorrectly treated the following code as a syntax error:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003eclass Foo {\n  get\n  *x() {}\n  set\n  *y() {}\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThe above code will be considered valid starting with this release. This change to esbuild follows a \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/pull/60225\"\u003esimilar change to TypeScript\u003c/a\u003e which will allow this syntax starting with TypeScript 5.7.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow quoted property names in \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4008\"\u003e#4008\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe \u003ccode\u003edefine\u003c/code\u003e and \u003ccode\u003epure\u003c/code\u003e API options now accept identifier expressions containing quoted property names. Previously all identifiers in the identifier expression had to be bare identifiers. This change now makes \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e consistent with \u003ccode\u003e--global-name\u003c/code\u003e, which already supported quoted property names. For example, the following is now possible:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f9c9012cdb05135873722184b01f078ea7de8d98\"\u003e\u003ccode\u003ef9c9012\u003c/code\u003e\u003c/a\u003e publish 0.27.4 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/207dbc761ea95a81a8b32cc7f9fae46361faaed7\"\u003e\u003ccode\u003e207dbc7\u003c/code\u003e\u003c/a\u003e js api: fall back to js-based metafile json parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1ca56dc65155b0d887904c683cd43f7618ae621e\"\u003e\u003ccode\u003e1ca56dc\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e: auto-minify metafile for large bundles\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e3823aa485d3cd3f6c11718e4c124b54ebc425e5\"\u003e\u003ccode\u003ee3823aa\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e: add uint cast to stdio int parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/d50e88c00aaa424712eddda2f28aae299db4e0de\"\u003e\u003ccode\u003ed50e88c\u003c/code\u003e\u003c/a\u003e chore: correct copy\u0026amp;paste panic message (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4399\"\u003e#4399\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/8b829b1bdfeb2b11aa16a643b5bfee108066cab0\"\u003e\u003ccode\u003e8b829b1\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e: incorrect error for inject edge case\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/4384badefe3a07b80b3f3eba832c17d0c806dd4c\"\u003e\u003ccode\u003e4384bad\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e: parens for \u003ccode\u003eor\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9129e00e6c36a3e374820cb5e3fc2cd319c8ab85\"\u003e\u003ccode\u003e9129e00\u003c/code\u003e\u003c/a\u003e publish 0.27.3 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e20e4115acda9c9f052fdd1ec8d7d5c5489e837b\"\u003e\u003ccode\u003ee20e411\u003c/code\u003e\u003c/a\u003e small fix to release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0dc0f2dee556460bd7b81d5bbbae5a2f86449ab6\"\u003e\u003ccode\u003e0dc0f2d\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4322\"\u003e#4322\u003c/a\u003e: parse and print CSS \u003ccode\u003e@scope\u003c/code\u003e rules\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.21.5...v0.27.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for esbuild since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.13.0 to 8.17.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.17.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a DoS vulnerability (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2231\"\u003e#2231\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eA request with a number of headers exceeding the[\u003ccode\u003eserver.maxHeadersCount\u003c/code\u003e][]\nthreshold could be used to crash a ws server.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003econst http = require('http');\r\nconst WebSocket = require('ws');\r\n\u003cp\u003econst wss = new WebSocket.Server({ port: 0 }, function () {\nconst chars = \u0026quot;!#$%\u0026amp;'*+-.0123456789abcdefghijklmnopqrstuvwxyz^_`|~\u0026quot;.split('');\nconst headers = {};\nlet count = 0;\u003c/p\u003e\n\u003cp\u003efor (let i = 0; i \u0026lt; chars.length; i++) {\nif (count === 2000) break;\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003efor (let j = 0; j \u0026amp;lt; chars.length; j++) {\r\n  const key = chars[i] + chars[j];\r\n  headers[key] = 'x';\r\n\r\n  if (++count === 2000) break;\r\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\u003c/p\u003e\n\u003cp\u003eheaders.Connection = 'Upgrade';\nheaders.Upgrade = 'websocket';\nheaders['Sec-WebSocket-Key'] = 'dGhlIHNhbXBsZSBub25jZQ==';\nheaders['Sec-WebSocket-Version'] = '13';\u003c/p\u003e\n\u003cp\u003econst request = http.request({\nheaders: headers,\nhost: '127.0.0.1',\nport: wss.address().port\n});\u003c/p\u003e\n\u003cp\u003erequest.end();\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe vulnerability was reported by \u003ca href=\"https://github.com/rrlapointe\"\u003eRyan LaPointe\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/websockets/ws/issues/2230\"\u003ewebsockets/ws#2230\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIn vulnerable versions of ws, the issue can be mitigated in the following ways:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eReduce the maximum allowed length of the request headers using the\n[\u003ccode\u003e--max-http-header-size=size\u003c/code\u003e][] and/or the [\u003ccode\u003emaxHeaderSize\u003c/code\u003e][] options so\nthat no more headers than the \u003ccode\u003eserver.maxHeadersCount\u003c/code\u003e limit can be sent.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3c56601092872f7d7566989f0e379271afd0e4a1\"\u003e\u003ccode\u003e3c56601\u003c/code\u003e\u003c/a\u003e [dist] 8.17.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/e55e5106f10fcbaac37cfa89759e4cc0d073a52c\"\u003e\u003ccode\u003ee55e510\u003c/code\u003e\u003c/a\u003e [security] Fix crash when the Upgrade header cannot be read (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2231\"\u003e#2231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/6a00029edd924499f892aed8003cef1fa724cfe5\"\u003e\u003ccode\u003e6a00029\u003c/code\u003e\u003c/a\u003e [test] Increase code coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ddfe4a804d79e7788ab136290e609f91cf68423f\"\u003e\u003ccode\u003eddfe4a8\u003c/code\u003e\u003c/a\u003e [perf] Reduce the amount of \u003ccode\u003ecrypto.randomFillSync()\u003c/code\u003e calls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/b73b11828d166e9692a9bffe9c01a7e93bab04a8\"\u003e\u003ccode\u003eb73b118\u003c/code\u003e\u003c/a\u003e [dist] 8.17.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/29694a5905fa703e86667928e6bacac397469471\"\u003e\u003ccode\u003e29694a5\u003c/code\u003e\u003c/a\u003e [test] Use the \u003ccode\u003ehighWaterMark\u003c/code\u003e variable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/934c9d6b938b93c045cb13e5f7c19c27a8dd925a\"\u003e\u003ccode\u003e934c9d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/1817bac06e1204bfb578b8b3f4bafd0fa09623d0\"\u003e\u003ccode\u003e1817bac\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/96c9b3deddf56cacb2d756aaa918071e03cdbc42\"\u003e\u003ccode\u003e96c9b3d\u003c/code\u003e\u003c/a\u003e [major] Flip the default value of \u003ccode\u003eallowSynchronousEvents\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2221\"\u003e#2221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/e5f32c7e1e6d3d19cd4a1fdec84890e154db30c1\"\u003e\u003ccode\u003ee5f32c7\u003c/code\u003e\u003c/a\u003e [fix] Emit at most one event per event loop iteration (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2218\"\u003e#2218\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.13.0...8.17.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.19.12 to 0.27.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.27.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix a regression with CSS media queries (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eVersion 0.25.11 of esbuild introduced support for parsing media queries. This unintentionally introduced a regression with printing media queries that use the \u003ccode\u003e\u0026lt;media-type\u0026gt; and \u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e grammar. Specifically, esbuild was failing to wrap an \u003ccode\u003eor\u003c/code\u003e clause with parentheses when inside \u003ccode\u003e\u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e. This release fixes the regression.\u003c/p\u003e\n\u003cp\u003eHere is an example:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\n@media only screen and ((min-width: 10px) or (min-height: 10px)) {\n  a { color: red }\n}\n\u003cp\u003e/* Old output (incorrect) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and (min-width: 10px) or (min-height: 10px) {\na {\ncolor: red;\n}\n}\u003c/p\u003e\n\u003cp\u003e/* New output (correct) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and ((min-width: 10px) or (min-height: 10px)) {\na {\ncolor: red;\n}\n}\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix an edge case with the \u003ccode\u003einject\u003c/code\u003e feature (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes an edge case where esbuild's \u003ccode\u003einject\u003c/code\u003e feature could not be used with arbitrary module namespace names exported using an \u003ccode\u003eexport {} from\u003c/code\u003e statement with bundling disabled and a target environment where arbitrary module namespace names is unsupported.\u003c/p\u003e\n\u003cp\u003eWith the fix, the following \u003ccode\u003einject\u003c/code\u003e file:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport jquery from 'jquery';\nexport { jquery as 'window.jQuery' };\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eCan now always be rewritten as this without esbuild sometimes incorrectly generating an error:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eexport { default as 'window.jQuery' } from 'jquery';\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAttempt to improve API handling of huge metafiles (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release contains a few changes that attempt to improve the behavior of esbuild's JavaScript API with huge metafiles (esbuild's name for the build metadata, formatted as a JSON object). The JavaScript API is designed to return the metafile JSON as a JavaScript object in memory, which makes it easy to access from within a JavaScript-based plugin. Multiple people have encountered issues where this API breaks down with a pathologically-large metafile.\u003c/p\u003e\n\u003cp\u003eThe primary issue is that V8 has an implementation-specific maximum string length, so using the \u003ccode\u003eJSON.parse\u003c/code\u003e API with large enough strings is impossible. This release will now attempt to use a fallback JavaScript-based JSON parser that operates directly on the UTF8-encoded JSON bytes instead of using \u003ccode\u003eJSON.parse\u003c/code\u003e when the JSON metafile is too big to fit in a JavaScript string. The new fallback path has not yet been heavily-tested. The metafile will also now be generated with whitespace removed if the bundle is significantly large, which will reduce the size of the metafile JSON slightly.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2024\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2024 (versions 0.19.12 through 0.24.2).\u003c/p\u003e\n\u003ch2\u003e0.24.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix regression with \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003eimport.meta\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4010\"\u003e#4010\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4012\"\u003e#4012\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4013\"\u003e#4013\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous change in version 0.24.1 to use a more expression-like parser for \u003ccode\u003edefine\u003c/code\u003e values to allow quoted property names introduced a regression that removed the ability to use \u003ccode\u003e--define:import.meta=...\u003c/code\u003e. Even though \u003ccode\u003eimport\u003c/code\u003e is normally a keyword that can't be used as an identifier, ES modules special-case the \u003ccode\u003eimport.meta\u003c/code\u003e expression to behave like an identifier anyway. This change fixes the regression.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/sapphi-red\"\u003e\u003ccode\u003e@​sapphi-red\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.24.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow \u003ccode\u003ees2024\u003c/code\u003e as a target in \u003ccode\u003etsconfig.json\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4004\"\u003e#4004\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eTypeScript recently \u003ca href=\"https://devblogs.microsoft.com/typescript/announcing-typescript-5-7/#support-for---target-es2024-and---lib-es2024\"\u003eadded \u003ccode\u003ees2024\u003c/code\u003e\u003c/a\u003e as a compilation target, so esbuild now supports this in the \u003ccode\u003etarget\u003c/code\u003e field of \u003ccode\u003etsconfig.json\u003c/code\u003e files, such as in the following configuration file:\u003c/p\u003e\n\u003cpre lang=\"json\"\u003e\u003ccode\u003e{\n  \u0026quot;compilerOptions\u0026quot;: {\n    \u0026quot;target\u0026quot;: \u0026quot;ES2024\u0026quot;\n  }\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAs a reminder, the only thing that esbuild uses this field for is determining whether or not to use legacy TypeScript behavior for class fields. You can read more in \u003ca href=\"https://esbuild.github.io/content-types/#tsconfig-json\"\u003ethe documentation\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/billyjanitsch\"\u003e\u003ccode\u003e@​billyjanitsch\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow automatic semicolon insertion after \u003ccode\u003eget\u003c/code\u003e/\u003ccode\u003eset\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eThis change fixes a grammar bug in the parser that incorrectly treated the following code as a syntax error:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003eclass Foo {\n  get\n  *x() {}\n  set\n  *y() {}\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThe above code will be considered valid starting with this release. This change to esbuild follows a \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/pull/60225\"\u003esimilar change to TypeScript\u003c/a\u003e which will allow this syntax starting with TypeScript 5.7.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow quoted property names in \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4008\"\u003e#4008\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe \u003ccode\u003edefine\u003c/code\u003e and \u003ccode\u003epure\u003c/code\u003e API options now accept identifier expressions containing quoted property names. Previously all identifiers in the identifier expression had to be bare identifiers. This change now makes \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e consistent with \u003ccode\u003e--global-name\u003c/code\u003e, which already supported quoted property names. For example, the following is now possible:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f9c9012cdb05135873722184b01f078ea7de8d98\"\u003e\u003ccode\u003ef9c9012\u003c/code\u003e\u003c/a\u003e publish 0.27.4 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/207dbc761ea95a81a8b32cc7f9fae46361faaed7\"\u003e\u003ccode\u003e207dbc7\u003c/code\u003e\u003c/a\u003e js api: fall back to js-based metafile json parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1ca56dc65155b0d887904c683cd43f7618ae621e\"\u003e\u003ccode\u003e1ca56dc\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e: auto-minify metafile for large bundles\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e3823aa485d3cd3f6c11718e4c124b54ebc425e5\"\u003e\u003ccode\u003ee3823aa\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e: add uint cast to stdio int parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/d50e88c00aaa424712eddda2f28aae299db4e0de\"\u003e\u003ccode\u003ed50e88c\u003c/code\u003e\u003c/a\u003e chore: correct copy\u0026amp;paste panic message (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4399\"\u003e#4399\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/8b829b1bdfeb2b11aa16a643b5bfee108066cab0\"\u003e\u003ccode\u003e8b829b1\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e: incorrect error for inject edge case\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/4384badefe3a07b80b3f3eba832c17d0c806dd4c\"\u003e\u003ccode\u003e4384bad\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e: parens for \u003ccode\u003eor\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9129e00e6c36a3e374820cb5e3fc2cd319c8ab85\"\u003e\u003ccode\u003e9129e00\u003c/code\u003e\u003c/a\u003e publish 0.27.3 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e20e4115acda9c9f052fdd1ec8d7d5c5489e837b\"\u003e\u003ccode\u003ee20e411\u003c/code\u003e\u003c/a\u003e small fix to release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0dc0f2dee556460bd7b81d5bbbae5a2f86449ab6\"\u003e\u003ccode\u003e0dc0f2d\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4322\"\u003e#4322\u003c/a\u003e: parse and print CSS \u003ccode\u003e@scope\u003c/code\u003e rules\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.21.5...v0.27.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for esbuild since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `esbuild` from 0.17.19 to 0.27.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/releases\"\u003eesbuild's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.27.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix a regression with CSS media queries (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eVersion 0.25.11 of esbuild introduced support for parsing media queries. This unintentionally introduced a regression with printing media queries that use the \u003ccode\u003e\u0026lt;media-type\u0026gt; and \u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e grammar. Specifically, esbuild was failing to wrap an \u003ccode\u003eor\u003c/code\u003e clause with parentheses when inside \u003ccode\u003e\u0026lt;media-condition-without-or\u0026gt;\u003c/code\u003e. This release fixes the regression.\u003c/p\u003e\n\u003cp\u003eHere is an example:\u003c/p\u003e\n\u003cpre lang=\"css\"\u003e\u003ccode\u003e/* Original code */\n@media only screen and ((min-width: 10px) or (min-height: 10px)) {\n  a { color: red }\n}\n\u003cp\u003e/* Old output (incorrect) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and (min-width: 10px) or (min-height: 10px) {\na {\ncolor: red;\n}\n}\u003c/p\u003e\n\u003cp\u003e/* New output (correct) */\n\u003ca href=\"https://github.com/media\"\u003e\u003ccode\u003e@​media\u003c/code\u003e\u003c/a\u003e only screen and ((min-width: 10px) or (min-height: 10px)) {\na {\ncolor: red;\n}\n}\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix an edge case with the \u003ccode\u003einject\u003c/code\u003e feature (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release fixes an edge case where esbuild's \u003ccode\u003einject\u003c/code\u003e feature could not be used with arbitrary module namespace names exported using an \u003ccode\u003eexport {} from\u003c/code\u003e statement with bundling disabled and a target environment where arbitrary module namespace names is unsupported.\u003c/p\u003e\n\u003cp\u003eWith the fix, the following \u003ccode\u003einject\u003c/code\u003e file:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport jquery from 'jquery';\nexport { jquery as 'window.jQuery' };\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eCan now always be rewritten as this without esbuild sometimes incorrectly generating an error:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eexport { default as 'window.jQuery' } from 'jquery';\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAttempt to improve API handling of huge metafiles (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThis release contains a few changes that attempt to improve the behavior of esbuild's JavaScript API with huge metafiles (esbuild's name for the build metadata, formatted as a JSON object). The JavaScript API is designed to return the metafile JSON as a JavaScript object in memory, which makes it easy to access from within a JavaScript-based plugin. Multiple people have encountered issues where this API breaks down with a pathologically-large metafile.\u003c/p\u003e\n\u003cp\u003eThe primary issue is that V8 has an implementation-specific maximum string length, so using the \u003ccode\u003eJSON.parse\u003c/code\u003e API with large enough strings is impossible. This release will now attempt to use a fallback JavaScript-based JSON parser that operates directly on the UTF8-encoded JSON bytes instead of using \u003ccode\u003eJSON.parse\u003c/code\u003e when the JSON metafile is too big to fit in a JavaScript string. The new fallback path has not yet been heavily-tested. The metafile will also now be generated with whitespace removed if the bundle is significantly large, which will reduce the size of the metafile JSON slightly.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md\"\u003eesbuild's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog: 2024\u003c/h1\u003e\n\u003cp\u003eThis changelog documents all esbuild versions published in the year 2024 (versions 0.19.12 through 0.24.2).\u003c/p\u003e\n\u003ch2\u003e0.24.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFix regression with \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003eimport.meta\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4010\"\u003e#4010\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4012\"\u003e#4012\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/evanw/esbuild/pull/4013\"\u003e#4013\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe previous change in version 0.24.1 to use a more expression-like parser for \u003ccode\u003edefine\u003c/code\u003e values to allow quoted property names introduced a regression that removed the ability to use \u003ccode\u003e--define:import.meta=...\u003c/code\u003e. Even though \u003ccode\u003eimport\u003c/code\u003e is normally a keyword that can't be used as an identifier, ES modules special-case the \u003ccode\u003eimport.meta\u003c/code\u003e expression to behave like an identifier anyway. This change fixes the regression.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/sapphi-red\"\u003e\u003ccode\u003e@​sapphi-red\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.24.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAllow \u003ccode\u003ees2024\u003c/code\u003e as a target in \u003ccode\u003etsconfig.json\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4004\"\u003e#4004\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eTypeScript recently \u003ca href=\"https://devblogs.microsoft.com/typescript/announcing-typescript-5-7/#support-for---target-es2024-and---lib-es2024\"\u003eadded \u003ccode\u003ees2024\u003c/code\u003e\u003c/a\u003e as a compilation target, so esbuild now supports this in the \u003ccode\u003etarget\u003c/code\u003e field of \u003ccode\u003etsconfig.json\u003c/code\u003e files, such as in the following configuration file:\u003c/p\u003e\n\u003cpre lang=\"json\"\u003e\u003ccode\u003e{\n  \u0026quot;compilerOptions\u0026quot;: {\n    \u0026quot;target\u0026quot;: \u0026quot;ES2024\u0026quot;\n  }\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAs a reminder, the only thing that esbuild uses this field for is determining whether or not to use legacy TypeScript behavior for class fields. You can read more in \u003ca href=\"https://esbuild.github.io/content-types/#tsconfig-json\"\u003ethe documentation\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis fix was contributed by \u003ca href=\"https://github.com/billyjanitsch\"\u003e\u003ccode\u003e@​billyjanitsch\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow automatic semicolon insertion after \u003ccode\u003eget\u003c/code\u003e/\u003ccode\u003eset\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eThis change fixes a grammar bug in the parser that incorrectly treated the following code as a syntax error:\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003eclass Foo {\n  get\n  *x() {}\n  set\n  *y() {}\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThe above code will be considered valid starting with this release. This change to esbuild follows a \u003ca href=\"https://redirect.github.com/microsoft/TypeScript/pull/60225\"\u003esimilar change to TypeScript\u003c/a\u003e which will allow this syntax starting with TypeScript 5.7.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAllow quoted property names in \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4008\"\u003e#4008\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eThe \u003ccode\u003edefine\u003c/code\u003e and \u003ccode\u003epure\u003c/code\u003e API options now accept identifier expressions containing quoted property names. Previously all identifiers in the identifier expression had to be bare identifiers. This change now makes \u003ccode\u003e--define\u003c/code\u003e and \u003ccode\u003e--pure\u003c/code\u003e consistent with \u003ccode\u003e--global-name\u003c/code\u003e, which already supported quoted property names. For example, the following is now possible:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/f9c9012cdb05135873722184b01f078ea7de8d98\"\u003e\u003ccode\u003ef9c9012\u003c/code\u003e\u003c/a\u003e publish 0.27.4 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/207dbc761ea95a81a8b32cc7f9fae46361faaed7\"\u003e\u003ccode\u003e207dbc7\u003c/code\u003e\u003c/a\u003e js api: fall back to js-based metafile json parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/1ca56dc65155b0d887904c683cd43f7618ae621e\"\u003e\u003ccode\u003e1ca56dc\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4329\"\u003e#4329\u003c/a\u003e: auto-minify metafile for large bundles\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e3823aa485d3cd3f6c11718e4c124b54ebc425e5\"\u003e\u003ccode\u003ee3823aa\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4415\"\u003e#4415\u003c/a\u003e: add uint cast to stdio int parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/d50e88c00aaa424712eddda2f28aae299db4e0de\"\u003e\u003ccode\u003ed50e88c\u003c/code\u003e\u003c/a\u003e chore: correct copy\u0026amp;paste panic message (\u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4399\"\u003e#4399\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/8b829b1bdfeb2b11aa16a643b5bfee108066cab0\"\u003e\u003ccode\u003e8b829b1\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4407\"\u003e#4407\u003c/a\u003e: incorrect error for inject edge case\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/4384badefe3a07b80b3f3eba832c17d0c806dd4c\"\u003e\u003ccode\u003e4384bad\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4395\"\u003e#4395\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4405\"\u003e#4405\u003c/a\u003e close \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4406\"\u003e#4406\u003c/a\u003e: parens for \u003ccode\u003eor\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/9129e00e6c36a3e374820cb5e3fc2cd319c8ab85\"\u003e\u003ccode\u003e9129e00\u003c/code\u003e\u003c/a\u003e publish 0.27.3 to npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/e20e4115acda9c9f052fdd1ec8d7d5c5489e837b\"\u003e\u003ccode\u003ee20e411\u003c/code\u003e\u003c/a\u003e small fix to release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/evanw/esbuild/commit/0dc0f2dee556460bd7b81d5bbbae5a2f86449ab6\"\u003e\u003ccode\u003e0dc0f2d\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/evanw/esbuild/issues/4322\"\u003e#4322\u003c/a\u003e: parse and print CSS \u003ccode\u003e@scope\u003c/code\u003e rules\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/evanw/esbuild/compare/v0.21.5...v0.27.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for esbuild since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `octokit` from 2.1.0 to 5.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/octokit/octokit.js/releases\"\u003eoctokit's r...\n\n_Description has been truncated_","html_url":"https://github.com/awfixers-stuff/awplus/pull/18","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/awfixers-stuff%2Fawplus/issues/18","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/18/packages"}},{"old_version":"7.2.3","new_version":"7.2.4","update_type":"patch","path":null,"pr_created_at":"2026-03-26T05:57:35.000Z","version_change":"7.2.3 → 7.2.4","issue":{"uuid":"4140903441","node_id":"PR_kwDOP9kpyc7Nl1GT","number":20,"state":"open","title":"Bump the npm_and_yarn group across 2 directories with 24 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-26T05:57:35.000Z","updated_at":"2026-03-26T05:58:21.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":24,"packages":[{"name":"ai","old_version":"5.0.28","new_version":"5.0.52","repository_url":"https://github.com/vercel/ai"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"next","old_version":"15.3.3","new_version":"15.5.14","repository_url":"https://github.com/vercel/next.js"},{"name":"glob","old_version":"11.0.2","new_version":"12.0.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"validator","old_version":"13.15.15","new_version":"13.15.22","repository_url":"https://github.com/validatorjs/validator.js"},{"name":"@modelcontextprotocol/sdk","old_version":"1.12.1","new_version":"1.28.0","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.2.0","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"bn.js","old_version":"4.12.2","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"mdast-util-to-hast","old_version":"13.2.0","new_version":"13.2.1","repository_url":"https://github.com/syntax-tree/mdast-util-to-hast"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"qs","old_version":"6.14.0","new_version":"6.15.0","repository_url":"https://github.com/ljharb/qs"},{"name":"rollup","old_version":"4.43.0","new_version":"4.60.0","repository_url":"https://github.com/rollup/rollup"},{"name":"tar-fs","old_version":"3.0.9","new_version":"3.1.2","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.13","repository_url":"https://github.com/isaacs/node-tar"},{"name":"undici","old_version":"7.10.0","new_version":"7.24.6","repository_url":"https://github.com/nodejs/undici"},{"name":"zx","old_version":"7.2.3","new_version":"7.2.4","repository_url":"https://github.com/google/zx"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 22 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ai](https://github.com/vercel/ai) | `5.0.28` | `5.0.52` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [next](https://github.com/vercel/next.js) | `15.3.3` | `15.5.14` |\n| [glob](https://github.com/isaacs/node-glob) | `11.0.2` | `12.0.0` |\n| [validator](https://github.com/validatorjs/validator.js) | `13.15.15` | `13.15.22` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.12.1` | `1.28.0` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.2.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.2` | `4.12.3` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) | `13.2.0` | `13.2.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n| [rollup](https://github.com/rollup/rollup) | `4.43.0` | `4.60.0` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `3.0.9` | `3.1.2` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.13` |\n| [undici](https://github.com/nodejs/undici) | `7.10.0` | `7.24.6` |\n| [zx](https://github.com/google/zx) | `7.2.3` | `7.2.4` |\n\nBumps the npm_and_yarn group with 4 updates in the /apps/www directory: [ai](https://github.com/vercel/ai), [lodash](https://github.com/lodash/lodash), [next](https://github.com/vercel/next.js) and [glob](https://github.com/isaacs/node-glob).\n\nUpdates `ai` from 5.0.28 to 5.0.52\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63d5f669098343a49173d788fe1490127e882bd1\"\u003e\u003ccode\u003e63d5f66\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8895\"\u003e#8895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/930399bb9839a8baf3d349614106d78268775eed\"\u003e\u003ccode\u003e930399b\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): download files when intermediate file cannot be downloaded...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7ca78f19a51859de09171daa3b0cefcc9df90a16\"\u003e\u003ccode\u003e7ca78f1\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/gateway): Add new Qwen models to Gateway model string...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1cfc209a5f9f281565538f2880f9c6278ca6bf04\"\u003e\u003ccode\u003e1cfc209\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): \u003ccode\u003eOpenAILanguageModelOptions\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8858\"\u003e#8858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/347b7ecce9953ae427e7fcf5b0441a63a3d44431\"\u003e\u003ccode\u003e347b7ec\u003c/code\u003e\u003c/a\u003e ci: rename \u003ccode\u003ev5.0\u003c/code\u003e branch to \u003ccode\u003erelease-v*\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/85909a9f6448c7e6eb52d780abcca4f96679e719\"\u003e\u003ccode\u003e85909a9\u003c/code\u003e\u003c/a\u003e Backport: chore(ai): update test message (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8875\"\u003e#8875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c56822dd81d5d70bcd5ef230a875f96a224849a4\"\u003e\u003ccode\u003ec56822d\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the `UIMessageChu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1461adf5841cc3f164482fdff72b66b4b22bf866\"\u003e\u003ccode\u003e1461adf\u003c/code\u003e\u003c/a\u003e Backport: chore(examples): remove redundant OpenAI reasoning examples (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8871\"\u003e#8871\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6bd07df02d9f954b389e44da128fc6d1358462d9\"\u003e\u003ccode\u003e6bd07df\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8853\"\u003e#8853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a45d61aa32f2f319254c5e660731085bcd30f273\"\u003e\u003ccode\u003ea45d61a\u003c/code\u003e\u003c/a\u003e ci(release): remove incorrect changeset bump for \u003ccode\u003e@ai-sdk/baseten\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/compare/ai@5.0.28...ai@5.0.52\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 15.3.3 to 15.5.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(next/image): add lru disk cache and images.maximumDiskCacheSize (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91660\"\u003e#91660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix(pages-router): restore Content-Length and ETag for /_next/data/ JSON responses (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/90304\"\u003e#90304\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/lllomh\"\u003e\u003ccode\u003e@​lllomh\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003ev15.5.13\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: patch http-proxy to prevent request smuggling in rewrites (See: \u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ggv3-7p47-pfv8\"\u003eCVE-2026-29057\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/ztanner\"\u003e\u003ccode\u003e@​ztanner\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003ev15.5.12\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003efix unlock in publish-native\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis is a re-release of \u003ca href=\"https://github.com/vercel/next.js/releases/tag/v15.5.11\"\u003ev15.5.11\u003c/a\u003e applying the turbopack changes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d7b012d787c01e0435f8cdf2a47211891668d13b\"\u003e\u003ccode\u003ed7b012d\u003c/code\u003e\u003c/a\u003e v15.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/2b0525123245da5b1b9d1abedc636c5fd3ee1d07\"\u003e\u003ccode\u003e2b05251\u003c/code\u003e\u003c/a\u003e [backport] feat(next/image): add lru disk cache and `images.maximumDiskCacheS...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/f88cee9604f0ec8ab869a2f94ced984194277b9e\"\u003e\u003ccode\u003ef88cee9\u003c/code\u003e\u003c/a\u003e Backport: Fix(pages-router): restore Content-Length and ETag for /_next/data/...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/cfd5f533b08df3038476dcd54f1d6d660d85f069\"\u003e\u003ccode\u003ecfd5f53\u003c/code\u003e\u003c/a\u003e v15.5.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/15f28911fd272041707dbf6b7c07d62642593be8\"\u003e\u003ccode\u003e15f2891\u003c/code\u003e\u003c/a\u003e [backport]: fix: patch http-proxy to prevent request smuggling in rewrites (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d23f41c42506005fe6978e076a1ccbf8979e4925\"\u003e\u003ccode\u003ed23f41c\u003c/code\u003e\u003c/a\u003e v15.5.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/8e75765a6544dc0e6b20aefeade7d33190ffcb7c\"\u003e\u003ccode\u003e8e75765\u003c/code\u003e\u003c/a\u003e fix unlock in publish-native\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/6cef992286e3050aeca46e0d506dc5bad4368fd2\"\u003e\u003ccode\u003e6cef992\u003c/code\u003e\u003c/a\u003e [backport] normalize CRLF line endings in jscodeshift tests on Windows (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/8800\"\u003e#8800\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7a9464553ac72f5b3f3acf17174a61b7b8a210a5\"\u003e\u003ccode\u003e7a94645\u003c/code\u003e\u003c/a\u003e Apply needs for publishRelease\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/bbfd4e313d4bc9024ec340d9de419a0e4357f898\"\u003e\u003ccode\u003ebbfd4e3\u003c/code\u003e\u003c/a\u003e v15.5.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v15.3.3...v15.5.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.2 to 12.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2b03ccaf9fc397b6054d639cd5fbe97104d36221\"\u003e\u003ccode\u003e2b03cca\u003c/code\u003e\u003c/a\u003e 12.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d56203dc19a4af5c8f8177a3b67e63a14a246458\"\u003e\u003ccode\u003ed56203d\u003c/code\u003e\u003c/a\u003e prettier config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bb521e5d188a8cbbe86d5cef3bf57a49fdee7c59\"\u003e\u003ccode\u003ebb521e5\u003c/code\u003e\u003c/a\u003e Remove --shell option where unsafe to use\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2551fb51440d402fa2120457bf460e546ee9964d\"\u003e\u003ccode\u003e2551fb5\u003c/code\u003e\u003c/a\u003e 11.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146\"\u003e\u003ccode\u003e47473c0\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bc33fe1c6a47abd497703d79ad96036e7891ff62\"\u003e\u003ccode\u003ebc33fe1\u003c/code\u003e\u003c/a\u003e skip tilde test on systems that lack tilde expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/59bf9ca211bda5636c4fe9e32d41530c90a4f30d\"\u003e\u003ccode\u003e59bf9ca\u003c/code\u003e\u003c/a\u003e fix notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/dde4fa66c87e24b37bb5be28ed10c6e12019edac\"\u003e\u003ccode\u003edde4fa6\u003c/code\u003e\u003c/a\u003e docs(README): add #anchor and improve \u003ccode\u003enote\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/0559b0ed13c0f8147cd2ac9d48bb49684caaf20e\"\u003e\u003ccode\u003e0559b0e\u003c/code\u003e\u003c/a\u003e docs: add better links to path-scurry docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c9773c249b4b9ed6b2447222c226f9d20c6ce916\"\u003e\u003ccode\u003ec9773c2\u003c/code\u003e\u003c/a\u003e fix: correct typos in \u003ccode\u003eREADME.md\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v11.0.2...v12.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `validator` from 13.15.15 to 13.15.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/releases\"\u003evalidator's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e13.15.22\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003evalidatorjs/validator.js#2622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e-- made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003evalidatorjs/validator.js#2616\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e13.15.20\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003evalidatorjs/validator.js#2563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003evalidatorjs/validator.js#2556\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003evalidatorjs/validator.js#2576\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003evalidatorjs/validator.js#2574\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003evalidatorjs/validator.js#2584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003evalidatorjs/validator.js#2581\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003evalidatorjs/validator.js#2608\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md\"\u003evalidator's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e13.15.22\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e13.15.20\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2b5c17dbe03f2ca9ad9122c597f81e86ce1a9a1\"\u003e\u003ccode\u003ef2b5c17\u003c/code\u003e\u003c/a\u003e maintenance: 2511 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2627\"\u003e#2627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/d457ecaf55b0f3d8bd379d82757425d0d13dd382\"\u003e\u003ccode\u003ed457eca\u003c/code\u003e\u003c/a\u003e fix(isLength): correctly handle Unicode variation selectors (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2616\"\u003e#2616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2e3633f22fd3016656789d100bc451d857e7488\"\u003e\u003ccode\u003ef2e3633\u003c/code\u003e\u003c/a\u003e docs: add install instructions to contibution guide (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2621\"\u003e#2621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cf401458b8733d981a3724d634c795a9d612b516\"\u003e\u003ccode\u003ecf40145\u003c/code\u003e\u003c/a\u003e fix: URL validation for hostnames with ports (no protocol) (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2622\"\u003e#2622\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/4af61243ba0ae93f29e7689040e188b5849ff1b0\"\u003e\u003ccode\u003e4af6124\u003c/code\u003e\u003c/a\u003e maintenance: 2510 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2585\"\u003e#2585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/30d4fe02c16d36ed471f12da658c4b5d843781e0\"\u003e\u003ccode\u003e30d4fe0\u003c/code\u003e\u003c/a\u003e 13.15.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cbef5088f02d36caf978f378bb845fe49bdc0809\"\u003e\u003ccode\u003ecbef508\u003c/code\u003e\u003c/a\u003e fix(isURL): improve protocol detection. Resolves CVE-2025-56200 (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2608\"\u003e#2608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/6f436be36945e460ee624bf72a935a06daded859\"\u003e\u003ccode\u003e6f436be\u003c/code\u003e\u003c/a\u003e Fix typo in validators.test.js (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2581\"\u003e#2581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/3c857088d58197453957a2b924dfedea328003b6\"\u003e\u003ccode\u003e3c85708\u003c/code\u003e\u003c/a\u003e Fix: correct French VAT (FR) validation regex and add tests (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2584\"\u003e#2584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/eee525cd117d24ac905b9432f3f5a27e96aa9719\"\u003e\u003ccode\u003eeee525c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2491\"\u003e#2491\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2573\"\u003e#2573\u003c/a\u003e Simplify isBase64 to prevent stack overflow (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2574\"\u003e#2574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~wikirik\"\u003ewikirik\u003c/a\u003e, a new releaser for validator since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.12.1 to 1.28.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e\u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.28.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: use scopes_supported from resource metadata by default (fixes \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/580\"\u003e#580\u003c/a\u003e) by \u003ca href=\"https://github.com/antogyn\"\u003e\u003ccode\u003e@​antogyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/757\"\u003emodelcontextprotocol/typescript-sdk#757\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x backport] Default to client_secret_basic when server omits token_endpoint_auth_methods_supported by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1611\"\u003emodelcontextprotocol/typescript-sdk#1611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: reject plain JSON Schema objects passed as inputSchema by \u003ca href=\"https://github.com/tiluckdave\"\u003e\u003ccode\u003e@​tiluckdave\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1596\"\u003emodelcontextprotocol/typescript-sdk#1596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: clear _timeoutInfo in _onclose() and scope .finally() abort controller cleanup by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1462\"\u003emodelcontextprotocol/typescript-sdk#1462\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server/auth): RFC 8252 loopback port relaxation by \u003ca href=\"https://github.com/poteat\"\u003e\u003ccode\u003e@​poteat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1738\"\u003emodelcontextprotocol/typescript-sdk#1738\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.28.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1746\"\u003emodelcontextprotocol/typescript-sdk#1746\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/antogyn\"\u003e\u003ccode\u003e@​antogyn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/757\"\u003emodelcontextprotocol/typescript-sdk#757\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tiluckdave\"\u003e\u003ccode\u003e@​tiluckdave\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1596\"\u003emodelcontextprotocol/typescript-sdk#1596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/poteat\"\u003e\u003ccode\u003e@​poteat\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1738\"\u003emodelcontextprotocol/typescript-sdk#1738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.1...v1.28.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.1...v1.28.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: implement auth/pre-registration conformance scenario by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1545\"\u003emodelcontextprotocol/typescript-sdk#1545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add governance documentation for SEP-1730 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1547\"\u003emodelcontextprotocol/typescript-sdk#1547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: comprehensive feature documentation for SEP-1730 Tier 1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1548\"\u003emodelcontextprotocol/typescript-sdk#1548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent command injection in example URL opening (v1.x backport) by \u003ca href=\"https://github.com/maxisbey\"\u003e\u003ccode\u003e@​maxisbey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1579\"\u003emodelcontextprotocol/typescript-sdk#1579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: call onerror for silently swallowed transport errors by \u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.27.1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1581\"\u003emodelcontextprotocol/typescript-sdk#1581\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add conformance test infrastructure for v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1518\"\u003emodelcontextprotocol/typescript-sdk#1518\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: backport discoverOAuthServerInfo() and discovery caching to v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1533\"\u003emodelcontextprotocol/typescript-sdk#1533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add url property to RequestInfo interface by \u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] feat(tasks): add streaming methods for elicitation and sampling by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1528\"\u003emodelcontextprotocol/typescript-sdk#1528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version for v1.27.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1541\"\u003emodelcontextprotocol/typescript-sdk#1541\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.26.0\u003c/h2\u003e\n\u003cp\u003eAddresses \u0026quot;Sharing server/transport instances can leak cross-client response data\u0026quot; in this GHSA \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump v1.25.3 for backport fixes by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1412\"\u003emodelcontextprotocol/typescript-sdk#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by \u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/a0565695218544fc53e99bf5b544a887d373cefa\"\u003e\u003ccode\u003ea056569\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.28.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1746\"\u003e#1746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/897bc25bfe7beb782dbe31e466c8d161224cfed7\"\u003e\u003ccode\u003e897bc25\u003c/code\u003e\u003c/a\u003e fix(server/auth): RFC 8252 loopback port relaxation (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1738\"\u003e#1738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/398dc70f64a8bf42cc1da2ce2d2479bbde933fc3\"\u003e\u003ccode\u003e398dc70\u003c/code\u003e\u003c/a\u003e fix: clear _timeoutInfo in _onclose() and scope .finally() abort controller c...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/93640d33ab2725c8fe2cfad240f38f27a624194e\"\u003e\u003ccode\u003e93640d3\u003c/code\u003e\u003c/a\u003e fix: reject plain JSON Schema objects passed as inputSchema (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1596\"\u003e#1596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4cbcec0edb96332d87ed42c1910dca92cca507de\"\u003e\u003ccode\u003e4cbcec0\u003c/code\u003e\u003c/a\u003e [v1.x backport] Default to client_secret_basic when server omits token_endpoi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/c9b58d19861b3917f23f5cda395c71f8239b8b33\"\u003e\u003ccode\u003ec9b58d1\u003c/code\u003e\u003c/a\u003e feat: use scopes_supported from resource metadata by default (fixes \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/580\"\u003e#580\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/757\"\u003e#757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/351e1246fc88c6bb97e909be9190a68c6e05bf1a\"\u003e\u003ccode\u003e351e124\u003c/code\u003e\u003c/a\u003e docs: add links to hosted V1 and V2 API reference docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4faa8c899c069a98f8a0c3f804ec1a50dc2bae64\"\u003e\u003ccode\u003e4faa8c8\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.27.1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1581\"\u003e#1581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/09a85a80439f0ca9e5556ac20bdec41461e35234\"\u003e\u003ccode\u003e09a85a8\u003c/code\u003e\u003c/a\u003e fix: call onerror for silently swallowed transport errors (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1580\"\u003e#1580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/e79d14ab6d8fbcb49543cab3917a60a89d0a6df9\"\u003e\u003ccode\u003ee79d14a\u003c/code\u003e\u003c/a\u003e fix: prevent command injection in example URL opening (v1.x backport) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1579\"\u003e#1579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.12.1...v1.28.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~pcarleton\"\u003epcarleton\u003c/a\u003e, a new releaser for \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5d41e45073ed1a8a3b5e5a1bbfcd131e61295bf8\"\u003e\u003ccode\u003e5d41e45\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/49c2e73ed1cae4962ae38b33ab93a3548c2f5622\"\u003e\u003ccode\u003e49c2e73\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/2a2a0e6514357b9eda07c2f8afbd3f04727a7cd9\"\u003e\u003ccode\u003e2a2a0e6\u003c/code\u003e\u003c/a\u003e Skip invalid filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/65c90d949c0f8a9709759dff9e76bbe07061812b\"\u003e\u003ccode\u003e65c90d9\u003c/code\u003e\u003c/a\u003e Fix permissions for workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/593cb7831bec60d5590acc3eeb2e553f4a431167\"\u003e\u003ccode\u003e593cb78\u003c/code\u003e\u003c/a\u003e Set permissions for workflow jobs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/36adf110beabc9acdcad122149a2ea795a2b1a6c\"\u003e\u003ccode\u003e36adf11\u003c/code\u003e\u003c/a\u003e Remove deprecated CodeQL check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9da4af0e1f82fe372bedc1b7820f55c6eaf012e5\"\u003e\u003ccode\u003e9da4af0\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/699303975bea182b966f9f34a1ecbbebe92afcef\"\u003e\u003ccode\u003e6993039\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0b8f7560e11af817d70ff17f986b334ba2e99b81\"\u003e\u003ccode\u003e0b8f756\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/67a53f21623e4047d28d7a6f98f539f1adc9d1d0\"\u003e\u003ccode\u003e67a53f2\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.2 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.2...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 2.2.0 to 2.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README links by \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: release notes for the v1.20.4 release by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/674\"\u003eexpressjs/body-parser#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update URL-encoded parser description to include ISO-8859-1 encoding support by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/679\"\u003eexpressjs/body-parser#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use standard jsdoc tags everywhere by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/677\"\u003eexpressjs/body-parser#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/689\"\u003eexpressjs/body-parser#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/693\"\u003eexpressjs/body-parser#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.2.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/691\"\u003eexpressjs/body-parser#691\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\"\u003ehttps://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-13466\"\u003eCVE-2025-13466\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/593\"\u003eexpressjs/body-parser#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/594\"\u003eexpressjs/body-parser#594\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: type-is@^2.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/599\"\u003eexpressjs/body-parser#599\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/609\"\u003eexpressjs/body-parser#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/610\"\u003eexpressjs/body-parser#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/611\"\u003eexpressjs/body-parser#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/613\"\u003eexpressjs/body-parser#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/612\"\u003eexpressjs/body-parser#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add codeql github workflows scanning by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/614\"\u003eexpressjs/body-parser#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update CodeQL config to ignore the test directory by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/615\"\u003eexpressjs/body-parser#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/620\"\u003eexpressjs/body-parser#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/619\"\u003eexpressjs/body-parser#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): unpin devDependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/616\"\u003eexpressjs/body-parser#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/621\"\u003eexpressjs/body-parser#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/623\"\u003eexpressjs/body-parser#623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/624\"\u003eexpressjs/body-parser#624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/617\"\u003eexpressjs/body-parser#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/625\"\u003eexpressjs/body-parser#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/630\"\u003eexpressjs/body-parser#630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: move common request validation to read function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/600\"\u003eexpressjs/body-parser#600\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump iconv-lite by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/631\"\u003eexpressjs/body-parser#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: pull beta changelog forward into 2.0.0 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/629\"\u003eexpressjs/body-parser#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: optimize raw and text parsers with shared passthrough function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/634\"\u003eexpressjs/body-parser#634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/640\"\u003eexpressjs/body-parser#640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/639\"\u003eexpressjs/body-parser#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/636\"\u003eexpressjs/body-parser#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/637\"\u003eexpressjs/body-parser#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/638\"\u003eexpressjs/body-parser#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: raw-body@^3.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/641\"\u003eexpressjs/body-parser#641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.2.2 / 2026-01-07\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@^6.14.1\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.1 / 2025-11-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.1\u003c/li\u003e\n\u003cli\u003eiconv-lite@^0.7.0\n\u003cul\u003e\n\u003cli\u003eHandle split surrogate pairs when encoding UTF-8\u003c/li\u003e\n\u003cli\u003eAvoid false positives in \u003ccode\u003eencodingExists\u003c/code\u003e by using prototype-less objects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eraw-body@^3.0.1\u003c/li\u003e\n\u003cli\u003edebug@^4.4.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/3d248660b2e8b66732b232d7c758517fbf2420a6\"\u003e\u003ccode\u003e3d24866\u003c/code\u003e\u003c/a\u003e 2.2.2 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/8474a984c3ba36a1b4328ce019833b99caa0f08f\"\u003e\u003ccode\u003e8474a98\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/693\"\u003e#693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/03f17c2538552a57e6be537afca8c7587bd40aaa\"\u003e\u003ccode\u003e03f17c2\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/689\"\u003e#689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ea1f25e503c1b2f7ba6f8562724ae0fcd247fb75\"\u003e\u003ccode\u003eea1f25e\u003c/code\u003e\u003c/a\u003e docs: use standard jsdoc tags everywhere (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d7deef8ec61307fa28c22bc443cf8ed2f267945a\"\u003e\u003ccode\u003ed7deef8\u003c/code\u003e\u003c/a\u003e docs: update URL-encoded parser description to include ISO-8859-1 encoding su...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b6f52aabc65137c5227c8a462bddb761daeb96e7\"\u003e\u003ccode\u003eb6f52aa\u003c/code\u003e\u003c/a\u003e docs: release notes for the v1.20.4 release (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2965ca4af4883109cb2f651f4ce12da310902a0c\"\u003e\u003ccode\u003e2965ca4\u003c/code\u003e\u003c/a\u003e docs: update links (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d96b63da8d7445de317736471633bac83ec76cbb\"\u003e\u003ccode\u003ed96b63d\u003c/code\u003e\u003c/a\u003e 2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/659\"\u003e#659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63\"\u003e\u003ccode\u003eb204886\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2025-13466\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/e20e3512e085c1162e8ffe36ac65c705a8017251\"\u003e\u003ccode\u003ee20e351\u003c/code\u003e\u003c/a\u003e feat: remove \u003ccode\u003ehistory.md\u003c/code\u003e from being packaged on publish (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.0...v2.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 4.0.2 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 4.0.2 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev4.0.3 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5\"\u003e\u003ccode\u003ef06f3e4\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75\"\u003e\u003ccode\u003e0179a48\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683\"\u003e\u003ccode\u003e4568cae\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a\"\u003e\u003ccode\u003e4de0ffa\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~explodingcabbage\"\u003eexplodingcabbage\u003c/a\u003e, a new releaser for diff since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `immutable` from 5.1.2 to 4.3.8\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md\"\u003eimmutable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e,\nand this project adheres to \u003ca href=\"https://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\nDates are formatted as YYYY-MM-DD.\u003c/p\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003ch2\u003e5.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate some files to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2125\"\u003eimmutable-js/immutable-js#2125\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIterator.ts\u003c/li\u003e\n\u003cli\u003ePairSorting.ts\u003c/li\u003e\n\u003cli\u003etoJS.ts\u003c/li\u003e\n\u003cli\u003eMath.ts\u003c/li\u003e\n\u003cli\u003eHash.ts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eExtract CollectionHelperMethods and convert to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2131\"\u003eimmutable-js/immutable-js#2131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse npm \u003ca href=\"https://docs.npmjs.com/trusted-publishers\"\u003etrusted publishing only\u003c/a\u003e to avoid token stealing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/a11y issues by \u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDoc add Map.get signature update by \u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(doc):minor-issues#2132 by \u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix algolia search by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2135\"\u003eimmutable-js/immutable-js#2135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTypo in OrderedMap by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2144\"\u003eimmutable-js/immutable-js#2144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: Sort all imports and activate eslint import rule by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2119\"\u003eimmutable-js/immutable-js#2119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.3\u003c/h2\u003e\n\u003ch3\u003eTypeScript\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: allow readonly map entry constructor by \u003ca href=\"https://github.com/septs\"\u003e\u003ccode\u003e@​septs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2123\"\u003eimmutable-js/immutable-js#2123\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cp\u003eThere has been a huge amount of changes in the documentation, mainly migrate from an autogenerated documentation from .d.ts file, to a proper documentation in markdown.\nThe playground has been included on nearly all method examples.\nWe added a page about browser extensions too: \u003ca href=\"https://immutable-js.com/browser-extension/\"\u003ehttps://immutable-js.com/browser-extension/\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/485cbe0edf3ca7bb4b9c4a80ac55ba937a291da0\"\u003e\u003ccode\u003e485cbe0\u003c/code\u003e\u003c/a\u003e 4.3.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/6ed4eb626906df788b08019061b292b90bc718cb\"\u003e\u003ccode\u003e6ed4eb6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/94bcd3c79972db4afffd8d1e5aab415880098b05\"\u003e\u003ccode\u003e94bcd3c\u003c/code\u003e\u003c/a\u003e fix new proto key injection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/faeb58b0cc71ed351dc51f672a95ae21bc859ef5\"\u003e\u003ccode\u003efaeb58b\u003c/code\u003e\u003c/a\u003e fix Prototype Pollution in mergeDeep, toJS, etc.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/37ca4170060827e5f4eaa1969d1b61e5dc5eb11d\"\u003e\u003ccode\u003e37ca417\u003c/code\u003e\u003c/a\u003e release 4.3.7 (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/2007\"\u003e#2007\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/23daf26b51ecc2805dcd9ac8534ce523397f9b62\"\u003e\u003ccode\u003e23daf26\u003c/code\u003e\u003c/a\u003e Fix issue with slice negative of filtered sequence (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/2006\"\u003e#2006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/493afba6ec17d9c999dc5a15ac80c71c6bdba1c3\"\u003e\u003ccode\u003e493afba\u003c/code\u003e\u003c/a\u003e release 4.3.6 (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/1997\"\u003e#1997\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/be3cb9a7ae9a29f82c9d0c595f5f3cb957d7006c\"\u003e\u003ccode\u003ebe3cb9a\u003c/code\u003e\u003c/a\u003e Fix Repeat(\u0026lt;value\u0026gt;).equals(undefined) incorrectly returning true (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/1994\"\u003e#1994\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/d7664bf9d3539da8ea095f2ed08bbe1cd0d46071\"\u003e\u003ccode\u003ed7664bf\u003c/code\u003e\u003c/a\u003e generate sitemap in path that will be deployed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/f8327b1db0bb131df8a830cf14642f6ad07ca466\"\u003e\u003ccode\u003ef8327b1\u003c/code\u003e\u003c/a\u003e upgrade next sitemap (\u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/1978\"\u003e#1978\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/immutable-js/immutable-js/compare/v5.1.2...v4.3.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for immutable since your current ve...\n\n_Description has been truncated_\n\n---\n\n🔄 This PR updates 24 npm dependencies across multiple packages in the monorepo, including major updates to Next.js (15.3.3 → 15.5.14), AI SDK (5.0.28 → 5.0.52), and lodash (4.17.21 → 4.17.23), along with security patches for several packages.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Framework Updates**: Next.js updated from 15.3.3 to 15.5.14, bringing bug fixes and security improvements including CVE-2026-29057 patch\n- **AI SDK Enhancement**: Updated from 5.0.28 to 5.0.52 across multiple packages, likely including new features and bug fixes\n- **Security Patches**: Multiple packages received security updates including validator.js (CVE-2025-56200), basic-ftp (CVE-2026-27699), and body-parser (CVE-2025-13466)\n- **Utility Library Updates**: Lodash updated to 4.17.23 across 15 packages, glob updated to 12.0.0 with breaking changes\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 24 Updates]\n    B --\u003e C[Security Patches]\n    B --\u003e D[Feature Updates]\n    B --\u003e E[Bug Fixes]\n    \n    C --\u003e F[validator.js CVE-2025-56200]\n    C --\u003e G[basic-ftp CVE-2026-27699]\n    C --\u003e H[body-parser CVE-2025-13466]\n    \n    D --\u003e I[Next.js 15.5.14]\n    D --\u003e J[AI SDK 5.0.52]\n    D --\u003e K[glob 12.0.0]\n    \n    E --\u003e L[lodash 4.17.23]\n    E --\u003e M[Various Minor Updates]\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple CVEs and security vulnerabilities across the dependency tree\n- **Framework Stability**: Next.js updates include important bug fixes for Pages Router and image optimization features\n- **Breaking Changes**: glob 12.0.0 removes unsafe shell options and CLI functionality, requiring attention during deployment\n- **Maintenance**: Keeps dependencies current with latest patches and improvements, reducing technical debt\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/plate/pull/20","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Fplate/issues/20","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/20/packages"}},{"old_version":"8.5.4","new_version":"8.8.5","update_type":"minor","path":null,"pr_created_at":"2026-03-26T04:43:04.000Z","version_change":"8.5.4 → 8.8.5","issue":{"uuid":"4140546235","node_id":"PR_kwDOOv1_fM7Nk3bl","number":8,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 3 directories with 10 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-02T10:49:06.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-26T04:43:04.000Z","updated_at":"2026-04-02T10:49:08.000Z","time_to_close":626762,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":10,"packages":[{"name":"webpack","old_version":"5.99.9","new_version":"5.104.1","repository_url":"https://github.com/webpack/webpack"},{"name":"zx","old_version":"8.5.4","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"glob","old_version":"11.0.2","new_version":"11.1.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23"},{"name":"axios","old_version":"1.9.0","new_version":"1.13.6"},{"name":"mermaid","old_version":"11.6.0","new_version":"11.13.0"},{"name":"dompurify","old_version":"3.2.4","new_version":"3.3.3"},{"name":"immutable","old_version":"4.3.7","new_version":"5.1.5"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 2 updates in the / directory: [webpack](https://github.com/webpack/webpack) and [zx](https://github.com/google/zx).\nBumps the npm_and_yarn group with 2 updates in the /packages/rspack-test-tools directory: [webpack](https://github.com/webpack/webpack) and [glob](https://github.com/isaacs/node-glob).\nBumps the npm_and_yarn group with 2 updates in the /scripts directory: [zx](https://github.com/google/zx) and [glob](https://github.com/isaacs/node-glob).\n\nUpdates `webpack` from 5.99.9 to 5.104.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/releases\"\u003ewebpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.104.1\u003c/h2\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.104.0\u003c/h2\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.103.0\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eDotenvPlugin\u003c/code\u003e and top level \u003ccode\u003edotenv\u003c/code\u003e option to enable this plugin\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eWebpackManifestPlugin\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded support the \u003ccode\u003eignoreList\u003c/code\u003e option in devtool plugins\u003c/li\u003e\n\u003cli\u003eAllow to use custom javascript parse function\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/blob/main/CHANGELOG.md\"\u003ewebpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/24e3c2d2c9f8c6d60810302b2ea70ed86e2863dc\"\u003e\u003ccode\u003e24e3c2d\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20253\"\u003e#20253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/2efd21b0b06baa9b1a7f009b336379dcef24c1a5\"\u003e\u003ccode\u003e2efd21b\u003c/code\u003e\u003c/a\u003e fix(re-exports): reexports runtime calculation should not accessing `__WEBPAC...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/c5100702335a9cdcb75558ccd80def2329bd4abf\"\u003e\u003ccode\u003ec510070\u003c/code\u003e\u003c/a\u003e fix(security): userinfo bypass vulnerability in HttpUriPlugin allowedUris\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/4b0501c69700963bad1285b56f9cfa74704cb963\"\u003e\u003ccode\u003e4b0501c\u003c/code\u003e\u003c/a\u003e ci: fix release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20252\"\u003e#20252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/0c213cecf2906bc41102c3a4cfdd1ad3522d0171\"\u003e\u003ccode\u003e0c213ce\u003c/code\u003e\u003c/a\u003e ci: use \u003ccode\u003e\\\u0026lt;@\u0026amp;1450591255485743204\u0026gt;\u003c/code\u003e over \u003ccode\u003e@here\u003c/code\u003e for discord notificationw\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/5bf8bc51bcfb49d25b73aae450b246cd8b8b423a\"\u003e\u003ccode\u003e5bf8bc5\u003c/code\u003e\u003c/a\u003e refactor: types for benchmarks and tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/505a5e744fbcf4471ddb534bf1d4aebea9643c1b\"\u003e\u003ccode\u003e505a5e7\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20188\"\u003e#20188\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/0c066808d59e4f9406e11bab4ffa2e0feacbd0e2\"\u003e\u003ccode\u003e0c06680\u003c/code\u003e\u003c/a\u003e refactor: update eslint configuration\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/2eb0d6a410513960bd7d65bf15baf15704a612eb\"\u003e\u003ccode\u003e2eb0d6a\u003c/code\u003e\u003c/a\u003e ci: release announcement (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20238\"\u003e#20238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/b2b24590a08755b706d2009ca97a226addf9e83b\"\u003e\u003ccode\u003eb2b2459\u003c/code\u003e\u003c/a\u003e ci: cancel in progress (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20239\"\u003e#20239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpack/webpack/compare/v5.99.9...v5.104.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 8.5.4 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.5.4...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.2 to 11.1.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2b03ccaf9fc397b6054d639cd5fbe97104d36221\"\u003e\u003ccode\u003e2b03cca\u003c/code\u003e\u003c/a\u003e 12.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d56203dc19a4af5c8f8177a3b67e63a14a246458\"\u003e\u003ccode\u003ed56203d\u003c/code\u003e\u003c/a\u003e prettier config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bb521e5d188a8cbbe86d5cef3bf57a49fdee7c59\"\u003e\u003ccode\u003ebb521e5\u003c/code\u003e\u003c/a\u003e Remove --shell option where unsafe to use\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2551fb51440d402fa2120457bf460e546ee9964d\"\u003e\u003ccode\u003e2551fb5\u003c/code\u003e\u003c/a\u003e 11.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146\"\u003e\u003ccode\u003e47473c0\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bc33fe1c6a47abd497703d79ad96036e7891ff62\"\u003e\u003ccode\u003ebc33fe1\u003c/code\u003e\u003c/a\u003e skip tilde test on systems that lack tilde expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/59bf9ca211bda5636c4fe9e32d41530c90a4f30d\"\u003e\u003ccode\u003e59bf9ca\u003c/code\u003e\u003c/a\u003e fix notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/dde4fa66c87e24b37bb5be28ed10c6e12019edac\"\u003e\u003ccode\u003edde4fa6\u003c/code\u003e\u003c/a\u003e docs(README): add #anchor and improve \u003ccode\u003enote\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/0559b0ed13c0f8147cd2ac9d48bb49684caaf20e\"\u003e\u003ccode\u003e0559b0e\u003c/code\u003e\u003c/a\u003e docs: add better links to path-scurry docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c9773c249b4b9ed6b2447222c226f9d20c6ce916\"\u003e\u003ccode\u003ec9773c2\u003c/code\u003e\u003c/a\u003e fix: correct typos in \u003ccode\u003eREADME.md\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v11.0.2...v12.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.9.0 to 1.13.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.13.6\u003c/h2\u003e\n\u003cp\u003eThis release focuses on platform compatibility, error handling improvements, and code quality maintenance.\u003c/p\u003e\n\u003ch2\u003e⚠️ Important Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBreaking Changes:\u003c/strong\u003e None identified in this release.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAction Required:\u003c/strong\u003e Users targeting React Native should verify their integration, particularly if relying on specific Blob or FormData behaviours, as improvements have been made to support these objects.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eReact Native Blob Support:\u003c/strong\u003e Axios now includes support for React Native Blob objects. Thanks to \u003ca href=\"https://github.com/moh3n9595\"\u003e\u003ccode\u003e@​moh3n9595\u003c/code\u003e\u003c/a\u003e for the initial implementation. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/5764\"\u003e#5764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCode Quality:\u003c/strong\u003e Implemented prettier across the codebase and resolved associated formatting issues. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7385\"\u003e#7385\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eEnvironment Compatibility:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed module exports for React Native and Browserify environments. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7386\"\u003e#7386\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded safe FormData detection for the WeChat Mini Program environment. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7324\"\u003e#7324\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eError Handling:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAxiosError.message is now correctly enumerable. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7392\"\u003e#7392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAxiosError.from now correctly copies the status property from the source error, ensuring better error propagation. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7403\"\u003e#7403\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Updated the development_dependencies group (5 updates). (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7432\"\u003e#7432\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eInfrastructure:\u003c/strong\u003e Migrated \u003ccode\u003e@​rollup/plugin-babel\u003c/code\u003e from v5.3.1 to v6.1.0. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7424\"\u003e#7424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocumentation:\u003c/strong\u003e Added missing JSDoc comments to utilities. (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7427\"\u003e#7427\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors! Thank you for helping improve the project:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Gudahtt\"\u003e\u003ccode\u003e@​Gudahtt\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7386\"\u003e#7386\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ybbus\"\u003e\u003ccode\u003e@​ybbus\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7392\"\u003e#7392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Shiwaangee\"\u003e\u003ccode\u003e@​Shiwaangee\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7324\"\u003e#7324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/skrtheboss\"\u003e\u003ccode\u003e@​skrtheboss\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7403\"\u003e#7403\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Janaka66\"\u003e\u003ccode\u003e@​Janaka66\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7427\"\u003e#7427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moh3n9595\"\u003e\u003ccode\u003e@​moh3n9595\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/5764\"\u003e#5764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/digital-wizard48\"\u003e\u003ccode\u003e@​digital-wizard48\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/pull/7424\"\u003e#7424\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cem\u003eFull Changelog: \u003ca href=\"https://github.com/axios/axios/compare/v1.13.5...v1.13.6\"\u003ev1.13.5...v1.13.6\u003c/a\u003e\u003c/em\u003e\u003c/p\u003e\n\u003ch2\u003ev1.13.5\u003c/h2\u003e\n\u003ch2\u003eRelease 1.13.5\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eSecurity:\u003c/strong\u003e Fixed a potential \u003cstrong\u003eDenial of Service\u003c/strong\u003e issue involving the \u003ccode\u003e__proto__\u003c/code\u003e key in \u003ccode\u003emergeConfig\u003c/code\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7369\"\u003e#7369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBug fix:\u003c/strong\u003e Resolved an issue where \u003ccode\u003eAxiosError\u003c/code\u003e could be missing the \u003ccode\u003estatus\u003c/code\u003e field on and after \u003cstrong\u003ev1.13.3\u003c/strong\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7368\"\u003e#7368\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003ch4\u003eSecurity\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix Denial of Service via \u003ccode\u003e__proto__\u003c/code\u003e key in \u003ccode\u003emergeConfig\u003c/code\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7369\"\u003e#7369\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.13.2...v1.13.3\"\u003e1.13.3\u003c/a\u003e (2026-01-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ehttp2:\u003c/strong\u003e Use port 443 for HTTPS connections by default. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7256\"\u003e#7256\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d7e60653460480ffacecf85383012ca1baa6263e\"\u003ed7e6065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003einterceptor:\u003c/strong\u003e handle the error in the same interceptor (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6269\"\u003e#6269\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/5945e40bb171d4ac4fc195df276cf952244f0f89\"\u003e5945e40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emain field in package.json should correspond to cjs artifacts (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5756\"\u003e#5756\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7373fbff24cd92ce650d99ff6f7fe08c2e2a0a04\"\u003e7373fbf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epackage.json:\u003c/strong\u003e add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5754\"\u003e#5754\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/b89217e3e91de17a3d55e2b8f39ceb0e9d8aeda8\"\u003eb89217e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esilentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7257\"\u003e#7257\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7d19335e43d6754a1a9a66e424f7f7da259895bf\"\u003e7d19335\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eturn AxiosError into a native error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5394\"\u003e#5394\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5558\"\u003e#5558\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/1c6a86dd2c0623ee1af043a8491dbc96d40e883b\"\u003e1c6a86d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e add handlers to AxiosInterceptorManager interface (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5551\"\u003e#5551\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/8d1271b49fc226ed7defd07cd577bd69a55bb13a\"\u003e8d1271b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e restore AxiosError.cause type from unknown to Error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7327\"\u003e#7327\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d8233d9e8e9a64bfba9bbe01d475ba417510b82b\"\u003ed8233d9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eunclear error message is thrown when specifying an empty proxy authorization (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6314\"\u003e#6314\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/6ef867e684adf7fb2343e3b29a79078a3c76dc29\"\u003e6ef867e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eundefined\u003c/code\u003e as a value in AxiosRequestConfig (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5560\"\u003e#5560\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/095033c626895ecdcda2288050b63dcf948db3bd\"\u003e095033c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd automatic minor and patch upgrades to dependabot (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6053\"\u003e#6053\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/65a7584eda6164980ddb8cf5372f0afa2a04c1ed\"\u003e65a7584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd Node.js coverage script using c8 (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/7289\"\u003e#7289\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7294\"\u003e#7294\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/ec9d94e9f88da13e9219acadf65061fb38ce080a\"\u003eec9d94e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded copilot instructions (\u003ca href=\"https://github.com/axios/axios/commit/3f83143bfe617eec17f9d7dcf8bafafeeae74c26\"\u003e3f83143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with frozen prototypes (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6265\"\u003e#6265\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/860e03396a536e9b926dacb6570732489c9d7012\"\u003e860e033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenhance pipeFileToResponse with error handling (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7169\"\u003e#7169\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/88d78842541610692a04282233933d078a8a2552\"\u003e88d7884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Intellisense for string literals in a widened union (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6134\"\u003e#6134\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/f73474d02c5aa957b2daeecee65508557fd3c6e5\"\u003ef73474d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com//redirect.github.com/microsoft/TypeScript/issues/33471/issues/issuecomment-1376364329\"\u003emicrosoft/TypeScript#33471\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eReverts\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRevert \u0026quot;fix: silentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7\"\u003e#7\u003c/a\u003e…\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7298\"\u003e#7298\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/a4230f5581b3f58b6ff531b6dbac377a4fd7942a\"\u003ea4230f5\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e \u003ca href=\"https://redirect.github.com/axios/axios/issues/7\"\u003e#7\u003c/a\u003e \u003ca href=\"https://redirect.github.com/axios/axios/issues/7298\"\u003e#7298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7334\"\u003e#7334\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/2d6ad5e48bd29b0b2b5e7e95fb473df98301543a\"\u003e2d6ad5e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/ashvin2005\" title=\"+1752/-4 ([#7218](https://github.com/axios/axios/issues/7218) [#7218](https://github.com/axios/axios/issues/7218) )\"\u003eAshvin Tiwari\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/mochinikunj\" title=\"+940/-12 ([#7294](https://github.com/axios/axios/issues/7294) [#7294](https://github.com/axios/axios/issues/7294) )\"\u003eNikunj Mochi\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/imanchalsingh\" title=\"+544/-102 ([#7169](https://github.com/axios/axios/issues/7169) [#7185](https://github.com/axios/axios/issues/7185) )\"\u003eAnchal Singh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/jasonsaayman\" title=\"+317/-73 ([#7334](https://github.com/axios/axios/issues/7334) [#7298](https://github.com/axios/axios/issues/7298) )\"\u003ejasonsaayman\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/brodo\" title=\"+99/-120 ([#5558](https://github.com/axios/axios/issues/5558) )\"\u003eJulian Dax\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/AKASHDHARDUBEY\" title=\"+167/-0 ([#7287](https://github.com/axios/axios/issues/7287) [#7288](https://github.com/axios/axios/issues/7288) )\"\u003eAkash Dhar Dubey\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/madhumitaaa\" title=\"+20/-68 ([#7198](https://github.com/axios/axios/issues/7198) )\"\u003eMadhumita\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Tackoil\" title=\"+80/-2 ([#6269](https://github.com/axios/axios/issues/6269) )\"\u003eTackoil\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/justindhillon\" title=\"+41/-41 ([#6324](https://github.com/axios/axios/issues/6324) [#6315](https://github.com/axios/axios/issues/6315) )\"\u003eJustin Dhillon\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Rudrxxx\" title=\"+71/-2 ([#7257](https://github.com/axios/axios/issues/7257) )\"\u003eRudransh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/WuMingDao\" title=\"+36/-36 ([#7215](https://github.com/axios/axios/issues/7215) )\"\u003eWuMingDao\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/codenomnom\" title=\"+70/-0 ([#7201](https://github.com/axios/axios/issues/7201) [#7201](https://github.com/axios/axios/issues/7201) )\"\u003ecodenomnom\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/Nandann018-ux\" title=\"+60/-10 ([#7272](https://github.com/axios/axios/issues/7272) )\"\u003eNandan Acharya\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/KernelDeimos\" title=\"+22/-40 ([#7042](https://github.com/axios/axios/issues/7042) )\"\u003eEric Dubé\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/tiborpilz\" title=\"+40/-4 ([#5551](https://github.com/axios/axios/issues/5551) )\"\u003eTibor Pilz\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/joaoGabriel55\" title=\"+31/-4 ([#6314](https://github.com/axios/axios/issues/6314) )\"\u003eGabriel Quaresma\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003c!-- raw HTML omitted --\u003e \u003ca href=\"https://github.com/turadg\" title=\"+23/-6 ([#6265](https://github.com/axios/axios/issues/6265) )\"\u003eTuradg Aleahmad\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/7108c8877f9dc05f7aba8beb2b9e522537f9a9a7\"\u003e\u003ccode\u003e7108c88\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.13.6 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7446\"\u003e#7446\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/20a0ba3c01174aa2ec441753fa1fe47f21d20491\"\u003e\u003ccode\u003e20a0ba3\u003c/code\u003e\u003c/a\u003e refactor(deps): migrate \u003ccode\u003e@​rollup/plugin-babel\u003c/code\u003e from v5.3.1 to v6.1.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7424\"\u003e#7424\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/885b4af6f5dd6ab7977b207fdf61a7e89af69e69\"\u003e\u003ccode\u003e885b4af\u003c/code\u003e\u003c/a\u003e feat: support react native blob objects (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5764\"\u003e#5764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/00d97b9730f3d83e865d0f3ee33cba6290ba20ed\"\u003e\u003ccode\u003e00d97b9\u003c/code\u003e\u003c/a\u003e docs(utils): add missing JSDoc comments (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7427\"\u003e#7427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9712548a49521580c8e692c367609b9f5e748d63\"\u003e\u003ccode\u003e9712548\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the development_dependencies group across 1 directory w...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/d51accbea1faef6e3b74c7dfa636704a2332bfbb\"\u003e\u003ccode\u003ed51accb\u003c/code\u003e\u003c/a\u003e fix(core): copy status from source error in AxiosError.from (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7403\"\u003e#7403\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e30bbf1b33c8b6213c793eb0cf6b61b0edc72f1\"\u003e\u003ccode\u003e3e30bbf\u003c/code\u003e\u003c/a\u003e chore: fix publish to only run on v1 tags\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/672491db34b5575d2abb1c3f91382bc1f45ae7b7\"\u003e\u003ccode\u003e672491d\u003c/code\u003e\u003c/a\u003e fix: safe FormData detection for WeChat Mini Program (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7306\"\u003e#7306\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7324\"\u003e#7324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/822e3e40b4f9287b5a787f5d1dfb3ae7f8a0faa3\"\u003e\u003ccode\u003e822e3e4\u003c/code\u003e\u003c/a\u003e fix: make AxiosError.message property enumerable (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7392\"\u003e#7392\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ef3711d1b3a3c1eb4f11dc43e8db38e9c5342448\"\u003e\u003ccode\u003eef3711d\u003c/code\u003e\u003c/a\u003e feat: implement prettier and fix all issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7385\"\u003e#7385\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.9.0...v1.13.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `mermaid` from 11.6.0 to 11.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mermaid-js/mermaid/releases\"\u003emermaid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003emermaid@11.13.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7352\"\u003e#7352\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/d6db0b039654f6e122c6098821bc75f2910915e3\"\u003e\u003ccode\u003ed6db0b0\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/remcohaszing\"\u003e\u003ccode\u003e@​remcohaszing\u003c/code\u003e\u003c/a\u003e! - feat: Export the \u003ccode\u003eAsyncIconLoader\u003c/code\u003e, \u003ccode\u003eSyncIconLoader\u003c/code\u003e, and \u003ccode\u003eIconLoader\u003c/code\u003e types.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/5932\"\u003e#5932\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/cdacb0b30171bd15223c008a56c09f7ece842940\"\u003e\u003ccode\u003ecdacb0b\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/exoego\"\u003e\u003ccode\u003e@​exoego\u003c/code\u003e\u003c/a\u003e! - feat: Add venn-beta diagram\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/6789\"\u003e#6789\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/73e9849f993cd766eecddf349e335a4473560f37\"\u003e\u003ccode\u003e73e9849\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/omkarht\"\u003e\u003ccode\u003e@​omkarht\u003c/code\u003e\u003c/a\u003e! - feat: Add half-arrowheads (solid \u0026amp; stick) and central connection support\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7387\"\u003e#7387\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/acce4db7a1bd8801666f1a9667a63e4010ec2020\"\u003e\u003ccode\u003eacce4db\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/exoego\"\u003e\u003ccode\u003e@​exoego\u003c/code\u003e\u003c/a\u003e! - feat: Add Ishikawa diagram (ishikawa-beta)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/6995\"\u003e#6995\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/9745f325cb9e1967640f0e85da193a2f820634f1\"\u003e\u003ccode\u003e9745f32\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/darshanr0107\"\u003e\u003ccode\u003e@​darshanr0107\u003c/code\u003e\u003c/a\u003e! - feat: Deprecate \u003ca href=\"https://mermaid.js.org/config/schema-docs/config-defs-flowchart-diagram-config.html#htmllabels\"\u003e\u003ccode\u003eflowchart.htmlLabels\u003c/code\u003e\u003c/a\u003e in favor of \u003ca href=\"https://mermaid.js.org/config/schema-docs/config.html#htmllabels\"\u003eroot-level \u003ccode\u003ehtmlLabels\u003c/code\u003e\u003c/a\u003e in Mermaid config\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/5814\"\u003e#5814\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/2dd29bee254a5b89c00eb0b0da1bcf7fe96ce46c\"\u003e\u003ccode\u003e2dd29be\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/kairi003\"\u003e\u003ccode\u003e@​kairi003\u003c/code\u003e\u003c/a\u003e! - feat: allow to put notes in namespaces on classDiagram\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7075\"\u003e#7075\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/96a766dcdbb7d6e3043344a2ee3f1b64ba7a62c3\"\u003e\u003ccode\u003e96a766d\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/darshanr0107\"\u003e\u003ccode\u003e@​darshanr0107\u003c/code\u003e\u003c/a\u003e! - fix: Prevent HTML tags from being escaped in sandbox label rendering\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/6843\"\u003e#6843\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/32723b2de13474d7d13e9292e6f801e9874936ab\"\u003e\u003ccode\u003e32723b2\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/saurabhg772244\"\u003e\u003ccode\u003e@​saurabhg772244\u003c/code\u003e\u003c/a\u003e! - fix: Support edge animation in hand drawn look\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7453\"\u003e#7453\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/a60e615bc31edeb1d623d096117812c0f721f2f8\"\u003e\u003ccode\u003ea60e615\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/darshanr0107\"\u003e\u003ccode\u003e@​darshanr0107\u003c/code\u003e\u003c/a\u003e! - fix: ER diagram edge label positioning\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/6989\"\u003e#6989\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/1a9d45abf0a991c40985021e8b523c32b46dd897\"\u003e\u003ccode\u003e1a9d45a\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/darshanr0107\"\u003e\u003ccode\u003e@​darshanr0107\u003c/code\u003e\u003c/a\u003e! - fix: Resolved parsing error where direction TD was not recognized within subgraphs\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7178\"\u003e#7178\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/96ca7c090f28eea458027e6871903d789575cfa1\"\u003e\u003ccode\u003e96ca7c0\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/omkarht\"\u003e\u003ccode\u003e@​omkarht\u003c/code\u003e\u003c/a\u003e! - fix(treemap): Fixed treemap classDef style application to properly apply user-defined styles\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7076\"\u003e#7076\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/60f633101cd2e55ee80ad2250ae57d4c970430e5\"\u003e\u003ccode\u003e60f6331\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/darshanr0107\"\u003e\u003ccode\u003e@​darshanr0107\u003c/code\u003e\u003c/a\u003e! - fix: Correct viewBox casing and make SVGs responsive\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7055\"\u003e#7055\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/fa15ce8502d2f1d72787998d9d944c5a98b992dd\"\u003e\u003ccode\u003efa15ce8\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/darshanr0107\"\u003e\u003ccode\u003e@​darshanr0107\u003c/code\u003e\u003c/a\u003e! - fix: Improve participant parsing and prevent recursive loops on invalid syntax\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7276\"\u003e#7276\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/33c7c7206400509537a28f15d0e817340c482cb4\"\u003e\u003ccode\u003e33c7c72\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/darshanr0107\"\u003e\u003ccode\u003e@​darshanr0107\u003c/code\u003e\u003c/a\u003e! - fix: respect \u003ccode\u003emarkdownAutoWrap: false\u003c/code\u003e to prevent text auto-wrapping in flowchart markdown labels with \u003ccode\u003ehtmlLabels\u003c/code\u003e enabled.\u003c/p\u003e\n\u003cp\u003eMarkdown labels with \u003ccode\u003emarkdownAutoWrap: false, htmlLabels: false\u003c/code\u003e set doesn't work\ncorrectly.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7416\"\u003e#7416\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/3c069b52859470dea89f45d5f859b1087b7e1fee\"\u003e\u003ccode\u003e3c069b5\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Crafter-Y\"\u003e\u003ccode\u003e@​Crafter-Y\u003c/code\u003e\u003c/a\u003e! - fix: architecture diagram lines should now have the correct length\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/6995\"\u003e#6995\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/9745f325cb9e1967640f0e85da193a2f820634f1\"\u003e\u003ccode\u003e9745f32\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/darshanr0107\"\u003e\u003ccode\u003e@​darshanr0107\u003c/code\u003e\u003c/a\u003e! - fix: Support the \u003ca href=\"https://mermaid.js.org/config/schema-docs/config.html#htmllabels\"\u003e\u003ccode\u003ehtmlLabels\u003c/code\u003e Mermaid config value\u003c/a\u003e whenever possible\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7293\"\u003e#7293\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/a408b5586fb57aac54da4606940779562078f91d\"\u003e\u003ccode\u003ea408b55\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/darshanr0107\"\u003e\u003ccode\u003e@​darshanr0107\u003c/code\u003e\u003c/a\u003e! - fix: Prevent browser hang when using multiline accDescr in XY charts\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/6119\"\u003e#6119\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/712c1ec1222a771b38cd3b8a5ddf9c2fc4e2cbcc\"\u003e\u003ccode\u003e712c1ec\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/NealGooch\"\u003e\u003ccode\u003e@​NealGooch\u003c/code\u003e\u003c/a\u003e! - fix: correct block positioning when nested blocks span multiple columns\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/pull/7424\"\u003e#7424\u003c/a\u003e \u003ca href=\"https://github.com/mermaid-js/mermaid/commit/981a62e4ee6078d27a541db35df441734434d5c1\"\u003e\u003ccode\u003e981a62e\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/knsv\"\u003e\u003ccode\u003e@​knsv\u003c/code\u003e\u003c/a\u003e! - fix: correct BT orientation arc sweep flags in gitGraph drawArrow()\u003c/p\u003e\n\u003cp\u003eSwapped SVG arc sweep-flag values in the BT (bottom-to-top) orientation branches of \u003ccode\u003edrawArrow()\u003c/code\u003e so curves bend in the correct direction. Affects both rerouting and non-rerouting code paths for merge and non-merge arrows.\u003c/p\u003e\n\u003cp\u003eResolves \u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/issues/6593\"\u003e#6593\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/b1a5e9be56b58ae87e5341898c139c90bc35ed17\"\u003e\u003ccode\u003eb1a5e9b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/issues/7466\"\u003e#7466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/bdd7abdb177c38d0c77239d52cc6ca10344d89b2\"\u003e\u003ccode\u003ebdd7abd\u003c/code\u003e\u003c/a\u003e fix: use correct package name for elk\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/a900618c924616d89fad37d99795af7ebce5d478\"\u003e\u003ccode\u003ea900618\u003c/code\u003e\u003c/a\u003e dummy commit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/a60e615bc31edeb1d623d096117812c0f721f2f8\"\u003e\u003ccode\u003ea60e615\u003c/code\u003e\u003c/a\u003e Fix: ER diagram edge label positioning (\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/issues/7453\"\u003e#7453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/1d17c141417d4f90546b77dbebfe20f845d05b43\"\u003e\u003ccode\u003e1d17c14\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of \u003ca href=\"https://github.com/mermaid-js/mermaid\"\u003ehttps://github.com/mermaid-js/mermaid\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/500be12439bd2cd6a7dffdcc242f30f624543c38\"\u003e\u003ccode\u003e500be12\u003c/code\u003e\u003c/a\u003e chore: Update coupon\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/981fbb8bd8be584d443dbdc14c84a2718906421d\"\u003e\u003ccode\u003e981fbb8\u003c/code\u003e\u003c/a\u003e fix(gantt): restore readable outside-text for done tasks in dark mode (\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/issues/7456\"\u003e#7456\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/0d5e35aed42eb9e0ae659c2d54795a0aafd832b7\"\u003e\u003ccode\u003e0d5e35a\u003c/code\u003e\u003c/a\u003e fix(elk): scope rounded edge curve to ELK layout only (\u003ca href=\"https://redirect.github.com/mermaid-js/mermaid/issues/7454\"\u003e#7454\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/de20da7be90faf54d472e225d3f53fcd11b665b6\"\u003e\u003ccode\u003ede20da7\u003c/code\u003e\u003c/a\u003e fix: plausible build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mermaid-js/mermaid/commit/fcdd95b61fa4e5c667fc6109b2489f5a5e7affc1\"\u003e\u003ccode\u003efcdd95b\u003c/code\u003e\u003c/a\u003e chore: Update plausible\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mermaid-js/mermaid/compare/mermaid@11.6.0...mermaid@11.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for mermaid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dompurify` from 3.2.4 to 3.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.3.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an engine requirement for Node 20 which caused hiccups, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.3.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a possible bypass caused by jsdom's faulty raw-text tag parsing, thanks multiple reporters\u003c/li\u003e\n\u003cli\u003eFixed a prototype pollution issue when working with custom elements, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a lenient config parsing in \u003ccode\u003e_isValidAttribute\u003c/code\u003e, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumped and removed several dependencies, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the test suite after bumping dependencies, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated \u003ccode\u003eADD_FORBID_CONTENTS\u003c/code\u003e setting to extend default list, thanks \u003ca href=\"https://github.com/MariusRumpf\"\u003e\u003ccode\u003e@​MariusRumpf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated the ESM import syntax to be more correct, thanks \u003ca href=\"https://github.com/binhpv\"\u003e\u003ccode\u003e@​binhpv\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the SVG \u003ccode\u003emask-type\u003c/code\u003e attribute to default allow-list, thanks \u003ca href=\"https://github.com/prasadrajandran\"\u003e\u003ccode\u003e@​prasadrajandran\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded support for \u003ccode\u003eADD_ATTR\u003c/code\u003e and \u003ccode\u003eADD_TAGS\u003c/code\u003e to accept functions, thanks \u003ca href=\"https://github.com/nelstrom\"\u003e\u003ccode\u003e@​nelstrom\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue with the \u003ccode\u003eslot\u003c/code\u003e element being in both SVG and HTML allow-list, thanks \u003ca href=\"https://github.com/Wim-Valgaeren\"\u003e\u003ccode\u003e@​Wim-Valgaeren\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.2.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded new attributes and elements to default allow-list, thanks \u003ca href=\"https://github.com/elrion018\"\u003e\u003ccode\u003e@​elrion018\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003etagName\u003c/code\u003e parameter to custom element \u003ccode\u003eattributeNameCheck\u003c/code\u003e, thanks \u003ca href=\"https://github.com/nelstrom\"\u003e\u003ccode\u003e@​nelstrom\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better check for animated \u003ccode\u003ehref\u003c/code\u003e attributes, thanks \u003ca href=\"https://github.com/llamakko\"\u003e\u003ccode\u003e@​llamakko\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated and improved the bundled types, thanks \u003ca href=\"https://github.com/ssi02014\"\u003e\u003ccode\u003e@​ssi02014\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated several tests to better align with new browser encoding behaviors\u003c/li\u003e\n\u003cli\u003eImproved the handling of potentially risky content inside CDATA elements, thanks \u003ca href=\"https://github.com/securityMB\"\u003e\u003ccode\u003e@​securityMB\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/terjanq\"\u003e\u003ccode\u003e@​terjanq\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved the regular expression for raw-text elements to cover textareas, thanks \u003ca href=\"https://github.com/securityMB\"\u003e\u003ccode\u003e@​securityMB\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/terjanq\"\u003e\u003ccode\u003e@​terjanq\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.2.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed several typos and removed clutter from our documentation, thanks \u003ca href=\"https://github.com/Rotzbua\"\u003e\u003ccode\u003e@​Rotzbua\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ematrix:\u003c/code\u003e as an allowed URI scheme, thanks \u003ca href=\"https://github.com/kleinesfilmroellchen\"\u003e\u003ccode\u003e@​kleinesfilmroellchen\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better config hardening against prototype pollution, thanks \u003ca href=\"https://github.com/EffectRenan\"\u003e\u003ccode\u003e@​EffectRenan\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better handling of attribute removal, thanks \u003ca href=\"https://github.com/michalnieruchalski-tiugo\"\u003e\u003ccode\u003e@​michalnieruchalski-tiugo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded better configuration for aggressive mXSS scrubbing behavior, thanks \u003ca href=\"https://github.com/BryanValverdeU\"\u003e\u003ccode\u003e@​BryanValverdeU\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved the script that caused the fake entry \u003ca href=\"https://security.snyk.io/vuln/SNYK-JS-DOMPURIFY-10176060\"\u003eCVE-2025-48050\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDOMPurify 3.2.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded a check to the mXSS detection regex to be more strict, thanks \u003ca href=\"https://github.com/masatokinugawa\"\u003e\u003ccode\u003e@​masatokinugawa\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded ESM type imports in source, removes patch function, thanks \u003ca href=\"https://github.com/donmccurdy\"\u003e\u003ccode\u003e@​donmccurdy\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded script to verify various TypeScript configurations, thanks \u003ca href=\"https://github.com/reduckted\"\u003e\u003ccode\u003e@​reduckted\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded more modern browsers to the Karma launchers list\u003c/li\u003e\n\u003cli\u003eAdded Node 23.x to tested runtimes, removed Node 17.x\u003c/li\u003e\n\u003cli\u003eFixed the generation of source maps, thanks \u003ca href=\"https://github.com/reduckted\"\u003e\u003ccode\u003e@​reduckted\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an unexpected behavior with \u003ccode\u003eALLOWED_URI_REGEXP\u003c/code\u003e using the 'g' flag, thanks \u003ca href=\"https://github.com/hhk-png\"\u003e\u003ccode\u003e@​hhk-png\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a few typos in the README file\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/8bcbf73ae7eb56e7b4f1300b66cf543342c7ee27\"\u003e\u003ccode\u003e8bcbf73\u003c/code\u003e\u003c/a\u003e chore: Preparing 3.3.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5faddd60af7b4d612f32a0c6b44432b77c8c490c\"\u003e\u003ccode\u003e5faddd6\u003c/code\u003e\u003c/a\u003e fix: engine requirement (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1210\"\u003e#1210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/0f91e3add5c028bc4110c513b0c2571b284c35af\"\u003e\u003ccode\u003e0f91e3a\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/d5ff1a8c605df1df998c2e7df2c4c8ac762b0dea\"\u003e\u003ccode\u003ed5ff1a8\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:cure53/DOMPurify\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/c3efd489010366e755de9d65fd741888fd8b7462\"\u003e\u003ccode\u003ec3efd48\u003c/code\u003e\u003c/a\u003e fix: moved back from jsdom 28 to jsdom 20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/988b888108c8df911ef37e68d0e26c85ad90e885\"\u003e\u003ccode\u003e988b888\u003c/code\u003e\u003c/a\u003e fix: moved back from jsdom 28 to jsdom 20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/2726c74e9c6a0645127d1630e5ca49f64bc9fe67\"\u003e\u003ccode\u003e2726c74\u003c/code\u003e\u003c/a\u003e chore: Preparing 3.3.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/6202c7e43e9df01ba606396aed60fbae5583f7a1\"\u003e\u003ccode\u003e6202c7e\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​tootallnate/once\u003c/code\u003e and jsdom (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1204\"\u003e#1204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/302b51de22535cc90235472c52e3401bedd46f80\"\u003e\u003ccode\u003e302b51d\u003c/code\u003e\u003c/a\u003e fix: Expanded the regex ever so slightly to also cover script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/cd85175da3c4614aeb0f1022f2a347e5e9bdd58b\"\u003e\u003ccode\u003ecd85175\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:cure53/DOMPurify\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.2.4...3.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `immutable` from 4.3.7 to 5.1.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/releases\"\u003eimmutable's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.1.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/li\u003e\n\u003cli\u003eUpgrade devtools and use immutable version by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2158\"\u003eimmutable-js/immutable-js#2158\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/immutable-js/immutable-js/compare/v5.1.4...v5.1.5\"\u003ehttps://github.com/immutable-js/immutable-js/compare/v5.1.4...v5.1.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.1.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate some files to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2125\"\u003eimmutable-js/immutable-js#2125\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIterator.ts\u003c/li\u003e\n\u003cli\u003ePairSorting.ts\u003c/li\u003e\n\u003cli\u003etoJS.ts\u003c/li\u003e\n\u003cli\u003eMath.ts\u003c/li\u003e\n\u003cli\u003eHash.ts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eExtract CollectionHelperMethods and convert to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2131\"\u003eimmutable-js/immutable-js#2131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse npm \u003ca href=\"https://docs.npmjs.com/trusted-publishers\"\u003etrusted publishing only\u003c/a\u003e to avoid token stealing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/a11y issues by \u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDoc add Map.get signature update by \u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(doc):minor-issues#2132 by \u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix algolia search by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2135\"\u003eimmutable-js/immutable-js#2135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTypo in OrderedMap by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2144\"\u003eimmutable-js/immutable-js#2144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: Sort all imports and activate eslint import rule by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2119\"\u003eimmutable-js/immutable-js#2119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/immutable-js/immutable-js/compare/v5.1.3...v5.1.4\"\u003ehttps://github.com/immutable-js/immutable-js/compare/v5.1.3...v5.1.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.1.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eTypeScript\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: allow readonly map entry constructor by \u003ca href=\"https://github.com/septs\"\u003e\u003ccode\u003e@​septs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2123\"\u003eimmutable-js/immutable-js#2123\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cp\u003eThere has been a huge amount of changes in the documentation, mainly migrate from an autogenerated documentation from .d.ts file, to a proper documentation in markdown.\nThe playground has been included on nearly all method examples.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md\"\u003eimmutable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate some files to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2125\"\u003eimmutable-js/immutable-js#2125\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIterator.ts\u003c/li\u003e\n\u003cli\u003ePairSorting.ts\u003c/li\u003e\n\u003cli\u003etoJS.ts\u003c/li\u003e\n\u003cli\u003eMath.ts\u003c/li\u003e\n\u003cli\u003eHash.ts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eExtract CollectionHelperMethods and convert to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2131\"\u003eimmutable-js/immutable-js#2131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse npm \u003ca href=\"https://docs.npmjs.com/trusted-publishers\"\u003etrusted publishing only\u003c/a\u003e to avoid token stealing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/a11y issues by \u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDoc add Map.get signature update by \u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(doc):minor-issues#2132 by \u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix algolia search by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2135\"\u003eimmutable-js/immutable-js#2135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTypo in OrderedMap by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2144\"\u003eimmutable-js/immutable-js#2144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: Sort all imports and activate eslint import rule by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2119\"\u003eimmutable-js/immutable-js#2119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.3\u003c/h2\u003e\n\u003ch3\u003eTypeScript\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: allow readonly map entry constructor by \u003ca href=\"https://github.com/septs\"\u003e\u003ccode\u003e@​septs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2123\"\u003eimmutable-js/immutable-js#2123\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cp\u003eThere has been a huge amount of changes in the documentation, mainly migrate from an autogenerated documentation from .d.ts file, to a proper documentation in markdown.\nThe playground has been included on nearly all method examples.\nWe added a page about browser extensions too: \u003ca href=\"https://immutable-js.com/browser-extension/\"\u003ehttps://immutable-js.com/browser-extension/\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ereplace rimraf by a node script by \u003ca href=...\n\n_Description has been truncated_","html_url":"https://github.com/ssushant0011/rspack/pull/8","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ssushant0011%2Frspack/issues/8","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8/packages"}},{"old_version":"7.2.3","new_version":"7.2.4","update_type":"patch","path":null,"pr_created_at":"2026-03-21T17:01:51.000Z","version_change":"7.2.3 → 7.2.4","issue":{"uuid":"4113056660","node_id":"PR_kwDOP9kpyc7MYOJF","number":17,"state":"open","title":"Bump the npm_and_yarn group across 2 directories with 25 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-21T17:01:51.000Z","updated_at":"2026-03-21T17:16:27.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":25,"packages":[{"name":"ai","old_version":"5.0.28","new_version":"5.0.52","repository_url":"https://github.com/vercel/ai"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"next","old_version":"15.3.3","new_version":"15.5.14","repository_url":"https://github.com/vercel/next.js"},{"name":"glob","old_version":"11.0.2","new_version":"12.0.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"validator","old_version":"13.15.15","new_version":"13.15.22","repository_url":"https://github.com/validatorjs/validator.js"},{"name":"@modelcontextprotocol/sdk","old_version":"1.12.1","new_version":"1.27.1","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.2.0","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"bn.js","old_version":"4.12.2","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"4.0.3","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"mdast-util-to-hast","old_version":"13.2.0","new_version":"13.2.1","repository_url":"https://github.com/syntax-tree/mdast-util-to-hast"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"qs","old_version":"6.14.0","new_version":"6.15.0","repository_url":"https://github.com/ljharb/qs"},{"name":"rollup","old_version":"4.43.0","new_version":"4.59.1","repository_url":"https://github.com/rollup/rollup"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"3.0.9","new_version":"3.1.2","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.12","repository_url":"https://github.com/isaacs/node-tar"},{"name":"undici","old_version":"7.10.0","new_version":"7.24.5","repository_url":"https://github.com/nodejs/undici"},{"name":"zx","old_version":"7.2.3","new_version":"7.2.4","repository_url":"https://github.com/google/zx"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 23 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ai](https://github.com/vercel/ai) | `5.0.28` | `5.0.52` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [next](https://github.com/vercel/next.js) | `15.3.3` | `15.5.14` |\n| [glob](https://github.com/isaacs/node-glob) | `11.0.2` | `12.0.0` |\n| [validator](https://github.com/validatorjs/validator.js) | `13.15.15` | `13.15.22` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.12.1` | `1.27.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.2.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.2` | `4.12.3` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.3` | `4.0.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) | `13.2.0` | `13.2.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n| [rollup](https://github.com/rollup/rollup) | `4.43.0` | `4.59.1` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `3.0.9` | `3.1.2` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.12` |\n| [undici](https://github.com/nodejs/undici) | `7.10.0` | `7.24.5` |\n| [zx](https://github.com/google/zx) | `7.2.3` | `7.2.4` |\n\nBumps the npm_and_yarn group with 4 updates in the /apps/www directory: [ai](https://github.com/vercel/ai), [lodash](https://github.com/lodash/lodash), [next](https://github.com/vercel/next.js) and [glob](https://github.com/isaacs/node-glob).\n\nUpdates `ai` from 5.0.28 to 5.0.52\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63d5f669098343a49173d788fe1490127e882bd1\"\u003e\u003ccode\u003e63d5f66\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8895\"\u003e#8895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/930399bb9839a8baf3d349614106d78268775eed\"\u003e\u003ccode\u003e930399b\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): download files when intermediate file cannot be downloaded...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7ca78f19a51859de09171daa3b0cefcc9df90a16\"\u003e\u003ccode\u003e7ca78f1\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/gateway): Add new Qwen models to Gateway model string...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1cfc209a5f9f281565538f2880f9c6278ca6bf04\"\u003e\u003ccode\u003e1cfc209\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): \u003ccode\u003eOpenAILanguageModelOptions\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8858\"\u003e#8858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/347b7ecce9953ae427e7fcf5b0441a63a3d44431\"\u003e\u003ccode\u003e347b7ec\u003c/code\u003e\u003c/a\u003e ci: rename \u003ccode\u003ev5.0\u003c/code\u003e branch to \u003ccode\u003erelease-v*\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/85909a9f6448c7e6eb52d780abcca4f96679e719\"\u003e\u003ccode\u003e85909a9\u003c/code\u003e\u003c/a\u003e Backport: chore(ai): update test message (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8875\"\u003e#8875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c56822dd81d5d70bcd5ef230a875f96a224849a4\"\u003e\u003ccode\u003ec56822d\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the `UIMessageChu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1461adf5841cc3f164482fdff72b66b4b22bf866\"\u003e\u003ccode\u003e1461adf\u003c/code\u003e\u003c/a\u003e Backport: chore(examples): remove redundant OpenAI reasoning examples (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8871\"\u003e#8871\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6bd07df02d9f954b389e44da128fc6d1358462d9\"\u003e\u003ccode\u003e6bd07df\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8853\"\u003e#8853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a45d61aa32f2f319254c5e660731085bcd30f273\"\u003e\u003ccode\u003ea45d61a\u003c/code\u003e\u003c/a\u003e ci(release): remove incorrect changeset bump for \u003ccode\u003e@ai-sdk/baseten\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/compare/ai@5.0.28...ai@5.0.52\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 15.3.3 to 15.5.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(next/image): add lru disk cache and images.maximumDiskCacheSize (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91660\"\u003e#91660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix(pages-router): restore Content-Length and ETag for /_next/data/ JSON responses (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/90304\"\u003e#90304\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/lllomh\"\u003e\u003ccode\u003e@​lllomh\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003ev15.5.13\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: patch http-proxy to prevent request smuggling in rewrites (See: \u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ggv3-7p47-pfv8\"\u003eCVE-2026-29057\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/ztanner\"\u003e\u003ccode\u003e@​ztanner\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003ev15.5.12\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003efix unlock in publish-native\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis is a re-release of \u003ca href=\"https://github.com/vercel/next.js/releases/tag/v15.5.11\"\u003ev15.5.11\u003c/a\u003e applying the turbopack changes.\u003c/p\u003e\n\u003ch2\u003ev15.5.11\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTracing: Fix memory leak in span map (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/85529\"\u003e#85529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: ensure LRU cache items have minimum size of 1 to prevent unbounded growth (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89134\"\u003e#89134\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: fix NFT tracing of sharp 0.34 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/82340\"\u003e#82340\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: support pattern into exports field (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/82757\"\u003e#82757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNFT tracing fixes (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/84155\"\u003e#84155\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/vercel/next.js/issues/85323\"\u003e#85323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: validate CSS without computing all paths (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/83810\"\u003e#83810\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat: implement LRU cache with invocation ID scoping for minimal mode response cache (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89129\"\u003e#89129\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/timneutkens\"\u003e\u003ccode\u003e@​timneutkens\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mischnic\"\u003e\u003ccode\u003e@​mischnic\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ztanner\"\u003e\u003ccode\u003e@​ztanner\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/wyattjoh\"\u003e\u003ccode\u003e@​wyattjoh\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d7b012d787c01e0435f8cdf2a47211891668d13b\"\u003e\u003ccode\u003ed7b012d\u003c/code\u003e\u003c/a\u003e v15.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/2b0525123245da5b1b9d1abedc636c5fd3ee1d07\"\u003e\u003ccode\u003e2b05251\u003c/code\u003e\u003c/a\u003e [backport] feat(next/image): add lru disk cache and `images.maximumDiskCacheS...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/f88cee9604f0ec8ab869a2f94ced984194277b9e\"\u003e\u003ccode\u003ef88cee9\u003c/code\u003e\u003c/a\u003e Backport: Fix(pages-router): restore Content-Length and ETag for /_next/data/...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/cfd5f533b08df3038476dcd54f1d6d660d85f069\"\u003e\u003ccode\u003ecfd5f53\u003c/code\u003e\u003c/a\u003e v15.5.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/15f28911fd272041707dbf6b7c07d62642593be8\"\u003e\u003ccode\u003e15f2891\u003c/code\u003e\u003c/a\u003e [backport]: fix: patch http-proxy to prevent request smuggling in rewrites (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d23f41c42506005fe6978e076a1ccbf8979e4925\"\u003e\u003ccode\u003ed23f41c\u003c/code\u003e\u003c/a\u003e v15.5.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/8e75765a6544dc0e6b20aefeade7d33190ffcb7c\"\u003e\u003ccode\u003e8e75765\u003c/code\u003e\u003c/a\u003e fix unlock in publish-native\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/6cef992286e3050aeca46e0d506dc5bad4368fd2\"\u003e\u003ccode\u003e6cef992\u003c/code\u003e\u003c/a\u003e [backport] normalize CRLF line endings in jscodeshift tests on Windows (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/8800\"\u003e#8800\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7a9464553ac72f5b3f3acf17174a61b7b8a210a5\"\u003e\u003ccode\u003e7a94645\u003c/code\u003e\u003c/a\u003e Apply needs for publishRelease\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/bbfd4e313d4bc9024ec340d9de419a0e4357f898\"\u003e\u003ccode\u003ebbfd4e3\u003c/code\u003e\u003c/a\u003e v15.5.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v15.3.3...v15.5.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.2 to 12.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2b03ccaf9fc397b6054d639cd5fbe97104d36221\"\u003e\u003ccode\u003e2b03cca\u003c/code\u003e\u003c/a\u003e 12.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d56203dc19a4af5c8f8177a3b67e63a14a246458\"\u003e\u003ccode\u003ed56203d\u003c/code\u003e\u003c/a\u003e prettier config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bb521e5d188a8cbbe86d5cef3bf57a49fdee7c59\"\u003e\u003ccode\u003ebb521e5\u003c/code\u003e\u003c/a\u003e Remove --shell option where unsafe to use\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2551fb51440d402fa2120457bf460e546ee9964d\"\u003e\u003ccode\u003e2551fb5\u003c/code\u003e\u003c/a\u003e 11.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146\"\u003e\u003ccode\u003e47473c0\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bc33fe1c6a47abd497703d79ad96036e7891ff62\"\u003e\u003ccode\u003ebc33fe1\u003c/code\u003e\u003c/a\u003e skip tilde test on systems that lack tilde expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/59bf9ca211bda5636c4fe9e32d41530c90a4f30d\"\u003e\u003ccode\u003e59bf9ca\u003c/code\u003e\u003c/a\u003e fix notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/dde4fa66c87e24b37bb5be28ed10c6e12019edac\"\u003e\u003ccode\u003edde4fa6\u003c/code\u003e\u003c/a\u003e docs(README): add #anchor and improve \u003ccode\u003enote\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/0559b0ed13c0f8147cd2ac9d48bb49684caaf20e\"\u003e\u003ccode\u003e0559b0e\u003c/code\u003e\u003c/a\u003e docs: add better links to path-scurry docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c9773c249b4b9ed6b2447222c226f9d20c6ce916\"\u003e\u003ccode\u003ec9773c2\u003c/code\u003e\u003c/a\u003e fix: correct typos in \u003ccode\u003eREADME.md\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v11.0.2...v12.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `validator` from 13.15.15 to 13.15.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/releases\"\u003evalidator's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e13.15.22\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003evalidatorjs/validator.js#2622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e-- made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003evalidatorjs/validator.js#2616\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e13.15.20\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003evalidatorjs/validator.js#2563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003evalidatorjs/validator.js#2556\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003evalidatorjs/validator.js#2576\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003evalidatorjs/validator.js#2574\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003evalidatorjs/validator.js#2584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003evalidatorjs/validator.js#2581\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003evalidatorjs/validator.js#2608\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md\"\u003evalidator's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e13.15.22\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e13.15.20\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2b5c17dbe03f2ca9ad9122c597f81e86ce1a9a1\"\u003e\u003ccode\u003ef2b5c17\u003c/code\u003e\u003c/a\u003e maintenance: 2511 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2627\"\u003e#2627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/d457ecaf55b0f3d8bd379d82757425d0d13dd382\"\u003e\u003ccode\u003ed457eca\u003c/code\u003e\u003c/a\u003e fix(isLength): correctly handle Unicode variation selectors (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2616\"\u003e#2616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2e3633f22fd3016656789d100bc451d857e7488\"\u003e\u003ccode\u003ef2e3633\u003c/code\u003e\u003c/a\u003e docs: add install instructions to contibution guide (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2621\"\u003e#2621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cf401458b8733d981a3724d634c795a9d612b516\"\u003e\u003ccode\u003ecf40145\u003c/code\u003e\u003c/a\u003e fix: URL validation for hostnames with ports (no protocol) (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2622\"\u003e#2622\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/4af61243ba0ae93f29e7689040e188b5849ff1b0\"\u003e\u003ccode\u003e4af6124\u003c/code\u003e\u003c/a\u003e maintenance: 2510 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2585\"\u003e#2585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/30d4fe02c16d36ed471f12da658c4b5d843781e0\"\u003e\u003ccode\u003e30d4fe0\u003c/code\u003e\u003c/a\u003e 13.15.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cbef5088f02d36caf978f378bb845fe49bdc0809\"\u003e\u003ccode\u003ecbef508\u003c/code\u003e\u003c/a\u003e fix(isURL): improve protocol detection. Resolves CVE-2025-56200 (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2608\"\u003e#2608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/6f436be36945e460ee624bf72a935a06daded859\"\u003e\u003ccode\u003e6f436be\u003c/code\u003e\u003c/a\u003e Fix typo in validators.test.js (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2581\"\u003e#2581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/3c857088d58197453957a2b924dfedea328003b6\"\u003e\u003ccode\u003e3c85708\u003c/code\u003e\u003c/a\u003e Fix: correct French VAT (FR) validation regex and add tests (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2584\"\u003e#2584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/eee525cd117d24ac905b9432f3f5a27e96aa9719\"\u003e\u003ccode\u003eeee525c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2491\"\u003e#2491\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2573\"\u003e#2573\u003c/a\u003e Simplify isBase64 to prevent stack overflow (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2574\"\u003e#2574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~wikirik\"\u003ewikirik\u003c/a\u003e, a new releaser for validator since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.12.1 to 1.27.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e\u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.27.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: implement auth/pre-registration conformance scenario by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1545\"\u003emodelcontextprotocol/typescript-sdk#1545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add governance documentation for SEP-1730 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1547\"\u003emodelcontextprotocol/typescript-sdk#1547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: comprehensive feature documentation for SEP-1730 Tier 1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1548\"\u003emodelcontextprotocol/typescript-sdk#1548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent command injection in example URL opening (v1.x backport) by \u003ca href=\"https://github.com/maxisbey\"\u003e\u003ccode\u003e@​maxisbey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1579\"\u003emodelcontextprotocol/typescript-sdk#1579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: call onerror for silently swallowed transport errors by \u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.27.1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1581\"\u003emodelcontextprotocol/typescript-sdk#1581\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add conformance test infrastructure for v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1518\"\u003emodelcontextprotocol/typescript-sdk#1518\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: backport discoverOAuthServerInfo() and discovery caching to v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1533\"\u003emodelcontextprotocol/typescript-sdk#1533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add url property to RequestInfo interface by \u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] feat(tasks): add streaming methods for elicitation and sampling by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1528\"\u003emodelcontextprotocol/typescript-sdk#1528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version for v1.27.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1541\"\u003emodelcontextprotocol/typescript-sdk#1541\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.26.0\u003c/h2\u003e\n\u003cp\u003eAddresses \u0026quot;Sharing server/transport instances can leak cross-client response data\u0026quot; in this GHSA \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump v1.25.3 for backport fixes by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1412\"\u003emodelcontextprotocol/typescript-sdk#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by \u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) by \u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.26.0 by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1479\"\u003emodelcontextprotocol/typescript-sdk#1479\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v1.x backport] Use correct schema for client sampling validation when tools are present by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1407\"\u003emodelcontextprotocol/typescript-sdk#1407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent Hono from overriding global Response object (v1.x) by \u003ca href=\"https://github.com/mattzcarey\"\u003e\u003ccode\u003e@​mattzcarey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1411\"\u003emodelcontextprotocol/typescript-sdk#1411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4faa8c899c069a98f8a0c3f804ec1a50dc2bae64\"\u003e\u003ccode\u003e4faa8c8\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.27.1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1581\"\u003e#1581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/09a85a80439f0ca9e5556ac20bdec41461e35234\"\u003e\u003ccode\u003e09a85a8\u003c/code\u003e\u003c/a\u003e fix: call onerror for silently swallowed transport errors (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1580\"\u003e#1580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/e79d14ab6d8fbcb49543cab3917a60a89d0a6df9\"\u003e\u003ccode\u003ee79d14a\u003c/code\u003e\u003c/a\u003e fix: prevent command injection in example URL opening (v1.x backport) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1579\"\u003e#1579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/342ea394ca6e660e294162efdeafc411284bcc0d\"\u003e\u003ccode\u003e342ea39\u003c/code\u003e\u003c/a\u003e docs: comprehensive feature documentation for SEP-1730 Tier 1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1548\"\u003e#1548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/2084a22074d4c8fd54ddc8637783fb10c13edf90\"\u003e\u003ccode\u003e2084a22\u003c/code\u003e\u003c/a\u003e docs: add governance documentation for SEP-1730 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1547\"\u003e#1547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/f2d21458ccccd7cfaa1a2a171a262961591d4d0b\"\u003e\u003ccode\u003ef2d2145\u003c/code\u003e\u003c/a\u003e feat: implement auth/pre-registration conformance scenario (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1545\"\u003e#1545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/8cbc65848388cb0364122f5760cb6b01ff8a3654\"\u003e\u003ccode\u003e8cbc658\u003c/code\u003e\u003c/a\u003e chore: bump version for v1.27.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1541\"\u003e#1541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/5c16ae3339bfa1dd71b0dee1a534e1b6d8be658e\"\u003e\u003ccode\u003e5c16ae3\u003c/code\u003e\u003c/a\u003e [v1.x] feat(tasks): add streaming methods for elicitation and sampling (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1528\"\u003e#1528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/97ab379e4572ac8e38ff8b99891f29a69cfbb5bb\"\u003e\u003ccode\u003e97ab379\u003c/code\u003e\u003c/a\u003e feat: add url property to RequestInfo interface (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/825e9ab80332e7fac19d221f6aae352dc73172fe\"\u003e\u003ccode\u003e825e9ab\u003c/code\u003e\u003c/a\u003e feat: backport discoverOAuthServerInfo() and discovery caching to v1.x (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1533\"\u003e#1533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.12.1...v1.27.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~pcarleton\"\u003epcarleton\u003c/a\u003e, a new releaser for \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5d41e45073ed1a8a3b5e5a1bbfcd131e61295bf8\"\u003e\u003ccode\u003e5d41e45\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/49c2e73ed1cae4962ae38b33ab93a3548c2f5622\"\u003e\u003ccode\u003e49c2e73\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/2a2a0e6514357b9eda07c2f8afbd3f04727a7cd9\"\u003e\u003ccode\u003e2a2a0e6\u003c/code\u003e\u003c/a\u003e Skip invalid filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/65c90d949c0f8a9709759dff9e76bbe07061812b\"\u003e\u003ccode\u003e65c90d9\u003c/code\u003e\u003c/a\u003e Fix permissions for workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/593cb7831bec60d5590acc3eeb2e553f4a431167\"\u003e\u003ccode\u003e593cb78\u003c/code\u003e\u003c/a\u003e Set permissions for workflow jobs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/36adf110beabc9acdcad122149a2ea795a2b1a6c\"\u003e\u003ccode\u003e36adf11\u003c/code\u003e\u003c/a\u003e Remove deprecated CodeQL check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9da4af0e1f82fe372bedc1b7820f55c6eaf012e5\"\u003e\u003ccode\u003e9da4af0\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/699303975bea182b966f9f34a1ecbbebe92afcef\"\u003e\u003ccode\u003e6993039\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0b8f7560e11af817d70ff17f986b334ba2e99b81\"\u003e\u003ccode\u003e0b8f756\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/67a53f21623e4047d28d7a6f98f539f1adc9d1d0\"\u003e\u003ccode\u003e67a53f2\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.2 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.2...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 2.2.0 to 2.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README links by \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: release notes for the v1.20.4 release by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/674\"\u003eexpressjs/body-parser#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update URL-encoded parser description to include ISO-8859-1 encoding support by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/679\"\u003eexpressjs/body-parser#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use standard jsdoc tags everywhere by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/677\"\u003eexpressjs/body-parser#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/689\"\u003eexpressjs/body-parser#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/693\"\u003eexpressjs/body-parser#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.2.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/691\"\u003eexpressjs/body-parser#691\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\"\u003ehttps://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-13466\"\u003eCVE-2025-13466\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/593\"\u003eexpressjs/body-parser#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/594\"\u003eexpressjs/body-parser#594\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: type-is@^2.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/599\"\u003eexpressjs/body-parser#599\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/609\"\u003eexpressjs/body-parser#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/610\"\u003eexpressjs/body-parser#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/611\"\u003eexpressjs/body-parser#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/613\"\u003eexpressjs/body-parser#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/612\"\u003eexpressjs/body-parser#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add codeql github workflows scanning by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/614\"\u003eexpressjs/body-parser#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update CodeQL config to ignore the test directory by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/615\"\u003eexpressjs/body-parser#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/620\"\u003eexpressjs/body-parser#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/619\"\u003eexpressjs/body-parser#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): unpin devDependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/616\"\u003eexpressjs/body-parser#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/621\"\u003eexpressjs/body-parser#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/623\"\u003eexpressjs/body-parser#623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/624\"\u003eexpressjs/body-parser#624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/617\"\u003eexpressjs/body-parser#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/625\"\u003eexpressjs/body-parser#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/630\"\u003eexpressjs/body-parser#630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: move common request validation to read function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/600\"\u003eexpressjs/body-parser#600\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump iconv-lite by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/631\"\u003eexpressjs/body-parser#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: pull beta changelog forward into 2.0.0 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/629\"\u003eexpressjs/body-parser#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: optimize raw and text parsers with shared passthrough function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/634\"\u003eexpressjs/body-parser#634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/640\"\u003eexpressjs/body-parser#640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/639\"\u003eexpressjs/body-parser#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/636\"\u003eexpressjs/body-parser#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/637\"\u003eexpressjs/body-parser#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/638\"\u003eexpressjs/body-parser#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: raw-body@^3.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/641\"\u003eexpressjs/body-parser#641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.2.2 / 2026-01-07\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@^6.14.1\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.1 / 2025-11-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.1\u003c/li\u003e\n\u003cli\u003eiconv-lite@^0.7.0\n\u003cul\u003e\n\u003cli\u003eHandle split surrogate pairs when encoding UTF-8\u003c/li\u003e\n\u003cli\u003eAvoid false positives in \u003ccode\u003eencodingExists\u003c/code\u003e by using prototype-less objects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eraw-body@^3.0.1\u003c/li\u003e\n\u003cli\u003edebug@^4.4.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/3d248660b2e8b66732b232d7c758517fbf2420a6\"\u003e\u003ccode\u003e3d24866\u003c/code\u003e\u003c/a\u003e 2.2.2 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/8474a984c3ba36a1b4328ce019833b99caa0f08f\"\u003e\u003ccode\u003e8474a98\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/693\"\u003e#693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/03f17c2538552a57e6be537afca8c7587bd40aaa\"\u003e\u003ccode\u003e03f17c2\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/689\"\u003e#689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ea1f25e503c1b2f7ba6f8562724ae0fcd247fb75\"\u003e\u003ccode\u003eea1f25e\u003c/code\u003e\u003c/a\u003e docs: use standard jsdoc tags everywhere (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d7deef8ec61307fa28c22bc443cf8ed2f267945a\"\u003e\u003ccode\u003ed7deef8\u003c/code\u003e\u003c/a\u003e docs: update URL-encoded parser description to include ISO-8859-1 encoding su...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b6f52aabc65137c5227c8a462bddb761daeb96e7\"\u003e\u003ccode\u003eb6f52aa\u003c/code\u003e\u003c/a\u003e docs: release notes for the v1.20.4 release (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2965ca4af4883109cb2f651f4ce12da310902a0c\"\u003e\u003ccode\u003e2965ca4\u003c/code\u003e\u003c/a\u003e docs: update links (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d96b63da8d7445de317736471633bac83ec76cbb\"\u003e\u003ccode\u003ed96b63d\u003c/code\u003e\u003c/a\u003e 2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/659\"\u003e#659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63\"\u003e\u003ccode\u003eb204886\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2025-13466\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/e20e3512e085c1162e8ffe36ac65c705a8017251\"\u003e\u003ccode\u003ee20e351\u003c/code\u003e\u003c/a\u003e feat: remove \u003ccode\u003ehistory.md\u003c/code\u003e from being packaged on publish (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.0...v2.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 4.0.2 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 4.0.2 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev4.0.3 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5\"\u003e\u003ccode\u003ef06f3e4\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75\"\u003e\u003ccode\u003e0179a48\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683\"\u003e\u003ccode\u003e4568cae\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a\"\u003e\u003ccode\u003e4de0ffa\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~explodingcabbage\"\u003eexplodingcabbage\u003c/a\u003e, a new releaser for diff since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.3 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.4...v4.0.5\"\u003ev4.0.5\u003c/a\u003e - 2025-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set Symbol.toStringTag in the proper place \u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/68ff7dda8834d6de095a7008cef0e03bc252ca98\"\u003e\u003ccode\u003e68ff7dd\u003c/code\u003e\u003c/a\u003e v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e [Fix] set Symbol.toStringTag in the proper place\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e [Tests] Switch to newer v8 prediction library; enable node 24 testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=...\n\n_Description has been truncated_\n\n---\n\n🔄 This PR updates 25 npm dependencies across the monorepo, including major updates to Next.js (15.3.3 → 15.5.14), AI SDK (5.0.28 → 5.0.52), and lodash (4.17.21 → 4.17.23), along with security patches for multiple packages.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Framework Updates**: Next.js updated from 15.3.3 to 15.5.14 with performance improvements and security fixes\n- **AI SDK Enhancement**: Vercel AI SDK updated from 5.0.28 to 5.0.52 with new features and bug fixes\n- **Security Patches**: Multiple packages updated to address CVEs including validator.js, basic-ftp, and form-data\n- **Utility Libraries**: Lodash updated across 13 packages from 4.17.21 to 4.17.23 with prototype pollution fixes\n- **Development Tools**: Glob updated from 11.0.2 to 12.0.0 with breaking changes to CLI interface\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 25 Outdated Packages]\n    B --\u003e C[Security Updates]\n    B --\u003e D[Feature Updates]\n    B --\u003e E[Bug Fixes]\n    \n    C --\u003e F[validator.js CVE-2025-56200]\n    C --\u003e G[basic-ftp CVE-2026-27699]\n    C --\u003e H[form-data boundary security]\n    \n    D --\u003e I[Next.js 15.5.14 features]\n    D --\u003e J[AI SDK 5.0.52 enhancements]\n    \n    E --\u003e K[lodash prototype pollution]\n    E --\u003e L[Various stability fixes]\n    \n    F --\u003e M[Production Ready]\n    G --\u003e M\n    H --\u003e M\n    I --\u003e M\n    J --\u003e M\n    K --\u003e M\n    L --\u003e M\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple CVEs and security vulnerabilities across the dependency tree\n- **Performance Improvements**: Next.js updates include LRU caching, memory leak fixes, and Turbopack enhancements\n- **Developer Experience**: Updated AI SDK provides better tooling and API improvements for AI-powered features\n- **Stability**: Lodash updates fix prototype pollution issues affecting 13 packages in the monorepo\n- **Compatibility**: Most updates are backward compatible, though glob 12.0.0 removes unsafe CLI options\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/plate/pull/17","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Fplate/issues/17","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/17/packages"}},{"old_version":"7.2.3","new_version":"7.2.4","update_type":"patch","path":null,"pr_created_at":"2026-03-20T21:29:04.000Z","version_change":"7.2.3 → 7.2.4","issue":{"uuid":"4110210891","node_id":"PR_kwDOP9kpyc7MQoiJ","number":16,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 25 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-20T21:29:04.000Z","updated_at":"2026-03-20T23:03:40.234Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":25,"packages":[{"name":"ai","old_version":"5.0.28","new_version":"5.0.52","repository_url":"https://github.com/vercel/ai"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"next","old_version":"15.3.3","new_version":"15.5.14","repository_url":"https://github.com/vercel/next.js"},{"name":"glob","old_version":"11.0.2","new_version":"12.0.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"validator","old_version":"13.15.15","new_version":"13.15.22","repository_url":"https://github.com/validatorjs/validator.js"},{"name":"@modelcontextprotocol/sdk","old_version":"1.12.1","new_version":"1.27.1","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.2.0","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"bn.js","old_version":"4.12.2","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"4.0.3","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"mdast-util-to-hast","old_version":"13.2.0","new_version":"13.2.1","repository_url":"https://github.com/syntax-tree/mdast-util-to-hast"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"qs","old_version":"6.14.0","new_version":"6.15.0","repository_url":"https://github.com/ljharb/qs"},{"name":"rollup","old_version":"4.43.0","new_version":"4.59.0","repository_url":"https://github.com/rollup/rollup"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"3.0.9","new_version":"3.1.2","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.12","repository_url":"https://github.com/isaacs/node-tar"},{"name":"undici","old_version":"7.10.0","new_version":"7.24.5","repository_url":"https://github.com/nodejs/undici"},{"name":"zx","old_version":"7.2.3","new_version":"7.2.4","repository_url":"https://github.com/google/zx"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 23 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ai](https://github.com/vercel/ai) | `5.0.28` | `5.0.52` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [next](https://github.com/vercel/next.js) | `15.3.3` | `15.5.14` |\n| [glob](https://github.com/isaacs/node-glob) | `11.0.2` | `12.0.0` |\n| [validator](https://github.com/validatorjs/validator.js) | `13.15.15` | `13.15.22` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.12.1` | `1.27.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.2.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.2` | `4.12.3` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.3` | `4.0.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) | `13.2.0` | `13.2.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n| [rollup](https://github.com/rollup/rollup) | `4.43.0` | `4.59.0` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `3.0.9` | `3.1.2` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.12` |\n| [undici](https://github.com/nodejs/undici) | `7.10.0` | `7.24.5` |\n| [zx](https://github.com/google/zx) | `7.2.3` | `7.2.4` |\n\n\nUpdates `ai` from 5.0.28 to 5.0.52\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63d5f669098343a49173d788fe1490127e882bd1\"\u003e\u003ccode\u003e63d5f66\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8895\"\u003e#8895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/930399bb9839a8baf3d349614106d78268775eed\"\u003e\u003ccode\u003e930399b\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): download files when intermediate file cannot be downloaded...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7ca78f19a51859de09171daa3b0cefcc9df90a16\"\u003e\u003ccode\u003e7ca78f1\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/gateway): Add new Qwen models to Gateway model string...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1cfc209a5f9f281565538f2880f9c6278ca6bf04\"\u003e\u003ccode\u003e1cfc209\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): \u003ccode\u003eOpenAILanguageModelOptions\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8858\"\u003e#8858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/347b7ecce9953ae427e7fcf5b0441a63a3d44431\"\u003e\u003ccode\u003e347b7ec\u003c/code\u003e\u003c/a\u003e ci: rename \u003ccode\u003ev5.0\u003c/code\u003e branch to \u003ccode\u003erelease-v*\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/85909a9f6448c7e6eb52d780abcca4f96679e719\"\u003e\u003ccode\u003e85909a9\u003c/code\u003e\u003c/a\u003e Backport: chore(ai): update test message (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8875\"\u003e#8875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c56822dd81d5d70bcd5ef230a875f96a224849a4\"\u003e\u003ccode\u003ec56822d\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the `UIMessageChu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1461adf5841cc3f164482fdff72b66b4b22bf866\"\u003e\u003ccode\u003e1461adf\u003c/code\u003e\u003c/a\u003e Backport: chore(examples): remove redundant OpenAI reasoning examples (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8871\"\u003e#8871\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6bd07df02d9f954b389e44da128fc6d1358462d9\"\u003e\u003ccode\u003e6bd07df\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8853\"\u003e#8853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a45d61aa32f2f319254c5e660731085bcd30f273\"\u003e\u003ccode\u003ea45d61a\u003c/code\u003e\u003c/a\u003e ci(release): remove incorrect changeset bump for \u003ccode\u003e@ai-sdk/baseten\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/compare/ai@5.0.28...ai@5.0.52\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 15.3.3 to 15.5.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(next/image): add lru disk cache and images.maximumDiskCacheSize (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91660\"\u003e#91660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix(pages-router): restore Content-Length and ETag for /_next/data/ JSON responses (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/90304\"\u003e#90304\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/lllomh\"\u003e\u003ccode\u003e@​lllomh\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003ev15.5.13\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: patch http-proxy to prevent request smuggling in rewrites (See: \u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ggv3-7p47-pfv8\"\u003eCVE-2026-29057\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/ztanner\"\u003e\u003ccode\u003e@​ztanner\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003ch2\u003ev15.5.12\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003efix unlock in publish-native\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis is a re-release of \u003ca href=\"https://github.com/vercel/next.js/releases/tag/v15.5.11\"\u003ev15.5.11\u003c/a\u003e applying the turbopack changes.\u003c/p\u003e\n\u003ch2\u003ev15.5.11\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release is backporting bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTracing: Fix memory leak in span map (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/85529\"\u003e#85529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: ensure LRU cache items have minimum size of 1 to prevent unbounded growth (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89134\"\u003e#89134\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: fix NFT tracing of sharp 0.34 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/82340\"\u003e#82340\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: support pattern into exports field (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/82757\"\u003e#82757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNFT tracing fixes (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/84155\"\u003e#84155\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/vercel/next.js/issues/85323\"\u003e#85323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTurbopack: validate CSS without computing all paths (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/83810\"\u003e#83810\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat: implement LRU cache with invocation ID scoping for minimal mode response cache (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89129\"\u003e#89129\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredits\u003c/h3\u003e\n\u003cp\u003eHuge thanks to \u003ca href=\"https://github.com/timneutkens\"\u003e\u003ccode\u003e@​timneutkens\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mischnic\"\u003e\u003ccode\u003e@​mischnic\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/ztanner\"\u003e\u003ccode\u003e@​ztanner\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/wyattjoh\"\u003e\u003ccode\u003e@​wyattjoh\u003c/code\u003e\u003c/a\u003e for helping!\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d7b012d787c01e0435f8cdf2a47211891668d13b\"\u003e\u003ccode\u003ed7b012d\u003c/code\u003e\u003c/a\u003e v15.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/2b0525123245da5b1b9d1abedc636c5fd3ee1d07\"\u003e\u003ccode\u003e2b05251\u003c/code\u003e\u003c/a\u003e [backport] feat(next/image): add lru disk cache and `images.maximumDiskCacheS...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/f88cee9604f0ec8ab869a2f94ced984194277b9e\"\u003e\u003ccode\u003ef88cee9\u003c/code\u003e\u003c/a\u003e Backport: Fix(pages-router): restore Content-Length and ETag for /_next/data/...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/cfd5f533b08df3038476dcd54f1d6d660d85f069\"\u003e\u003ccode\u003ecfd5f53\u003c/code\u003e\u003c/a\u003e v15.5.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/15f28911fd272041707dbf6b7c07d62642593be8\"\u003e\u003ccode\u003e15f2891\u003c/code\u003e\u003c/a\u003e [backport]: fix: patch http-proxy to prevent request smuggling in rewrites (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d23f41c42506005fe6978e076a1ccbf8979e4925\"\u003e\u003ccode\u003ed23f41c\u003c/code\u003e\u003c/a\u003e v15.5.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/8e75765a6544dc0e6b20aefeade7d33190ffcb7c\"\u003e\u003ccode\u003e8e75765\u003c/code\u003e\u003c/a\u003e fix unlock in publish-native\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/6cef992286e3050aeca46e0d506dc5bad4368fd2\"\u003e\u003ccode\u003e6cef992\u003c/code\u003e\u003c/a\u003e [backport] normalize CRLF line endings in jscodeshift tests on Windows (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/8800\"\u003e#8800\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7a9464553ac72f5b3f3acf17174a61b7b8a210a5\"\u003e\u003ccode\u003e7a94645\u003c/code\u003e\u003c/a\u003e Apply needs for publishRelease\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/bbfd4e313d4bc9024ec340d9de419a0e4357f898\"\u003e\u003ccode\u003ebbfd4e3\u003c/code\u003e\u003c/a\u003e v15.5.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v15.3.3...v15.5.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.2 to 12.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2b03ccaf9fc397b6054d639cd5fbe97104d36221\"\u003e\u003ccode\u003e2b03cca\u003c/code\u003e\u003c/a\u003e 12.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d56203dc19a4af5c8f8177a3b67e63a14a246458\"\u003e\u003ccode\u003ed56203d\u003c/code\u003e\u003c/a\u003e prettier config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bb521e5d188a8cbbe86d5cef3bf57a49fdee7c59\"\u003e\u003ccode\u003ebb521e5\u003c/code\u003e\u003c/a\u003e Remove --shell option where unsafe to use\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2551fb51440d402fa2120457bf460e546ee9964d\"\u003e\u003ccode\u003e2551fb5\u003c/code\u003e\u003c/a\u003e 11.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146\"\u003e\u003ccode\u003e47473c0\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bc33fe1c6a47abd497703d79ad96036e7891ff62\"\u003e\u003ccode\u003ebc33fe1\u003c/code\u003e\u003c/a\u003e skip tilde test on systems that lack tilde expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/59bf9ca211bda5636c4fe9e32d41530c90a4f30d\"\u003e\u003ccode\u003e59bf9ca\u003c/code\u003e\u003c/a\u003e fix notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/dde4fa66c87e24b37bb5be28ed10c6e12019edac\"\u003e\u003ccode\u003edde4fa6\u003c/code\u003e\u003c/a\u003e docs(README): add #anchor and improve \u003ccode\u003enote\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/0559b0ed13c0f8147cd2ac9d48bb49684caaf20e\"\u003e\u003ccode\u003e0559b0e\u003c/code\u003e\u003c/a\u003e docs: add better links to path-scurry docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c9773c249b4b9ed6b2447222c226f9d20c6ce916\"\u003e\u003ccode\u003ec9773c2\u003c/code\u003e\u003c/a\u003e fix: correct typos in \u003ccode\u003eREADME.md\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v11.0.2...v12.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `validator` from 13.15.15 to 13.15.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/releases\"\u003evalidator's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e13.15.22\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003evalidatorjs/validator.js#2622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e-- made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003evalidatorjs/validator.js#2616\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e13.15.20\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003evalidatorjs/validator.js#2563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003evalidatorjs/validator.js#2556\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003evalidatorjs/validator.js#2576\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003evalidatorjs/validator.js#2574\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003evalidatorjs/validator.js#2584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003evalidatorjs/validator.js#2581\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003evalidatorjs/validator.js#2608\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md\"\u003evalidator's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e13.15.22\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e13.15.20\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2b5c17dbe03f2ca9ad9122c597f81e86ce1a9a1\"\u003e\u003ccode\u003ef2b5c17\u003c/code\u003e\u003c/a\u003e maintenance: 2511 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2627\"\u003e#2627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/d457ecaf55b0f3d8bd379d82757425d0d13dd382\"\u003e\u003ccode\u003ed457eca\u003c/code\u003e\u003c/a\u003e fix(isLength): correctly handle Unicode variation selectors (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2616\"\u003e#2616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2e3633f22fd3016656789d100bc451d857e7488\"\u003e\u003ccode\u003ef2e3633\u003c/code\u003e\u003c/a\u003e docs: add install instructions to contibution guide (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2621\"\u003e#2621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cf401458b8733d981a3724d634c795a9d612b516\"\u003e\u003ccode\u003ecf40145\u003c/code\u003e\u003c/a\u003e fix: URL validation for hostnames with ports (no protocol) (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2622\"\u003e#2622\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/4af61243ba0ae93f29e7689040e188b5849ff1b0\"\u003e\u003ccode\u003e4af6124\u003c/code\u003e\u003c/a\u003e maintenance: 2510 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2585\"\u003e#2585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/30d4fe02c16d36ed471f12da658c4b5d843781e0\"\u003e\u003ccode\u003e30d4fe0\u003c/code\u003e\u003c/a\u003e 13.15.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cbef5088f02d36caf978f378bb845fe49bdc0809\"\u003e\u003ccode\u003ecbef508\u003c/code\u003e\u003c/a\u003e fix(isURL): improve protocol detection. Resolves CVE-2025-56200 (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2608\"\u003e#2608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/6f436be36945e460ee624bf72a935a06daded859\"\u003e\u003ccode\u003e6f436be\u003c/code\u003e\u003c/a\u003e Fix typo in validators.test.js (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2581\"\u003e#2581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/3c857088d58197453957a2b924dfedea328003b6\"\u003e\u003ccode\u003e3c85708\u003c/code\u003e\u003c/a\u003e Fix: correct French VAT (FR) validation regex and add tests (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2584\"\u003e#2584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/eee525cd117d24ac905b9432f3f5a27e96aa9719\"\u003e\u003ccode\u003eeee525c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2491\"\u003e#2491\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2573\"\u003e#2573\u003c/a\u003e Simplify isBase64 to prevent stack overflow (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2574\"\u003e#2574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~wikirik\"\u003ewikirik\u003c/a\u003e, a new releaser for validator since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.12.1 to 1.27.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e\u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.27.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: implement auth/pre-registration conformance scenario by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1545\"\u003emodelcontextprotocol/typescript-sdk#1545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add governance documentation for SEP-1730 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1547\"\u003emodelcontextprotocol/typescript-sdk#1547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: comprehensive feature documentation for SEP-1730 Tier 1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1548\"\u003emodelcontextprotocol/typescript-sdk#1548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent command injection in example URL opening (v1.x backport) by \u003ca href=\"https://github.com/maxisbey\"\u003e\u003ccode\u003e@​maxisbey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1579\"\u003emodelcontextprotocol/typescript-sdk#1579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: call onerror for silently swallowed transport errors by \u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.27.1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1581\"\u003emodelcontextprotocol/typescript-sdk#1581\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add conformance test infrastructure for v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1518\"\u003emodelcontextprotocol/typescript-sdk#1518\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: backport discoverOAuthServerInfo() and discovery caching to v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1533\"\u003emodelcontextprotocol/typescript-sdk#1533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add url property to RequestInfo interface by \u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] feat(tasks): add streaming methods for elicitation and sampling by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1528\"\u003emodelcontextprotocol/typescript-sdk#1528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version for v1.27.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1541\"\u003emodelcontextprotocol/typescript-sdk#1541\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.26.0\u003c/h2\u003e\n\u003cp\u003eAddresses \u0026quot;Sharing server/transport instances can leak cross-client response data\u0026quot; in this GHSA \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump v1.25.3 for backport fixes by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1412\"\u003emodelcontextprotocol/typescript-sdk#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by \u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) by \u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.26.0 by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1479\"\u003emodelcontextprotocol/typescript-sdk#1479\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v1.x backport] Use correct schema for client sampling validation when tools are present by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1407\"\u003emodelcontextprotocol/typescript-sdk#1407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent Hono from overriding global Response object (v1.x) by \u003ca href=\"https://github.com/mattzcarey\"\u003e\u003ccode\u003e@​mattzcarey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1411\"\u003emodelcontextprotocol/typescript-sdk#1411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4faa8c899c069a98f8a0c3f804ec1a50dc2bae64\"\u003e\u003ccode\u003e4faa8c8\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.27.1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1581\"\u003e#1581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/09a85a80439f0ca9e5556ac20bdec41461e35234\"\u003e\u003ccode\u003e09a85a8\u003c/code\u003e\u003c/a\u003e fix: call onerror for silently swallowed transport errors (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1580\"\u003e#1580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/e79d14ab6d8fbcb49543cab3917a60a89d0a6df9\"\u003e\u003ccode\u003ee79d14a\u003c/code\u003e\u003c/a\u003e fix: prevent command injection in example URL opening (v1.x backport) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1579\"\u003e#1579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/342ea394ca6e660e294162efdeafc411284bcc0d\"\u003e\u003ccode\u003e342ea39\u003c/code\u003e\u003c/a\u003e docs: comprehensive feature documentation for SEP-1730 Tier 1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1548\"\u003e#1548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/2084a22074d4c8fd54ddc8637783fb10c13edf90\"\u003e\u003ccode\u003e2084a22\u003c/code\u003e\u003c/a\u003e docs: add governance documentation for SEP-1730 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1547\"\u003e#1547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/f2d21458ccccd7cfaa1a2a171a262961591d4d0b\"\u003e\u003ccode\u003ef2d2145\u003c/code\u003e\u003c/a\u003e feat: implement auth/pre-registration conformance scenario (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1545\"\u003e#1545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/8cbc65848388cb0364122f5760cb6b01ff8a3654\"\u003e\u003ccode\u003e8cbc658\u003c/code\u003e\u003c/a\u003e chore: bump version for v1.27.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1541\"\u003e#1541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/5c16ae3339bfa1dd71b0dee1a534e1b6d8be658e\"\u003e\u003ccode\u003e5c16ae3\u003c/code\u003e\u003c/a\u003e [v1.x] feat(tasks): add streaming methods for elicitation and sampling (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1528\"\u003e#1528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/97ab379e4572ac8e38ff8b99891f29a69cfbb5bb\"\u003e\u003ccode\u003e97ab379\u003c/code\u003e\u003c/a\u003e feat: add url property to RequestInfo interface (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/825e9ab80332e7fac19d221f6aae352dc73172fe\"\u003e\u003ccode\u003e825e9ab\u003c/code\u003e\u003c/a\u003e feat: backport discoverOAuthServerInfo() and discovery caching to v1.x (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1533\"\u003e#1533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.12.1...v1.27.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~pcarleton\"\u003epcarleton\u003c/a\u003e, a new releaser for \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5d41e45073ed1a8a3b5e5a1bbfcd131e61295bf8\"\u003e\u003ccode\u003e5d41e45\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/49c2e73ed1cae4962ae38b33ab93a3548c2f5622\"\u003e\u003ccode\u003e49c2e73\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/2a2a0e6514357b9eda07c2f8afbd3f04727a7cd9\"\u003e\u003ccode\u003e2a2a0e6\u003c/code\u003e\u003c/a\u003e Skip invalid filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/65c90d949c0f8a9709759dff9e76bbe07061812b\"\u003e\u003ccode\u003e65c90d9\u003c/code\u003e\u003c/a\u003e Fix permissions for workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/593cb7831bec60d5590acc3eeb2e553f4a431167\"\u003e\u003ccode\u003e593cb78\u003c/code\u003e\u003c/a\u003e Set permissions for workflow jobs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/36adf110beabc9acdcad122149a2ea795a2b1a6c\"\u003e\u003ccode\u003e36adf11\u003c/code\u003e\u003c/a\u003e Remove deprecated CodeQL check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9da4af0e1f82fe372bedc1b7820f55c6eaf012e5\"\u003e\u003ccode\u003e9da4af0\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/699303975bea182b966f9f34a1ecbbebe92afcef\"\u003e\u003ccode\u003e6993039\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0b8f7560e11af817d70ff17f986b334ba2e99b81\"\u003e\u003ccode\u003e0b8f756\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/67a53f21623e4047d28d7a6f98f539f1adc9d1d0\"\u003e\u003ccode\u003e67a53f2\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.2 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.2...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 2.2.0 to 2.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README links by \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: release notes for the v1.20.4 release by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/674\"\u003eexpressjs/body-parser#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update URL-encoded parser description to include ISO-8859-1 encoding support by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/679\"\u003eexpressjs/body-parser#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use standard jsdoc tags everywhere by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/677\"\u003eexpressjs/body-parser#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/689\"\u003eexpressjs/body-parser#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/693\"\u003eexpressjs/body-parser#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.2.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/691\"\u003eexpressjs/body-parser#691\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\"\u003ehttps://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-13466\"\u003eCVE-2025-13466\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/593\"\u003eexpressjs/body-parser#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/594\"\u003eexpressjs/body-parser#594\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: type-is@^2.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/599\"\u003eexpressjs/body-parser#599\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/609\"\u003eexpressjs/body-parser#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/610\"\u003eexpressjs/body-parser#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/611\"\u003eexpressjs/body-parser#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/613\"\u003eexpressjs/body-parser#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/612\"\u003eexpressjs/body-parser#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add codeql github workflows scanning by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/614\"\u003eexpressjs/body-parser#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update CodeQL config to ignore the test directory by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/615\"\u003eexpressjs/body-parser#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/620\"\u003eexpressjs/body-parser#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/619\"\u003eexpressjs/body-parser#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): unpin devDependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/616\"\u003eexpressjs/body-parser#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/621\"\u003eexpressjs/body-parser#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/623\"\u003eexpressjs/body-parser#623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/624\"\u003eexpressjs/body-parser#624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/617\"\u003eexpressjs/body-parser#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/625\"\u003eexpressjs/body-parser#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/630\"\u003eexpressjs/body-parser#630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: move common request validation to read function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/600\"\u003eexpressjs/body-parser#600\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump iconv-lite by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/631\"\u003eexpressjs/body-parser#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: pull beta changelog forward into 2.0.0 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/629\"\u003eexpressjs/body-parser#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: optimize raw and text parsers with shared passthrough function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/634\"\u003eexpressjs/body-parser#634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/640\"\u003eexpressjs/body-parser#640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/639\"\u003eexpressjs/body-parser#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/636\"\u003eexpressjs/body-parser#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/637\"\u003eexpressjs/body-parser#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/638\"\u003eexpressjs/body-parser#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: raw-body@^3.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/641\"\u003eexpressjs/body-parser#641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.2.2 / 2026-01-07\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@^6.14.1\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.1 / 2025-11-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.1\u003c/li\u003e\n\u003cli\u003eiconv-lite@^0.7.0\n\u003cul\u003e\n\u003cli\u003eHandle split surrogate pairs when encoding UTF-8\u003c/li\u003e\n\u003cli\u003eAvoid false positives in \u003ccode\u003eencodingExists\u003c/code\u003e by using prototype-less objects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eraw-body@^3.0.1\u003c/li\u003e\n\u003cli\u003edebug@^4.4.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/3d248660b2e8b66732b232d7c758517fbf2420a6\"\u003e\u003ccode\u003e3d24866\u003c/code\u003e\u003c/a\u003e 2.2.2 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/8474a984c3ba36a1b4328ce019833b99caa0f08f\"\u003e\u003ccode\u003e8474a98\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/693\"\u003e#693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/03f17c2538552a57e6be537afca8c7587bd40aaa\"\u003e\u003ccode\u003e03f17c2\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/689\"\u003e#689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ea1f25e503c1b2f7ba6f8562724ae0fcd247fb75\"\u003e\u003ccode\u003eea1f25e\u003c/code\u003e\u003c/a\u003e docs: use standard jsdoc tags everywhere (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d7deef8ec61307fa28c22bc443cf8ed2f267945a\"\u003e\u003ccode\u003ed7deef8\u003c/code\u003e\u003c/a\u003e docs: update URL-encoded parser description to include ISO-8859-1 encoding su...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b6f52aabc65137c5227c8a462bddb761daeb96e7\"\u003e\u003ccode\u003eb6f52aa\u003c/code\u003e\u003c/a\u003e docs: release notes for the v1.20.4 release (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2965ca4af4883109cb2f651f4ce12da310902a0c\"\u003e\u003ccode\u003e2965ca4\u003c/code\u003e\u003c/a\u003e docs: update links (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d96b63da8d7445de317736471633bac83ec76cbb\"\u003e\u003ccode\u003ed96b63d\u003c/code\u003e\u003c/a\u003e 2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/659\"\u003e#659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63\"\u003e\u003ccode\u003eb204886\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2025-13466\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/e20e3512e085c1162e8ffe36ac65c705a8017251\"\u003e\u003ccode\u003ee20e351\u003c/code\u003e\u003c/a\u003e feat: remove \u003ccode\u003ehistory.md\u003c/code\u003e from being packaged on publish (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.0...v2.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 4.0.2 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 4.0.2 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev4.0.3 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5\"\u003e\u003ccode\u003ef06f3e4\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75\"\u003e\u003ccode\u003e0179a48\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683\"\u003e\u003ccode\u003e4568cae\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a\"\u003e\u003ccode\u003e4de0ffa\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~explodingcabbage\"\u003eexplodingcabbage\u003c/a\u003e, a new releaser for diff since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.3 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.4...v4.0.5\"\u003ev4.0.5\u003c/a\u003e - 2025-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set Symbol.toStringTag in the proper place \u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/68ff7dda8834d6de095a7008cef0e03bc252ca98\"\u003e\u003ccode\u003e68ff7dd\u003c/code\u003e\u003c/a\u003e v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e [Fix] set Symbol.toStringTag in the proper place\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e [Tests] Switch to newer v8 prediction library; enable node 24 testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19...\n\n_Description has been truncated_\n\n---\n\n🔄 This PR updates 25 npm dependencies across the monorepo, including major version bumps for Next.js (15.3.3 → 15.5.14), glob (11.0.2 → 12.0.0), and AI SDK (5.0.28 → 5.0.52), along with security patches for lodash and validator.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Framework Updates**: Next.js updated from 15.3.3 to 15.5.14, bringing performance improvements and bug fixes including memory leak fixes and LRU cache enhancements\n- **Security Patches**: lodash updated from 4.17.21 to 4.17.23 with prototype pollution prevention, validator updated with CVE-2025-56200 fix for URL validation\n- **AI SDK Enhancement**: AI package updated from 5.0.28 to 5.0.52 with new features and bug fixes across multiple packages\n- **Build Tool Updates**: glob updated to v12.0.0 (major version) removing unsafe shell options, nanoid updated for improved security\n- **Dependency Consistency**: lodash version standardized across 15 different packages in the monorepo\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 25 Updates]\n    B --\u003e C[Security Updates]\n    B --\u003e D[Feature Updates]\n    B --\u003e E[Major Version Updates]\n    \n    C --\u003e F[lodash: Prototype Pollution Fix]\n    C --\u003e G[validator: URL Validation CVE Fix]\n    C --\u003e H[form-data: Crypto Random Boundaries]\n    \n    D --\u003e I[AI SDK: New Features]\n    D --\u003e J[Next.js: Performance Improvements]\n    \n    E --\u003e K[glob: v12 Breaking Changes]\n    E --\u003e L[Remove Unsafe Shell Options]\n    \n    F --\u003e M[Apply Across 15 Packages]\n    G --\u003e N[Enhanced Security Posture]\n    I --\u003e O[Improved AI Functionality]\n    J --\u003e P[Better App Performance]\n```\n\n### Impact\n- **Security Enhancement**: Multiple CVE fixes including prototype pollution prevention in lodash and URL validation improvements in validator\n- **Performance Improvements**: Next.js updates include memory leak fixes, LRU cache optimizations, and Turbopack enhancements for faster builds\n- **Breaking Changes**: glob v12 removes unsafe shell execution options, requiring review of any CLI usage patterns\n- **Consistency**: Standardized lodash version across all packages ensures uniform behavior and security posture\n- **AI Capabilities**: Updated AI SDK brings latest features and bug fixes for enhanced AI functionality\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/plate/pull/16","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Fplate/issues/16","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/16/packages"}},{"old_version":"7.2.3","new_version":"7.2.4","update_type":"patch","path":null,"pr_created_at":"2026-03-15T02:03:23.000Z","version_change":"7.2.3 → 7.2.4","issue":{"uuid":"4077354341","node_id":"PR_kwDOP9kpyc7KrPaN","number":15,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 25 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-15T02:03:23.000Z","updated_at":"2026-03-15T02:06:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":25,"packages":[{"name":"ai","old_version":"5.0.28","new_version":"5.0.52","repository_url":"https://github.com/vercel/ai"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"next","old_version":"15.3.3","new_version":"15.5.10","repository_url":"https://github.com/vercel/next.js"},{"name":"glob","old_version":"11.0.2","new_version":"12.0.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"validator","old_version":"13.15.15","new_version":"13.15.22","repository_url":"https://github.com/validatorjs/validator.js"},{"name":"@modelcontextprotocol/sdk","old_version":"1.12.1","new_version":"1.27.1","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.2.0","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"bn.js","old_version":"4.12.2","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.1","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"4.0.3","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"mdast-util-to-hast","old_version":"13.2.0","new_version":"13.2.1","repository_url":"https://github.com/syntax-tree/mdast-util-to-hast"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"qs","old_version":"6.14.0","new_version":"6.15.0","repository_url":"https://github.com/ljharb/qs"},{"name":"rollup","old_version":"4.43.0","new_version":"4.59.0","repository_url":"https://github.com/rollup/rollup"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"3.0.9","new_version":"3.1.2","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"undici","old_version":"7.10.0","new_version":"7.24.3","repository_url":"https://github.com/nodejs/undici"},{"name":"zx","old_version":"7.2.3","new_version":"7.2.4","repository_url":"https://github.com/google/zx"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 23 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ai](https://github.com/vercel/ai) | `5.0.28` | `5.0.52` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [next](https://github.com/vercel/next.js) | `15.3.3` | `15.5.10` |\n| [glob](https://github.com/isaacs/node-glob) | `11.0.2` | `12.0.0` |\n| [validator](https://github.com/validatorjs/validator.js) | `13.15.15` | `13.15.22` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.12.1` | `1.27.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.2.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.2` | `4.12.3` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.1` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.3` | `4.0.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) | `13.2.0` | `13.2.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n| [rollup](https://github.com/rollup/rollup) | `4.43.0` | `4.59.0` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `3.0.9` | `3.1.2` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.11` |\n| [undici](https://github.com/nodejs/undici) | `7.10.0` | `7.24.3` |\n| [zx](https://github.com/google/zx) | `7.2.3` | `7.2.4` |\n\n\nUpdates `ai` from 5.0.28 to 5.0.52\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63d5f669098343a49173d788fe1490127e882bd1\"\u003e\u003ccode\u003e63d5f66\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8895\"\u003e#8895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/930399bb9839a8baf3d349614106d78268775eed\"\u003e\u003ccode\u003e930399b\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): download files when intermediate file cannot be downloaded...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7ca78f19a51859de09171daa3b0cefcc9df90a16\"\u003e\u003ccode\u003e7ca78f1\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/gateway): Add new Qwen models to Gateway model string...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1cfc209a5f9f281565538f2880f9c6278ca6bf04\"\u003e\u003ccode\u003e1cfc209\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): \u003ccode\u003eOpenAILanguageModelOptions\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8858\"\u003e#8858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/347b7ecce9953ae427e7fcf5b0441a63a3d44431\"\u003e\u003ccode\u003e347b7ec\u003c/code\u003e\u003c/a\u003e ci: rename \u003ccode\u003ev5.0\u003c/code\u003e branch to \u003ccode\u003erelease-v*\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/85909a9f6448c7e6eb52d780abcca4f96679e719\"\u003e\u003ccode\u003e85909a9\u003c/code\u003e\u003c/a\u003e Backport: chore(ai): update test message (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8875\"\u003e#8875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c56822dd81d5d70bcd5ef230a875f96a224849a4\"\u003e\u003ccode\u003ec56822d\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the `UIMessageChu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1461adf5841cc3f164482fdff72b66b4b22bf866\"\u003e\u003ccode\u003e1461adf\u003c/code\u003e\u003c/a\u003e Backport: chore(examples): remove redundant OpenAI reasoning examples (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8871\"\u003e#8871\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6bd07df02d9f954b389e44da128fc6d1358462d9\"\u003e\u003ccode\u003e6bd07df\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8853\"\u003e#8853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a45d61aa32f2f319254c5e660731085bcd30f273\"\u003e\u003ccode\u003ea45d61a\u003c/code\u003e\u003c/a\u003e ci(release): remove incorrect changeset bump for \u003ccode\u003e@ai-sdk/baseten\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/compare/ai@5.0.28...ai@5.0.52\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 15.3.3 to 15.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.10\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472\"\u003ehttps://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23864\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23864\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.4.11\u003c/h2\u003e\n\u003cp\u003ePlease see this \u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23864\"\u003echangelog\u003c/a\u003e for more information about this security patch.\u003c/p\u003e\n\u003ch2\u003ev15.3.9\u003c/h2\u003e\n\u003cp\u003ePlease see this \u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23864\"\u003echangelog\u003c/a\u003e for more information about this security patch.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/60a2aa97b6692d3a56e483f0ff93febaf6f33fd6\"\u003e\u003ccode\u003e60a2aa9\u003c/code\u003e\u003c/a\u003e v15.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/e5b834d208fe0edf64aa26b5d76dcf6a176500ec\"\u003e\u003ccode\u003ee5b834d\u003c/code\u003e\u003c/a\u003e fetch(next/image): reduce maximumResponseBody from 300MB to 50MB (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/88588\"\u003e#88588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/39a2f6a8d13dfa50cee843f93241c8c1dbaf801e\"\u003e\u003ccode\u003e39a2f6a\u003c/code\u003e\u003c/a\u003e feat(next/image)!: add \u003ccode\u003eimages.maximumResponseBody\u003c/code\u003e config (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/88183\"\u003e#88183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/bf9f0843edab3a7cf9d4c85b315bc33c87b282ce\"\u003e\u003ccode\u003ebf9f084\u003c/code\u003e\u003c/a\u003e Sync DoS mitigations for React Flight\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c5de33e93ccccaf3bee60cf50603e2152f9886e1\"\u003e\u003ccode\u003ec5de33e\u003c/code\u003e\u003c/a\u003e v15.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/dd233994aeb24e906cdb9aedca5447cdef401792\"\u003e\u003ccode\u003edd23399\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/facebook/react/issues/35351\"\u003efacebook/react#35351\u003c/a\u003e for 15.5.8 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/87086\"\u003e#87086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7526cd6f24300726964eaba78927fe2a9c3fed5e\"\u003e\u003ccode\u003e7526cd6\u003c/code\u003e\u003c/a\u003e v15.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/1e9ec4133af3657964833bfcc9abb0ee73fb19f0\"\u003e\u003ccode\u003e1e9ec41\u003c/code\u003e\u003c/a\u003e Update React Version (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/41\"\u003e#41\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/16141e5df9ce51136ba42988b574981f89d01081\"\u003e\u003ccode\u003e16141e5\u003c/code\u003e\u003c/a\u003e Update React Version (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/30\"\u003e#30\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/e01e589e181d66d48c57698238b8b7f59218dfef\"\u003e\u003ccode\u003ee01e589\u003c/code\u003e\u003c/a\u003e Backport Next.js changes to v15.5.8 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/23\"\u003e#23\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v15.3.3...v15.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.2 to 12.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2b03ccaf9fc397b6054d639cd5fbe97104d36221\"\u003e\u003ccode\u003e2b03cca\u003c/code\u003e\u003c/a\u003e 12.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d56203dc19a4af5c8f8177a3b67e63a14a246458\"\u003e\u003ccode\u003ed56203d\u003c/code\u003e\u003c/a\u003e prettier config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bb521e5d188a8cbbe86d5cef3bf57a49fdee7c59\"\u003e\u003ccode\u003ebb521e5\u003c/code\u003e\u003c/a\u003e Remove --shell option where unsafe to use\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2551fb51440d402fa2120457bf460e546ee9964d\"\u003e\u003ccode\u003e2551fb5\u003c/code\u003e\u003c/a\u003e 11.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146\"\u003e\u003ccode\u003e47473c0\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bc33fe1c6a47abd497703d79ad96036e7891ff62\"\u003e\u003ccode\u003ebc33fe1\u003c/code\u003e\u003c/a\u003e skip tilde test on systems that lack tilde expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/59bf9ca211bda5636c4fe9e32d41530c90a4f30d\"\u003e\u003ccode\u003e59bf9ca\u003c/code\u003e\u003c/a\u003e fix notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/dde4fa66c87e24b37bb5be28ed10c6e12019edac\"\u003e\u003ccode\u003edde4fa6\u003c/code\u003e\u003c/a\u003e docs(README): add #anchor and improve \u003ccode\u003enote\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/0559b0ed13c0f8147cd2ac9d48bb49684caaf20e\"\u003e\u003ccode\u003e0559b0e\u003c/code\u003e\u003c/a\u003e docs: add better links to path-scurry docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c9773c249b4b9ed6b2447222c226f9d20c6ce916\"\u003e\u003ccode\u003ec9773c2\u003c/code\u003e\u003c/a\u003e fix: correct typos in \u003ccode\u003eREADME.md\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v11.0.2...v12.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `validator` from 13.15.15 to 13.15.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/releases\"\u003evalidator's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e13.15.22\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003evalidatorjs/validator.js#2622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e-- made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003evalidatorjs/validator.js#2616\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e13.15.20\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003evalidatorjs/validator.js#2563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003evalidatorjs/validator.js#2556\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003evalidatorjs/validator.js#2576\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003evalidatorjs/validator.js#2574\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003evalidatorjs/validator.js#2584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003evalidatorjs/validator.js#2581\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003evalidatorjs/validator.js#2608\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md\"\u003evalidator's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e13.15.22\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e13.15.20\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2b5c17dbe03f2ca9ad9122c597f81e86ce1a9a1\"\u003e\u003ccode\u003ef2b5c17\u003c/code\u003e\u003c/a\u003e maintenance: 2511 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2627\"\u003e#2627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/d457ecaf55b0f3d8bd379d82757425d0d13dd382\"\u003e\u003ccode\u003ed457eca\u003c/code\u003e\u003c/a\u003e fix(isLength): correctly handle Unicode variation selectors (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2616\"\u003e#2616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2e3633f22fd3016656789d100bc451d857e7488\"\u003e\u003ccode\u003ef2e3633\u003c/code\u003e\u003c/a\u003e docs: add install instructions to contibution guide (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2621\"\u003e#2621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cf401458b8733d981a3724d634c795a9d612b516\"\u003e\u003ccode\u003ecf40145\u003c/code\u003e\u003c/a\u003e fix: URL validation for hostnames with ports (no protocol) (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2622\"\u003e#2622\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/4af61243ba0ae93f29e7689040e188b5849ff1b0\"\u003e\u003ccode\u003e4af6124\u003c/code\u003e\u003c/a\u003e maintenance: 2510 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2585\"\u003e#2585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/30d4fe02c16d36ed471f12da658c4b5d843781e0\"\u003e\u003ccode\u003e30d4fe0\u003c/code\u003e\u003c/a\u003e 13.15.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cbef5088f02d36caf978f378bb845fe49bdc0809\"\u003e\u003ccode\u003ecbef508\u003c/code\u003e\u003c/a\u003e fix(isURL): improve protocol detection. Resolves CVE-2025-56200 (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2608\"\u003e#2608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/6f436be36945e460ee624bf72a935a06daded859\"\u003e\u003ccode\u003e6f436be\u003c/code\u003e\u003c/a\u003e Fix typo in validators.test.js (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2581\"\u003e#2581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/3c857088d58197453957a2b924dfedea328003b6\"\u003e\u003ccode\u003e3c85708\u003c/code\u003e\u003c/a\u003e Fix: correct French VAT (FR) validation regex and add tests (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2584\"\u003e#2584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/eee525cd117d24ac905b9432f3f5a27e96aa9719\"\u003e\u003ccode\u003eeee525c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2491\"\u003e#2491\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2573\"\u003e#2573\u003c/a\u003e Simplify isBase64 to prevent stack overflow (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2574\"\u003e#2574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~wikirik\"\u003ewikirik\u003c/a\u003e, a new releaser for validator since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.12.1 to 1.27.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e\u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.27.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: implement auth/pre-registration conformance scenario by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1545\"\u003emodelcontextprotocol/typescript-sdk#1545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add governance documentation for SEP-1730 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1547\"\u003emodelcontextprotocol/typescript-sdk#1547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: comprehensive feature documentation for SEP-1730 Tier 1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1548\"\u003emodelcontextprotocol/typescript-sdk#1548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent command injection in example URL opening (v1.x backport) by \u003ca href=\"https://github.com/maxisbey\"\u003e\u003ccode\u003e@​maxisbey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1579\"\u003emodelcontextprotocol/typescript-sdk#1579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: call onerror for silently swallowed transport errors by \u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.27.1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1581\"\u003emodelcontextprotocol/typescript-sdk#1581\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add conformance test infrastructure for v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1518\"\u003emodelcontextprotocol/typescript-sdk#1518\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: backport discoverOAuthServerInfo() and discovery caching to v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1533\"\u003emodelcontextprotocol/typescript-sdk#1533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add url property to RequestInfo interface by \u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] feat(tasks): add streaming methods for elicitation and sampling by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1528\"\u003emodelcontextprotocol/typescript-sdk#1528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version for v1.27.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1541\"\u003emodelcontextprotocol/typescript-sdk#1541\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.26.0\u003c/h2\u003e\n\u003cp\u003eAddresses \u0026quot;Sharing server/transport instances can leak cross-client response data\u0026quot; in this GHSA \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump v1.25.3 for backport fixes by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1412\"\u003emodelcontextprotocol/typescript-sdk#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by \u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) by \u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.26.0 by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1479\"\u003emodelcontextprotocol/typescript-sdk#1479\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v1.x backport] Use correct schema for client sampling validation when tools are present by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1407\"\u003emodelcontextprotocol/typescript-sdk#1407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent Hono from overriding global Response object (v1.x) by \u003ca href=\"https://github.com/mattzcarey\"\u003e\u003ccode\u003e@​mattzcarey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1411\"\u003emodelcontextprotocol/typescript-sdk#1411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4faa8c899c069a98f8a0c3f804ec1a50dc2bae64\"\u003e\u003ccode\u003e4faa8c8\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.27.1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1581\"\u003e#1581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/09a85a80439f0ca9e5556ac20bdec41461e35234\"\u003e\u003ccode\u003e09a85a8\u003c/code\u003e\u003c/a\u003e fix: call onerror for silently swallowed transport errors (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1580\"\u003e#1580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/e79d14ab6d8fbcb49543cab3917a60a89d0a6df9\"\u003e\u003ccode\u003ee79d14a\u003c/code\u003e\u003c/a\u003e fix: prevent command injection in example URL opening (v1.x backport) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1579\"\u003e#1579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/342ea394ca6e660e294162efdeafc411284bcc0d\"\u003e\u003ccode\u003e342ea39\u003c/code\u003e\u003c/a\u003e docs: comprehensive feature documentation for SEP-1730 Tier 1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1548\"\u003e#1548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/2084a22074d4c8fd54ddc8637783fb10c13edf90\"\u003e\u003ccode\u003e2084a22\u003c/code\u003e\u003c/a\u003e docs: add governance documentation for SEP-1730 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1547\"\u003e#1547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/f2d21458ccccd7cfaa1a2a171a262961591d4d0b\"\u003e\u003ccode\u003ef2d2145\u003c/code\u003e\u003c/a\u003e feat: implement auth/pre-registration conformance scenario (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1545\"\u003e#1545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/8cbc65848388cb0364122f5760cb6b01ff8a3654\"\u003e\u003ccode\u003e8cbc658\u003c/code\u003e\u003c/a\u003e chore: bump version for v1.27.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1541\"\u003e#1541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/5c16ae3339bfa1dd71b0dee1a534e1b6d8be658e\"\u003e\u003ccode\u003e5c16ae3\u003c/code\u003e\u003c/a\u003e [v1.x] feat(tasks): add streaming methods for elicitation and sampling (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1528\"\u003e#1528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/97ab379e4572ac8e38ff8b99891f29a69cfbb5bb\"\u003e\u003ccode\u003e97ab379\u003c/code\u003e\u003c/a\u003e feat: add url property to RequestInfo interface (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/825e9ab80332e7fac19d221f6aae352dc73172fe\"\u003e\u003ccode\u003e825e9ab\u003c/code\u003e\u003c/a\u003e feat: backport discoverOAuthServerInfo() and discovery caching to v1.x (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1533\"\u003e#1533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.12.1...v1.27.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~pcarleton\"\u003epcarleton\u003c/a\u003e, a new releaser for \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5d41e45073ed1a8a3b5e5a1bbfcd131e61295bf8\"\u003e\u003ccode\u003e5d41e45\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/49c2e73ed1cae4962ae38b33ab93a3548c2f5622\"\u003e\u003ccode\u003e49c2e73\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/2a2a0e6514357b9eda07c2f8afbd3f04727a7cd9\"\u003e\u003ccode\u003e2a2a0e6\u003c/code\u003e\u003c/a\u003e Skip invalid filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/65c90d949c0f8a9709759dff9e76bbe07061812b\"\u003e\u003ccode\u003e65c90d9\u003c/code\u003e\u003c/a\u003e Fix permissions for workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/593cb7831bec60d5590acc3eeb2e553f4a431167\"\u003e\u003ccode\u003e593cb78\u003c/code\u003e\u003c/a\u003e Set permissions for workflow jobs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/36adf110beabc9acdcad122149a2ea795a2b1a6c\"\u003e\u003ccode\u003e36adf11\u003c/code\u003e\u003c/a\u003e Remove deprecated CodeQL check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9da4af0e1f82fe372bedc1b7820f55c6eaf012e5\"\u003e\u003ccode\u003e9da4af0\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/699303975bea182b966f9f34a1ecbbebe92afcef\"\u003e\u003ccode\u003e6993039\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0b8f7560e11af817d70ff17f986b334ba2e99b81\"\u003e\u003ccode\u003e0b8f756\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/67a53f21623e4047d28d7a6f98f539f1adc9d1d0\"\u003e\u003ccode\u003e67a53f2\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.2 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.2...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 2.2.0 to 2.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README links by \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: release notes for the v1.20.4 release by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/674\"\u003eexpressjs/body-parser#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update URL-encoded parser description to include ISO-8859-1 encoding support by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/679\"\u003eexpressjs/body-parser#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use standard jsdoc tags everywhere by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/677\"\u003eexpressjs/body-parser#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/689\"\u003eexpressjs/body-parser#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/693\"\u003eexpressjs/body-parser#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.2.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/691\"\u003eexpressjs/body-parser#691\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\"\u003ehttps://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-13466\"\u003eCVE-2025-13466\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/593\"\u003eexpressjs/body-parser#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/594\"\u003eexpressjs/body-parser#594\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: type-is@^2.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/599\"\u003eexpressjs/body-parser#599\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/609\"\u003eexpressjs/body-parser#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/610\"\u003eexpressjs/body-parser#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/611\"\u003eexpressjs/body-parser#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/613\"\u003eexpressjs/body-parser#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/612\"\u003eexpressjs/body-parser#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add codeql github workflows scanning by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/614\"\u003eexpressjs/body-parser#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update CodeQL config to ignore the test directory by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/615\"\u003eexpressjs/body-parser#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/620\"\u003eexpressjs/body-parser#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/619\"\u003eexpressjs/body-parser#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): unpin devDependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/616\"\u003eexpressjs/body-parser#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/621\"\u003eexpressjs/body-parser#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/623\"\u003eexpressjs/body-parser#623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/624\"\u003eexpressjs/body-parser#624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/617\"\u003eexpressjs/body-parser#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/625\"\u003eexpressjs/body-parser#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/630\"\u003eexpressjs/body-parser#630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: move common request validation to read function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/600\"\u003eexpressjs/body-parser#600\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump iconv-lite by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/631\"\u003eexpressjs/body-parser#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: pull beta changelog forward into 2.0.0 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/629\"\u003eexpressjs/body-parser#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: optimize raw and text parsers with shared passthrough function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/634\"\u003eexpressjs/body-parser#634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/640\"\u003eexpressjs/body-parser#640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/639\"\u003eexpressjs/body-parser#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/636\"\u003eexpressjs/body-parser#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/637\"\u003eexpressjs/body-parser#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/638\"\u003eexpressjs/body-parser#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: raw-body@^3.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/641\"\u003eexpressjs/body-parser#641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.2.2 / 2026-01-07\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@^6.14.1\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.1 / 2025-11-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.1\u003c/li\u003e\n\u003cli\u003eiconv-lite@^0.7.0\n\u003cul\u003e\n\u003cli\u003eHandle split surrogate pairs when encoding UTF-8\u003c/li\u003e\n\u003cli\u003eAvoid false positives in \u003ccode\u003eencodingExists\u003c/code\u003e by using prototype-less objects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eraw-body@^3.0.1\u003c/li\u003e\n\u003cli\u003edebug@^4.4.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/3d248660b2e8b66732b232d7c758517fbf2420a6\"\u003e\u003ccode\u003e3d24866\u003c/code\u003e\u003c/a\u003e 2.2.2 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/8474a984c3ba36a1b4328ce019833b99caa0f08f\"\u003e\u003ccode\u003e8474a98\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/693\"\u003e#693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/03f17c2538552a57e6be537afca8c7587bd40aaa\"\u003e\u003ccode\u003e03f17c2\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/689\"\u003e#689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ea1f25e503c1b2f7ba6f8562724ae0fcd247fb75\"\u003e\u003ccode\u003eea1f25e\u003c/code\u003e\u003c/a\u003e docs: use standard jsdoc tags everywhere (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d7deef8ec61307fa28c22bc443cf8ed2f267945a\"\u003e\u003ccode\u003ed7deef8\u003c/code\u003e\u003c/a\u003e docs: update URL-encoded parser description to include ISO-8859-1 encoding su...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b6f52aabc65137c5227c8a462bddb761daeb96e7\"\u003e\u003ccode\u003eb6f52aa\u003c/code\u003e\u003c/a\u003e docs: release notes for the v1.20.4 release (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2965ca4af4883109cb2f651f4ce12da310902a0c\"\u003e\u003ccode\u003e2965ca4\u003c/code\u003e\u003c/a\u003e docs: update links (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d96b63da8d7445de317736471633bac83ec76cbb\"\u003e\u003ccode\u003ed96b63d\u003c/code\u003e\u003c/a\u003e 2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/659\"\u003e#659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63\"\u003e\u003ccode\u003eb204886\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2025-13466\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/e20e3512e085c1162e8ffe36ac65c705a8017251\"\u003e\u003ccode\u003ee20e351\u003c/code\u003e\u003c/a\u003e feat: remove \u003ccode\u003ehistory.md\u003c/code\u003e from being packaged on publish (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.0...v2.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 4.0.2 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 4.0.2 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev4.0.3 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5\"\u003e\u003ccode\u003ef06f3e4\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75\"\u003e\u003ccode\u003e0179a48\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683\"\u003e\u003ccode\u003e4568cae\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a\"\u003e\u003ccode\u003e4de0ffa\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~explodingcabbage\"\u003eexplodingcabbage\u003c/a\u003e, a new releaser for diff since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/d3418c718160eae69dbc0405dce75f7849019e1e\"\u003e\u003ccode\u003ed3418c7\u003c/code\u003e\u003c/a\u003e 3.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606\"\u003e\u003ccode\u003e7eb65d8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/88\"\u003e#88\u003c/a\u003e from WebReflection/avoid-recusrion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/7774aae45d3775c842abe9d071fd009171a5fc0c\"\u003e\u003ccode\u003e7774aae\u003c/code\u003e\u003c/a\u003e Avoid recursion on parse due possible shenanigans\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.3 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.4...v4.0.5\"\u003ev4.0.5\u003c/a\u003e - 2025-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set Symbol.toStringTag in the proper place \u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/68ff7dda8834d6de095a7008cef0e03bc252ca98\"\u003e\u003ccode\u003e68ff7dd\u003c/code\u003e\u003c/a\u003e v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e [Fix] set Symbol.toStringTag in the proper place\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e [Tests] Switch to newer v8 prediction library; enable node 24 testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e [Tests] fix linting errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `immutable` from 5.1.2 to 4.3.8\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md\"\u003eimmutable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e,\nand this project adheres to \u003ca href=\"https://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\nDates are formatted as YYYY-MM-DD.\u003c/p\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003ch2\u003e5.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate some files to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2125\"\u003eimmutable-js/immutable-js#2125\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIterator.ts\u003c/li\u003e\n\u003cli\u003ePairSorting.ts\u003c/li\u003e\n\u003cli\u003etoJS.ts\u003c/li\u003e\n\u003cli\u003eMath.ts\u003c/li\u003e\n\u003cli\u003eHash.ts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eExtract CollectionHelperMethods and convert to TS by \u003ca href=\"https://github....\n\n_Description has been truncated_\n\n---\n\n🔄 This PR is an automated dependency update that bumps 25 npm packages across the monorepo, including major updates to Next.js (15.3.3 → 15.5.10), AI SDK (5.0.28 → 5.0.52), and lodash (4.17.21 → 4.17.23), along with numerous security patches and bug fixes.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Framework Updates**: Next.js updated from 15.3.3 to 15.5.10, bringing security fixes for CVE-2025-59471, CVE-2025-59472, and CVE-2026-23864\n- **AI SDK Enhancement**: Vercel AI SDK updated from 5.0.28 to 5.0.52 with new features and bug fixes across multiple packages\n- **Security Patches**: Multiple packages received security updates including lodash (prototype pollution fix), validator (CVE-2025-56200), and basic-ftp (CVE-2026-27699)\n- **Utility Libraries**: Updates to glob (11.0.2 → 12.0.0), nanoid (5.1.5 → 5.1.6), and various other utility packages\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 25 Outdated Packages]\n    B --\u003e C[Security Vulnerabilities Found]\n    B --\u003e D[Feature Updates Available]\n    C --\u003e E[Apply Security Patches]\n    D --\u003e F[Update Framework Versions]\n    E --\u003e G[Update package.json Files]\n    F --\u003e G\n    G --\u003e H[Maintain Compatibility]\n    H --\u003e I[Generate PR with Changes]\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple CVEs including prototype pollution, URL validation issues, and file path traversal vulnerabilities\n- **Framework Improvements**: Next.js updates include image optimization improvements and React Flight DoS mitigations\n- **Developer Experience**: Updated AI SDK provides better tooling and bug fixes for AI-powered features\n- **Maintenance**: Keeps dependencies current while maintaining backward compatibility across the monorepo\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/plate/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Fplate/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"}},{"old_version":"8.8.1","new_version":"8.8.5","update_type":"patch","path":null,"pr_created_at":"2026-03-14T06:17:18.000Z","version_change":"8.8.1 → 8.8.5","issue":{"uuid":"4074837818","node_id":"PR_kwDOPocb8s7Kjgj5","number":14,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 3 directories with 9 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-03-14T10:15:17.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-14T06:17:18.000Z","updated_at":"2026-03-14T10:15:18.000Z","time_to_close":14279,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":9,"packages":[{"name":"rollup","old_version":"4.49.0","new_version":"4.59.0","repository_url":"https://github.com/rollup/rollup"},{"name":"vite","old_version":"6.3.5","new_version":"8.0.0","repository_url":"https://github.com/vitejs/vite"},{"name":"zx","old_version":"8.8.1","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"playwright","old_version":"1.55.0","new_version":"1.55.1","repository_url":"https://github.com/microsoft/playwright"},{"name":"happy-dom","old_version":"18.0.1","new_version":"20.8.4","repository_url":"https://github.com/capricorn86/happy-dom"},{"name":"fastify","old_version":"5.5.0","new_version":"5.8.1","repository_url":"https://github.com/fastify/fastify"},{"name":"axios","old_version":"1.11.0","new_version":"1.13.5","repository_url":"https://github.com/axios/axios"},{"name":"immutable","old_version":"5.1.3","new_version":"5.1.5","repository_url":"https://github.com/immutable-js/immutable-js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [rollup](https://github.com/rollup/rollup) | `4.49.0` | `4.59.0` |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.3.5` | `8.0.0` |\n| [zx](https://github.com/google/zx) | `8.8.1` | `8.8.5` |\n| [playwright](https://github.com/microsoft/playwright) | `1.55.0` | `1.55.1` |\n| [happy-dom](https://github.com/capricorn86/happy-dom) | `18.0.1` | `20.8.4` |\n| [fastify](https://github.com/fastify/fastify) | `5.5.0` | `5.8.1` |\n| [axios](https://github.com/axios/axios) | `1.11.0` | `1.13.5` |\n| [immutable](https://github.com/immutable-js/immutable-js) | `5.1.3` | `5.1.5` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/vitest directory: [happy-dom](https://github.com/capricorn86/happy-dom).\nBumps the npm_and_yarn group with 2 updates in the /test/core directory: [axios](https://github.com/axios/axios) and [immutable](https://github.com/immutable-js/immutable-js).\n\nUpdates `rollup` from 4.49.0 to 4.59.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/releases\"\u003erollup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.59.0\u003c/h2\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6276\"\u003e#6276\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6275\"\u003e#6275\u003c/a\u003e: Validate bundle stays within output dir (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.58.0\u003c/h2\u003e\n\u003ch2\u003e4.58.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-20\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlso support \u003ccode\u003e__NO_SIDE_EFFECTS__\u003c/code\u003e annotation before variable declarations declaring function expressions (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6272\"\u003e#6272\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6256\"\u003e#6256\u003c/a\u003e: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (\u003ca href=\"https://github.com/njg7194\"\u003e\u003ccode\u003e@​njg7194\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6259\"\u003e#6259\u003c/a\u003e: docs: Correct typo and improve sentence structure in docs for \u003ccode\u003eoutput.experimentalMinChunkSize\u003c/code\u003e (\u003ca href=\"https://github.com/millerick\"\u003e\u003ccode\u003e@​millerick\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6260\"\u003e#6260\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v47 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6261\"\u003e#6261\u003c/a\u003e: fix(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6262\"\u003e#6262\u003c/a\u003e: Avoid unnecessary cloning of the code string (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6263\"\u003e#6263\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6265\"\u003e#6265\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6267\"\u003e#6267\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6268\"\u003e#6268\u003c/a\u003e: chore(deps): update dependency eslint-plugin-unicorn to v63 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6269\"\u003e#6269\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6270\"\u003e#6270\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6272\"\u003e#6272\u003c/a\u003e: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.57.1\u003c/h2\u003e\n\u003ch2\u003e4.57.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-01-30\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix heap corruption issue in Windows (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6251\"\u003e#6251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure exports of a dynamic import are fully included when called from a try...catch (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6254\"\u003e#6254\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6251\"\u003e#6251\u003c/a\u003e: fix: Isolate and cache \u003ccode\u003eprocess.report.getReport()\u003c/code\u003e calls in a child process for robust environment detection (\u003ca href=\"https://github.com/alan-agius4\"\u003e\u003ccode\u003e@​alan-agius4\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rollup/rollup/blob/master/CHANGELOG.md\"\u003erollup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-22\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow when the generated bundle contains paths that would leave the output directory (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6276\"\u003e#6276\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6275\"\u003e#6275\u003c/a\u003e: Validate bundle stays within output dir (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.58.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-02-20\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlso support \u003ccode\u003e__NO_SIDE_EFFECTS__\u003c/code\u003e annotation before variable declarations declaring function expressions (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6272\"\u003e#6272\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6256\"\u003e#6256\u003c/a\u003e: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (\u003ca href=\"https://github.com/njg7194\"\u003e\u003ccode\u003e@​njg7194\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6259\"\u003e#6259\u003c/a\u003e: docs: Correct typo and improve sentence structure in docs for \u003ccode\u003eoutput.experimentalMinChunkSize\u003c/code\u003e (\u003ca href=\"https://github.com/millerick\"\u003e\u003ccode\u003e@​millerick\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6260\"\u003e#6260\u003c/a\u003e: fix(deps): update rust crate swc_compiler_base to v47 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6261\"\u003e#6261\u003c/a\u003e: fix(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6262\"\u003e#6262\u003c/a\u003e: Avoid unnecessary cloning of the code string (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6263\"\u003e#6263\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6265\"\u003e#6265\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6267\"\u003e#6267\u003c/a\u003e: fix(deps): update minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6268\"\u003e#6268\u003c/a\u003e: chore(deps): update dependency eslint-plugin-unicorn to v63 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6269\"\u003e#6269\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6270\"\u003e#6270\u003c/a\u003e: chore(deps): lock file maintenance (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6272\"\u003e#6272\u003c/a\u003e: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.57.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-01-30\u003c/em\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix heap corruption issue in Windows (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6251\"\u003e#6251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure exports of a dynamic import are fully included when called from a try...catch (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6254\"\u003e#6254\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePull Requests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6251\"\u003e#6251\u003c/a\u003e: fix: Isolate and cache \u003ccode\u003eprocess.report.getReport()\u003c/code\u003e calls in a child process for robust environment detection (\u003ca href=\"https://github.com/alan-agius4\"\u003e\u003ccode\u003e@​alan-agius4\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6252\"\u003e#6252\u003c/a\u003e: chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot])\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6253\"\u003e#6253\u003c/a\u003e: chore(deps): lock file maintenance minor/patch updates (\u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot], \u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/rollup/rollup/pull/6254\"\u003e#6254\u003c/a\u003e: Fully include dynamic imports in a try-catch (\u003ca href=\"https://github.com/lukastaegert\"\u003e\u003ccode\u003e@​lukastaegert\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/ae846957f109690a866cc3e4c073613c338d3476\"\u003e\u003ccode\u003eae84695\u003c/code\u003e\u003c/a\u003e 4.59.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/b39616e9175b3d9fc3977c99153174c490805a93\"\u003e\u003ccode\u003eb39616e\u003c/code\u003e\u003c/a\u003e Update audit-resolve\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/c60770d7aaf750e512c1b2774989ea4596e660b2\"\u003e\u003ccode\u003ec60770d\u003c/code\u003e\u003c/a\u003e Validate bundle stays within output dir (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6275\"\u003e#6275\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/33f39c1f205ea2eadaf4b589e493453e2baa3662\"\u003e\u003ccode\u003e33f39c1\u003c/code\u003e\u003c/a\u003e 4.58.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/b61c40803b717854c1c28937e8098e5ad3c7b8ca\"\u003e\u003ccode\u003eb61c408\u003c/code\u003e\u003c/a\u003e forward NO_SIDE_EFFECTS annotations to function expressions in variable decla...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/7f00689ec90e2cafb11c26eefbcac62343c936f6\"\u003e\u003ccode\u003e7f00689\u003c/code\u003e\u003c/a\u003e Extend agent instructions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/e7b2b85af0901244ecc141b9d792c6db6b527ea4\"\u003e\u003ccode\u003ee7b2b85\u003c/code\u003e\u003c/a\u003e chore(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6270\"\u003e#6270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/2aa5da9baf82211b8207d268c8751630cb766970\"\u003e\u003ccode\u003e2aa5da9\u003c/code\u003e\u003c/a\u003e fix(deps): update minor/patch updates (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6267\"\u003e#6267\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/4319837c5448d0c10d89e9ded118888deec2eeec\"\u003e\u003ccode\u003e4319837\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency lru-cache to v11 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6269\"\u003e#6269\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rollup/rollup/commit/c3b6b4bdc4f2ed978fa233132a526957e6513233\"\u003e\u003ccode\u003ec3b6b4b\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency eslint-plugin-unicorn to v63 (\u003ca href=\"https://redirect.github.com/rollup/rollup/issues/6268\"\u003e#6268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rollup/rollup/compare/v4.49.0...v4.59.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for rollup since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 6.3.5 to 8.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ecreate-vite@8.0.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/create-vite@8.0.0/packages/create-vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eplugin-legacy@8.0.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/plugin-legacy@8.0.0/packages/plugin-legacy/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.18\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.18/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.17\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.17/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.16\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.16/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.15\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.15/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.14\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.14/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.13\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.13/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.12\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.12/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.11\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.11/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.10\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.10/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.9\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.9/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.8\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.8/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.7/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.6\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.6/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev8.0.0-beta.5\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v8.0.0-beta.5/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/vitejs/vite/compare/v8.0.0-beta.18...v8.0.0\"\u003e8.0.0\u003c/a\u003e (2026-03-12)\u003c/h2\u003e\n\u003cp\u003e\u003cimg src=\"https://github.com/vitejs/vite/blob/main/docs/public/og-image-announcing-vite8.webp\" alt=\"Vite 8 is here!\" /\u003e\u003c/p\u003e\n\u003cp\u003eToday, we're thrilled to announce the release of the next Vite major:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://vite.dev/blog/announcing-vite8.html\"\u003eVite 8.0 announcement blog post\u003c/a\u003e\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://vite.dev/\"\u003eDocs\u003c/a\u003e (translations: \u003ca href=\"https://cn.vite.dev/\"\u003e简体中文\u003c/a\u003e, \u003ca href=\"https://ja.vite.dev/\"\u003e日本語\u003c/a\u003e, \u003ca href=\"https://es.vite.dev/\"\u003eEspañol\u003c/a\u003e, \u003ca href=\"https://pt.vite.dev/\"\u003ePortuguês\u003c/a\u003e, \u003ca href=\"https://ko.vite.dev/\"\u003e한국어\u003c/a\u003e, \u003ca href=\"https://de.vite.dev/\"\u003eDeutsch\u003c/a\u003e, \u003ca href=\"https://fa.vite.dev/\"\u003eفارسی\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://vite.dev/guide/migration.html\"\u003eMigration Guide\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove \u003ccode\u003eimport.meta.hot.accept\u003c/code\u003e resolution fallback (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21382\"\u003e#21382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate default browser target (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21193\"\u003e#21193\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ethe epic \u003ccode\u003erolldown-vite\u003c/code\u003e merge (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21189\"\u003e#21189\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-rc.9 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21813\"\u003e#21813\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f05be0eabf5c045b8892d463081da3c8fbf5a5ae\"\u003ef05be0e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ewarn when \u003ccode\u003evite-tsconfig-paths\u003c/code\u003e plugin is detected (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21781\"\u003e#21781\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ada493e4214ef2028b96583550443a386be2e2ae\"\u003eada493e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecss:\u003c/strong\u003e support es2025 build target for lightningcss (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21769\"\u003e#21769\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/08906e76f2fc0e55c8aea6243f6203ce0c78f106\"\u003e08906e7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eforward browser console logs and errors to dev server terminal (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20916\"\u003e#20916\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/2540ed06d0b6f93829d2d764b6a02f7dbfd14923\"\u003e2540ed0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-rc.8 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21790\"\u003e#21790\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/a0c950e30945cc97fb2381a2affac086730fa31e\"\u003ea0c950e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eexport \u003ccode\u003eVisitor\u003c/code\u003e and \u003ccode\u003eESTree\u003c/code\u003e from \u003ccode\u003erolldown/utils\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21664\"\u003e#21664\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/45de31e5ffcc514832aec96fa6e09a189c26d684\"\u003e45de31e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-rc.6 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21714\"\u003e#21714\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/37a65f8c31b5baeb4dadecfd4da98f81bae4202e\"\u003e37a65f8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euse util.inspect for CLI error display (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21668\"\u003e#21668\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/5f425a9126ad1a483f482970bef8c29a0e721a3c\"\u003e5f425a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-rc.5 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21660\"\u003e#21660\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/b3ddbc54ee5b836852b09811c8e920b2b2cde7cb\"\u003eb3ddbc5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-rc.4 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21617\"\u003e#21617\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/1ee5c7f796c24d7319fbd5258bbdce4968859efe\"\u003e1ee5c7f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewasm:\u003c/strong\u003e add SSR support for \u003ccode\u003e.wasm?init\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21102\"\u003e#21102\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/216a3b53c610918027a7713a0d5495628f77d306\"\u003e216a3b5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eintegrate devtools (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21331\"\u003e#21331\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/acbf507bcb05f9cd9525c765431b3e0ed97328e4\"\u003eacbf507\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-rc.3 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21554\"\u003e#21554\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/43358e97cd6485513f25ee11133333cba05841e3\"\u003e43358e9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emanifest:\u003c/strong\u003e add \u003ccode\u003eassets\u003c/code\u003e field for standalone CSS entry points (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21015\"\u003e#21015\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f289b9b0ce7821b1554b878d083c426e7a695b59\"\u003ef289b9b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-rc.2 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21512\"\u003e#21512\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fa136a9e68921f3ca396e0870193fe805fbfb7b4\"\u003efa136a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ebundled-dev:\u003c/strong\u003e support worker in initial bundle (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21415\"\u003e#21415\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/f3d31499c714fe5c5acf8355520624c662f9d79f\"\u003ef3d3149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edev:\u003c/strong\u003e detect port conflicts on wildcard hosts (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21381\"\u003e#21381\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/b0dd5a993fd2f95c8cb2190a3ca4296bc9e06359\"\u003eb0dd5a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eshortcuts case insensitive (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21224\"\u003e#21224\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/7796aded764bca987abfec8ab0ad0438c5a5e7eb\"\u003e7796ade\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-rc.1 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21463\"\u003e#21463\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ff9dd7fef0d3c898e317fca84a629828f3e28936\"\u003eff9dd7f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ewarn if \u003ccode\u003eenvPrefix\u003c/code\u003e contains spaces (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21292\"\u003e#21292\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/9fcde3c870896a62fbca19be8ee14efab9393f4a\"\u003e9fcde3c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-beta.60 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21408\"\u003e#21408\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c33aa7cfd142a0dd38ed89589fc7b04cf8866791\"\u003ec33aa7c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-beta.59 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21374\"\u003e#21374\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/00379439fa62383460b056d587d0366597c19ab4\"\u003e0037943\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003eignoreOutdatedRequests\u003c/code\u003e option to \u003ccode\u003eoptimizeDeps\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21364\"\u003e#21364\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/b2e75aabe93e3219f40fa5ad8755d53cdd2439b5\"\u003eb2e75aa\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd ios to default esbuild targets (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21342\"\u003e#21342\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/daae6e9f5dd223258a9e7a9a7fa22c8a4564902f\"\u003edaae6e9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-beta.58 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21354\"\u003e#21354\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ba40cef16d20590f7115d4d628d9b79fa0783473\"\u003eba40cef\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-beta.57 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21335\"\u003e#21335\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/d5412ef4c472bc5fef4ed69cfee4ef4a929c6be9\"\u003ed5412ef\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecss:\u003c/strong\u003e support es2024 build target for lightningcss (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21294\"\u003e#21294\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/bd33b8e08768fdcef0b09e3eefa649fdcafdd397\"\u003ebd33b8e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-beta.56 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21323\"\u003e#21323\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/9847a634cf36de2e6ac0043ffd22cefb1b5951bd\"\u003e9847a63\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eintroduce v2 native plugins and enable it by default (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21268\"\u003e#21268\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/42f2ab3aec7cd0e03e195611b1e1ddabbedc9d61\"\u003e42f2ab3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003essr:\u003c/strong\u003e avoid errors when rewriting already rewritten stacktrace (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21269\"\u003e#21269\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/98d9a33274d9ac90780786afa612d916feddf2e3\"\u003e98d9a33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-beta.55 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21300\"\u003e#21300\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/2c8db858d7081e898f63ce9569c3f19a91a10956\"\u003e2c8db85\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate rolldown to 1.0.0-beta.54 (\u003ca href=\"https://redirect.github.com/vitejs/vite/issues/21267\"\u003e#21267\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c75117213cb1d2d13554fbc26a75e8df191c27eb\"\u003ec751172\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ea68a8868c7ee249213057f8a81c3f92a9839dde\"\u003e\u003ccode\u003eea68a88\u003c/code\u003e\u003c/a\u003e chore(deps): update rolldown-related dependencies (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20810\"\u003e#20810\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/693d25510aba3322e8e689764df8c3b18db04a98\"\u003e\u003ccode\u003e693d255\u003c/code\u003e\u003c/a\u003e release: v7.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/98a3484733443ee529870477a6ab6a03572e3cbc\"\u003e\u003ccode\u003e98a3484\u003c/code\u003e\u003c/a\u003e fix(hmr): wait for \u003ccode\u003eimport.meta.hot.prune\u003c/code\u003e callbacks to complete before runni...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/9f32b1dc710991c53a9f665c8d0d6945f342bf92\"\u003e\u003ccode\u003e9f32b1d\u003c/code\u003e\u003c/a\u003e fix(hmr): trigger prune event when import is removed from non hmr module (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20\"\u003e#20\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/9f2247c066cac75746356c9391845235445a154b\"\u003e\u003ccode\u003e9f2247c\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20811\"\u003e#20811\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/105abe87c412cf0f83859ba41fed869221cbb3e0\"\u003e\u003ccode\u003e105abe8\u003c/code\u003e\u003c/a\u003e fix(glob): handle glob imports from folders starting with dot (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20800\"\u003e#20800\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/4c4583ce7a13306e0853901570c5d95517fe81da\"\u003e\u003ccode\u003e4c4583c\u003c/code\u003e\u003c/a\u003e fix(build): fix ssr environment \u003ccode\u003eemitAssets: true\u003c/code\u003e when `sharedConfigBuild: t...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/9bc9d1258f550e9d8f5e530cd27aecb1bee32bdb\"\u003e\u003ccode\u003e9bc9d12\u003c/code\u003e\u003c/a\u003e fix(client): use CSP nonce when rendering error overlay (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20791\"\u003e#20791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/54377f70ad72d56a2c5b4f36a812b5991573d5b1\"\u003e\u003ccode\u003e54377f7\u003c/code\u003e\u003c/a\u003e release: v7.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/88af2ae7df77160e7d11a9fa147a4967c8499f13\"\u003e\u003ccode\u003e88af2ae\u003c/code\u003e\u003c/a\u003e fix(deps): update all non-major dependencies (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20773\"\u003e#20773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/create-vite@8.0.0/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for vite since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 8.8.1 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.8.1...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `playwright` from 1.55.0 to 1.55.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/playwright/releases\"\u003eplaywright's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.55.1\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37479\"\u003emicrosoft/playwright#37479\u003c/a\u003e - [Bug]: Upgrade Chromium to 140.0.7339.186.\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37147\"\u003emicrosoft/playwright#37147\u003c/a\u003e - [Regression]: Internal error: step id not found.\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37146\"\u003emicrosoft/playwright#37146\u003c/a\u003e - [Regression]: HTML reporter displays a broken chip link when there are no projects.\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/pull/37137\"\u003emicrosoft/playwright#37137\u003c/a\u003e - Revert \u0026quot;fix(a11y): track inert elements as hidden\u0026quot;.\n\u003ca href=\"https://redirect.github.com/microsoft/playwright/pull/37532\"\u003emicrosoft/playwright#37532\u003c/a\u003e - chore: do not use -k option\u003c/p\u003e\n\u003ch2\u003eBrowser Versions\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChromium 140.0.7339.186\u003c/li\u003e\n\u003cli\u003eMozilla Firefox 141.0\u003c/li\u003e\n\u003cli\u003eWebKit 26.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis version was also tested against the following stable channels:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eGoogle Chrome 139\u003c/li\u003e\n\u003cli\u003eMicrosoft Edge 139\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/ae51df7a35888f663553ab4e9c45d6cb6335397f\"\u003e\u003ccode\u003eae51df7\u003c/code\u003e\u003c/a\u003e chore: mark v1.55.1 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37530\"\u003e#37530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/86dde294ce7fc9dd62d2f7ce5afd0c79cff50140\"\u003e\u003ccode\u003e86dde29\u003c/code\u003e\u003c/a\u003e feat(chromium): roll to r1193 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37529\"\u003e#37529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/86328bc9f43da2fe2b9aba2822c79f8b4c0c7f72\"\u003e\u003ccode\u003e86328bc\u003c/code\u003e\u003c/a\u003e chore: do not use -k option (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37532\"\u003e#37532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/63799ba68340fde11445d4f48c12515c28dcc92a\"\u003e\u003ccode\u003e63799ba\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37214\"\u003e#37214\u003c/a\u003e): docs: fix method names in release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/21e29a42ab090d7848a3c3255f05335ba0db424d\"\u003e\u003ccode\u003e21e29a4\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37153\"\u003e#37153\u003c/a\u003e): fix(html): don't display a chip with empty content with ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/ba62e6ab0d25f7415ffdf121e4e186aadb213be5\"\u003e\u003ccode\u003eba62e6a\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37149\"\u003e#37149\u003c/a\u003e): fix(test): attaching in boxed fixture\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/25bb073f2697c98995871d40828604b0836c29b7\"\u003e\u003ccode\u003e25bb073\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/37137\"\u003e#37137\u003c/a\u003e): Revert \u0026quot;fix(a11y): track inert elements as hidden (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/36947\"\u003e#36947\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/microsoft/playwright/compare/v1.55.0...v1.55.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `happy-dom` from 18.0.1 to 20.8.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/capricorn86/happy-dom/releases\"\u003ehappy-dom's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev20.8.4\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReplace ConsoleConstructor import with indexed access type - By \u003cstrong\u003e\u003ca href=\"https://github.com/YevheniiKotyrlo\"\u003e\u003ccode\u003e@​YevheniiKotyrlo\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1845\"\u003e#1845\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.8.3\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThrow error if event is not of type \u003ccode\u003eEvent\u003c/code\u003e in \u003ccode\u003eEventTarget.dispatchEvent()\u003c/code\u003e - By \u003cstrong\u003e\u003ca href=\"https://github.com/capricorn86\"\u003e\u003ccode\u003e@​capricorn86\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2054\"\u003e#2054\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.8.2\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eResets \u003ccode\u003eEvent.cancelBubble\u003c/code\u003e and \u003ccode\u003eEvent.defaultPrevented\u003c/code\u003e when calling \u003ccode\u003eEvent.initEvent()\u003c/code\u003e - By \u003cstrong\u003e\u003ca href=\"https://github.com/capricorn86\"\u003e\u003ccode\u003e@​capricorn86\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2090\"\u003e#2090\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.8.1\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMake \u0026quot;inert\u0026quot; attribute block focus interactions - By \u003cstrong\u003e\u003ca href=\"https://github.com/coffeeandwork\"\u003e\u003ccode\u003e@​coffeeandwork\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1422\"\u003e#1422\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.8.0\u003c/h2\u003e\n\u003ch3\u003e:art: Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdds support for setPointerCapture, hasPointerCapture, and releasePointerCapture to Element - By \u003cstrong\u003e\u003ca href=\"https://github.com/coffeeandwork\"\u003e\u003ccode\u003e@​coffeeandwork\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1733\"\u003e#1733\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.7.2\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eProperly decode CSS escape sequences in attribute selector values - By \u003cstrong\u003e\u003ca href=\"https://github.com/silverwind\"\u003e\u003ccode\u003e@​silverwind\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.7.1\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes issue related to parsing direct descendants (\u003ccode\u003e\u0026gt;\u003c/code\u003e) and universal (\u003ccode\u003e*\u003c/code\u003e) query selectors - By \u003cstrong\u003e\u003ca href=\"https://github.com/Cherry\"\u003e\u003ccode\u003e@​Cherry\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2078\"\u003e#2078\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.7.0\u003c/h2\u003e\n\u003ch3\u003e:art: Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdds support for \u003ccode\u003eWindow.getScreenDetails()\u003c/code\u003e - By \u003cstrong\u003e\u003ca href=\"https://github.com/TrevorBurnham\"\u003e\u003ccode\u003e@​TrevorBurnham\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1923\"\u003e#1923\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExtends \u003ccode\u003eScreen\u003c/code\u003e from \u003ccode\u003eEventTarget\u003c/code\u003e - By \u003cstrong\u003e\u003ca href=\"https://github.com/TrevorBurnham\"\u003e\u003ccode\u003e@​TrevorBurnham\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1923\"\u003e#1923\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.6.5\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd clearImmediate to Jest environment global scope - By \u003cstrong\u003e\u003ca href=\"https://github.com/TrevorBurnham\"\u003e\u003ccode\u003e@​TrevorBurnham\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1927\"\u003e#1927\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.6.4\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNormalize invalid input type attribute to \u0026quot;text\u0026quot; per HTML spec - By \u003cstrong\u003e\u003ca href=\"https://github.com/atzzCokeK\"\u003e\u003ccode\u003e@​atzzCokeK\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2053\"\u003e#2053\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.6.3\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRefactors query selector parser to be able to handle complex rules - By \u003cstrong\u003e\u003ca href=\"https://github.com/capricorn86\"\u003e\u003ccode\u003e@​capricorn86\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1910\"\u003e#1910\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixes issue related to using query selector for attribute in XML document - By \u003cstrong\u003e\u003ca href=\"https://github.com/capricorn86\"\u003e\u003ccode\u003e@​capricorn86\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1912\"\u003e#1912\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixes issue with using quotes within quotes for attribute query selector (e.g. \u003ccode\u003e[data-value=\u0026quot;it's a test\u0026quot;]\u003c/code\u003e) - By \u003cstrong\u003e\u003ca href=\"https://github.com/capricorn86\"\u003e\u003ccode\u003e@​capricorn86\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2034\"\u003e#2034\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.6.2\u003c/h2\u003e\n\u003ch3\u003e:construction_worker_man: Patch fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate entities package version to resolve missing export for vue and vue-compat v3.5 - By \u003cstrong\u003e\u003ca href=\"https://github.com/acollins1991\"\u003e\u003ccode\u003e@​acollins1991\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e in task \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2066\"\u003e#2066\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/82a0888cb2c87a6123e05424b528f8e8c9b3e426\"\u003e\u003ccode\u003e82a0888\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1845\"\u003e#1845\u003c/a\u003e Replace ConsoleConstructor import with indexed access type (\u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2095\"\u003e#2095\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/5998eeaea5455cda9556675c6b92bea7ec85642b\"\u003e\u003ccode\u003e5998eea\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2054\"\u003e#2054\u003c/a\u003e Throw error if event is not of type Event in dispatchEvent (\u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2092\"\u003e#2092\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/7a11238eace2fab69eb6bff13c2eeb0b7f7caa40\"\u003e\u003ccode\u003e7a11238\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2090\"\u003e#2090\u003c/a\u003e Resets cancelBubble and defaultPrevented when calling initEvent ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/7d27984affe0dcfc2827d1568fa6b950905a8482\"\u003e\u003ccode\u003e7d27984\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1422\"\u003e#1422\u003c/a\u003e Make inert attribute block focus interactions (\u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2083\"\u003e#2083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/53e4ec974a8c8f66db7cd55c9553e7e8281185bf\"\u003e\u003ccode\u003e53e4ec9\u003c/code\u003e\u003c/a\u003e feat: \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1733\"\u003e#1733\u003c/a\u003e Adds support for setPointerCapture, hasPointerCapture, and rele...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/1c73c3f7bbd0f6693af89386ba10ea8b506546c1\"\u003e\u003ccode\u003e1c73c3f\u003c/code\u003e\u003c/a\u003e fix: Properly decode CSS escape sequences in attribute selector values (\u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2080\"\u003e#2080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/7fa06b306bc6f7679d430ecfd8eee33c14c2be87\"\u003e\u003ccode\u003e7fa06b3\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2078\"\u003e#2078\u003c/a\u003e Fixes direct descendants \u0026gt; and universal * query selectors  (\u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2079\"\u003e#2079\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/4e0d1e331e07fcbf9b63baf50854b9a996b7fa1e\"\u003e\u003ccode\u003e4e0d1e3\u003c/code\u003e\u003c/a\u003e feat: \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1923\"\u003e#1923\u003c/a\u003e Adds support for getScreenDetails() (\u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2041\"\u003e#2041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/78a2ff462c034d4531634c01afe5cf14da6fa732\"\u003e\u003ccode\u003e78a2ff4\u003c/code\u003e\u003c/a\u003e chore: \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1867\"\u003e#1867\u003c/a\u003e Add regression test for TreeWalker sibling traversal (\u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2026\"\u003e#2026\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/capricorn86/happy-dom/commit/46bab6775978d3dde1c4fdcd60d3a10090a3a850\"\u003e\u003ccode\u003e46bab67\u003c/code\u003e\u003c/a\u003e fix: \u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/1927\"\u003e#1927\u003c/a\u003e Add clearImmediate to Jest environment global scope (\u003ca href=\"https://redirect.github.com/capricorn86/happy-dom/issues/2029\"\u003e#2029\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/capricorn86/happy-dom/compare/v18.0.1...v20.8.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastify` from 5.5.0 to 5.8.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fastify/releases\"\u003efastify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cp\u003eFixes \u0026quot;Missing End Anchor in \u0026quot;subtypeNameReg\u0026quot; Allows Malformed Content-Types to Pass Validation\u0026quot;: \u003ca href=\"https://github.com/fastify/fastify/security/advisories/GHSA-573f-x89g-hqp9\"\u003ehttps://github.com/fastify/fastify/security/advisories/GHSA-573f-x89g-hqp9\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eCVE-2026-3419\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.8.0...v5.8.1\"\u003ehttps://github.com/fastify/fastify/compare/v5.8.0...v5.8.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.8.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(request): add host security warning references by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6476\"\u003efastify/fastify#6476\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix note style by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6487\"\u003efastify/fastify#6487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: rename deploy website ci by \u003ca href=\"https://github.com/Eomm\"\u003e\u003ccode\u003e@​Eomm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6492\"\u003efastify/fastify#6492\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: support pino v9 and v10 by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6496\"\u003efastify/fastify#6496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update logger types and fix TODO comment by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6470\"\u003efastify/fastify#6470\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(test-types): migrate dummy-plugin to FastifyPluginAsync by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6472\"\u003efastify/fastify#6472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix markdown typo in README.md by \u003ca href=\"https://github.com/droppingbeans\"\u003e\u003ccode\u003e@​droppingbeans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6491\"\u003efastify/fastify#6491\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: cover non-numeric content-length client error path by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6500\"\u003efastify/fastify#6500\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: remove tests-checker workflow by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6481\"\u003efastify/fastify#6481\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: remove stale.yml file by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6504\"\u003efastify/fastify#6504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(security): remove hackerone references; change note style by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6501\"\u003efastify/fastify#6501\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: rename \u003ccode\u003e@​sinclair/typebox\u003c/code\u003e to typebox by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6494\"\u003efastify/fastify#6494\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(links-check): add external link checker using linkinator-action by \u003ca href=\"https://github.com/umxr\"\u003e\u003ccode\u003e@​umxr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6386\"\u003efastify/fastify#6386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade borp to v1.0.0 by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6510\"\u003efastify/fastify#6510\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add OpenJS CNA reference to SECURITY.md by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6516\"\u003efastify/fastify#6516\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: avoid mutating shared routerOptions across instances by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6515\"\u003efastify/fastify#6515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(types): accept async route hooks in shorthand options by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6514\"\u003efastify/fastify#6514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Improve shutdown lifecycle documentation by \u003ca href=\"https://github.com/kibertoad\"\u003e\u003ccode\u003e@​kibertoad\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6517\"\u003efastify/fastify#6517\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove unused \u003ccode\u003etsconfig.eslint.json\u003c/code\u003e by \u003ca href=\"https://github.com/mrazauskas\"\u003e\u003ccode\u003e@​mrazauskas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6524\"\u003efastify/fastify#6524\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: First-class support for handler-level timeouts by \u003ca href=\"https://github.com/kibertoad\"\u003e\u003ccode\u003e@​kibertoad\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6521\"\u003efastify/fastify#6521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(security): clarify insecureHTTPParser threat model scope by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6533\"\u003efastify/fastify#6533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6511\"\u003efastify/fastify#6511\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: clarify anyOf nullable coercion behavior with primitive types by \u003ca href=\"https://github.com/slegarraga\"\u003e\u003ccode\u003e@​slegarraga\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6531\"\u003efastify/fastify#6531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: remove format placeholder from FST_ERR_CTP_INVALID_MEDIA_TYPE message by \u003ca href=\"https://github.com/super-mcgin\"\u003e\u003ccode\u003e@​super-mcgin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6528\"\u003efastify/fastify#6528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(reference/hooks): fix note style by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6538\"\u003efastify/fastify#6538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump lycheeverse/lychee-action from 2.7.0 to 2.8.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6539\"\u003efastify/fastify#6539\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump actions/dependency-review-action from 4.8.2 to 4.8.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6540\"\u003efastify/fastify#6540\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump markdownlint-cli2 from 0.20.0 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6542\"\u003efastify/fastify#6542\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: remove broken links and add ecosystem link validator by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6421\"\u003efastify/fastify#6421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(validate-ecoystem-links): add job level permission by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6545\"\u003efastify/fastify#6545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6543\"\u003efastify/fastify#6543\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/droppingbeans\"\u003e\u003ccode\u003e@​droppingbeans\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6491\"\u003efastify/fastify#6491\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/umxr\"\u003e\u003ccode\u003e@​umxr\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6386\"\u003efastify/fastify#6386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slegarraga\"\u003e\u003ccode\u003e@​slegarraga\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6531\"\u003efastify/fastify#6531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/super-mcgin\"\u003e\u003ccode\u003e@​super-mcgin\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fastify/pull/6528\"\u003efastify/fastify#6528\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fastify/compare/v5.7.4...v5.8.0\"\u003ehttps://github.com/fastify/fastify/compare/v5.7.4...v5.8.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/073ff8132f350aaa53935231019499e983cb9794\"\u003e\u003ccode\u003e073ff81\u003c/code\u003e\u003c/a\u003e Bumped v5.8.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/67f6c9b32cb3623d3c9470cc17ed830dd2f083d7\"\u003e\u003ccode\u003e67f6c9b\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/161578a366edd40ef6d7eb06bfd57bc2b55f37b6\"\u003e\u003ccode\u003e161578a\u003c/code\u003e\u003c/a\u003e chore: sync version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/9b06a781f90d5a8d5ac5fc43eb2fddc392864681\"\u003e\u003ccode\u003e9b06a78\u003c/code\u003e\u003c/a\u003e Bumped v5.8.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/bbdfe82ae891199ba0d2b49326b7ddce5f103ab3\"\u003e\u003ccode\u003ebbdfe82\u003c/code\u003e\u003c/a\u003e style: remove trailing whitespace (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6543\"\u003e#6543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/cd58ed45d3c3b25cae3cfaa27e9c76a1c8865d0f\"\u003e\u003ccode\u003ecd58ed4\u003c/code\u003e\u003c/a\u003e ci(validate-ecoystem-links): add job level permission (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6545\"\u003e#6545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/2590592da900172e04526f36dfe4dac617022469\"\u003e\u003ccode\u003e2590592\u003c/code\u003e\u003c/a\u003e ci: remove broken links and add ecosystem link validator (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6421\"\u003e#6421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/09b55b6ca6a3244df9f02b02157db41777198d4f\"\u003e\u003ccode\u003e09b55b6\u003c/code\u003e\u003c/a\u003e chore: Bump markdownlint-cli2 from 0.20.0 to 0.21.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6542\"\u003e#6542\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/43c4e386c374c56a7de326e20f51eb7a71c0edda\"\u003e\u003ccode\u003e43c4e38\u003c/code\u003e\u003c/a\u003e chore: Bump actions/dependency-review-action from 4.8.2 to 4.8.3 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6540\"\u003e#6540\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fastify/commit/3b4057303e63172ed8a4dde8d35f6ce1f7a5eb58\"\u003e\u003ccode\u003e3b40573\u003c/code\u003e\u003c/a\u003e chore: Bump lycheeverse/lychee-action from 2.7.0 to 2.8.0 (\u003ca href=\"https://redirect.github.com/fastify/fastify/issues/6539\"\u003e#6539\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fastify/compare/v5.5.0...v5.8.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.11.0 to 1.13.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.13.5\u003c/h2\u003e\n\u003ch2\u003eRelease 1.13.5\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eSecurity:\u003c/strong\u003e Fixed a potential \u003cstrong\u003eDenial of Service\u003c/strong\u003e issue involving the \u003ccode\u003e__proto__\u003c/code\u003e key in \u003ccode\u003emergeConfig\u003c/code\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7369\"\u003e#7369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBug fix:\u003c/strong\u003e Resolved an issue where \u003ccode\u003eAxiosError\u003c/code\u003e could be missing the \u003ccode\u003estatus\u003c/code\u003e field on and after \u003cstrong\u003ev1.13.3\u003c/strong\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7368\"\u003e#7368\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003ch4\u003eSecurity\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix Denial of Service via \u003ccode\u003e__proto__\u003c/code\u003e key in \u003ccode\u003emergeConfig\u003c/code\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7369\"\u003e#7369\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFix/5657. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7313\"\u003e#7313\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003estatus\u003c/code\u003e is present in \u003ccode\u003eAxiosError\u003c/code\u003e on and after v1.13.3. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7368\"\u003e#7368\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFeatures / Improvements\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdd input validation to \u003ccode\u003eisAbsoluteURL\u003c/code\u003e. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7326\"\u003e#7326\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRefactor: bump minor package versions. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7356\"\u003e#7356\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eDocumentation\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eClarify object-check comment. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7323\"\u003e#7323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix deprecated \u003ccode\u003eBuffer\u003c/code\u003e constructor usage and README formatting. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7371\"\u003e#7371\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCI / Maintenance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eChore: fix issues with YAML. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7355\"\u003e#7355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCI: update workflow YAMLs. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7372\"\u003e#7372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCI: fix run condition. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7373\"\u003e#7373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDev deps: bump \u003ccode\u003ekarma-sourcemap-loader\u003c/code\u003e from 0.3.8 to 0.4.0. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7360\"\u003e#7360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChore(release): prepare release 1.13.5. (PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7379\"\u003e#7379\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sachin11063\"\u003e\u003ccode\u003e@​sachin11063\u003c/code\u003e\u003c/a\u003e (first contribution — PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7323\"\u003e#7323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/asmitha-16\"\u003e\u003ccode\u003e@​asmitha-16\u003c/code\u003e\u003c/a\u003e (first contribution — PR \u003ca href=\"https://redirect.github.com/axios/axios/pull/7326\"\u003e#7326\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog:\u003c/strong\u003e \u003ca href=\"https://github.com/axios/axios/compare/v1.13.4...v1.13.5\"\u003ehttps://github.com/axios/axios/compare/v1.13.4...v1.13.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.13.4\u003c/h2\u003e\n\u003ch2\u003eOverview\u003c/h2\u003e\n\u003cp\u003eThe release addresses issues discovered in v1.13.3 and includes significant CI/CD improvements.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/axios/axios/compare/v1.13.3...v1.13.4\"\u003ev1.13.3...v1.13.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's New in v1.13.4\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003efix: issues with version 1.13.3\u003c/strong\u003e (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7352\"\u003e#7352\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/ee90dfc28abffbb61e24974b2bd3139a4a40ac76\"\u003eee90dfc\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eFixed issues discovered in v1.13.3 release\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.13.2...v1.13.3\"\u003e1.13.3\u003c/a\u003e (2026-01-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ehttp2:\u003c/strong\u003e Use port 443 for HTTPS connections by default. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7256\"\u003e#7256\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d7e60653460480ffacecf85383012ca1baa6263e\"\u003ed7e6065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003einterceptor:\u003c/strong\u003e handle the error in the same interceptor (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6269\"\u003e#6269\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/5945e40bb171d4ac4fc195df276cf952244f0f89\"\u003e5945e40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emain field in package.json should correspond to cjs artifacts (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5756\"\u003e#5756\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7373fbff24cd92ce650d99ff6f7fe08c2e2a0a04\"\u003e7373fbf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003epackage.json:\u003c/strong\u003e add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5754\"\u003e#5754\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/b89217e3e91de17a3d55e2b8f39ceb0e9d8aeda8\"\u003eb89217e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esilentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7257\"\u003e#7257\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/7d19335e43d6754a1a9a66e424f7f7da259895bf\"\u003e7d19335\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eturn AxiosError into a native error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5394\"\u003e#5394\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5558\"\u003e#5558\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/1c6a86dd2c0623ee1af043a8491dbc96d40e883b\"\u003e1c6a86d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e add handlers to AxiosInterceptorManager interface (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5551\"\u003e#5551\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/8d1271b49fc226ed7defd07cd577bd69a55bb13a\"\u003e8d1271b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e restore AxiosError.cause type from unknown to Error (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7327\"\u003e#7327\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/d8233d9e8e9a64bfba9bbe01d475ba417510b82b\"\u003ed8233d9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eunclear error message is thrown when specifying an empty proxy authorization (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6314\"\u003e#6314\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/6ef867e684adf7fb2343e3b29a79078a3c76dc29\"\u003e6ef867e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eundefined\u003c/code\u003e as a value in AxiosRequestConfig (\u003ca href=\"https://redirect.github.com/axios/axios/issues/5560\"\u003e#5560\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/095033c626895ecdcda2288050b63dcf948db3bd\"\u003e095033c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd automatic minor and patch upgrades to dependabot (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6053\"\u003e#6053\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/65a7584eda6164980ddb8cf5372f0afa2a04c1ed\"\u003e65a7584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd Node.js coverage script using c8 (closes \u003ca href=\"https://redirect.github.com/axios/axios/issues/7289\"\u003e#7289\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7294\"\u003e#7294\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/ec9d94e9f88da13e9219acadf65061fb38ce080a\"\u003eec9d94e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadded copilot instructions (\u003ca href=\"https://github.com/axios/axios/commit/3f83143bfe617eec17f9d7dcf8bafafeeae74c26\"\u003e3f83143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with frozen prototypes (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6265\"\u003e#6265\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/860e03396a536e9b926dacb6570732489c9d7012\"\u003e860e033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenhance pipeFileToResponse with error handling (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7169\"\u003e#7169\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/88d78842541610692a04282233933d078a8a2552\"\u003e88d7884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Intellisense for string literals in a widened union (\u003ca href=\"https://redirect.github.com/axios/axios/issues/6134\"\u003e#6134\u003c/a\u003e) (\u003ca href=\"https://github.com/axios/axios/commit/f73474d02c5aa957b2daeecee65508557fd3c6e5\"\u003ef73474d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com//redirect.github.com/microsoft/TypeScript/issues/33471/issues/issuecomment-1376364329\"\u003emicrosoft/TypeScript#33471\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eReverts\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRevert \u0026quot;fix: silentJSONParsing=false should throw on invalid JSON (\u003ca href=\"https://redirect.github.com/axios/axios/issues/7253\"\u003e#7253\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/a...\n\n_Description has been truncated_","html_url":"https://github.com/trizist/vitest/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/trizist%2Fvitest/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"}},{"old_version":"8.7.0","new_version":"8.8.5","update_type":"minor","path":null,"pr_created_at":"2026-03-14T00:10:42.000Z","version_change":"8.7.0 → 8.8.5","issue":{"uuid":"4074006236","node_id":"PR_kwDOQTMM3s7Kgzte","number":20,"state":"open","title":"Bump the npm_and_yarn group across 18 directories with 21 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-14T00:10:42.000Z","updated_at":"2026-03-14T00:11:37.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":21,"packages":[{"name":"undici","old_version":"7.9.0","new_version":"7.24.1","repository_url":"https://github.com/nodejs/undici"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"9.0.5","new_version":"9.0.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"9.0.3","new_version":"9.0.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"7.4.6","new_version":"7.4.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"5.1.6","new_version":"5.1.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"minimatch","old_version":"10.0.1","new_version":"10.2.4","repository_url":"https://github.com/isaacs/minimatch"},{"name":"webpack","old_version":"5.100.0","new_version":"5.105.4","repository_url":"https://github.com/webpack/webpack"},{"name":"zx","old_version":"8.7.0","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"@tootallnate/once","old_version":"3.0.0","new_version":"3.0.1","repository_url":"https://github.com/TooTallNate/once"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"form-data","old_version":"4.0.0","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"braces","old_version":"2.3.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"svgo","old_version":"2.8.0","new_version":"2.8.2","repository_url":"https://github.com/svg/svgo"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [undici](https://github.com/nodejs/undici) | `7.9.0` | `7.24.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.3` | `9.0.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `7.4.6` | `7.4.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `5.1.6` | `5.1.9` |\n| [minimatch](https://github.com/isaacs/minimatch) | `10.0.1` | `10.2.4` |\n| [webpack](https://github.com/webpack/webpack) | `5.100.0` | `5.105.4` |\n| [zx](https://github.com/google/zx) | `8.7.0` | `8.8.5` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `3.0.0` | `3.0.1` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.5` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [braces](https://github.com/micromatch/braces) | `2.3.2` | `3.0.3` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [svgo](https://github.com/svg/svgo) | `2.8.0` | `2.8.2` |\n\nBumps the npm_and_yarn group with 6 updates in the /build directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [minimatch](https://github.com/isaacs/minimatch) | `10.0.3` | `10.2.4` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.17.1` | `8.18.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.5.0` | `4.5.4` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n\nBumps the npm_and_yarn group with 3 updates in the /build/npm/gyp directory: [glob](https://github.com/isaacs/node-glob), [minimatch](https://github.com/isaacs/minimatch) and [tar](https://github.com/isaacs/node-tar).\nBumps the npm_and_yarn group with 1 update in the /extensions/css-language-features directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 1 update in the /extensions/git directory: [file-type](https://github.com/sindresorhus/file-type).\nBumps the npm_and_yarn group with 1 update in the /extensions/html-language-features directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 1 update in the /extensions/json-language-features directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 2 updates in the /extensions/markdown-language-features directory: [minimatch](https://github.com/isaacs/minimatch) and [dompurify](https://github.com/cure53/DOMPurify).\nBumps the npm_and_yarn group with 1 update in the /extensions/mermaid-chat-features directory: [dompurify](https://github.com/cure53/DOMPurify).\nBumps the npm_and_yarn group with 1 update in the /extensions/notebook-renderers directory: [@tootallnate/once](https://github.com/TooTallNate/once).\nBumps the npm_and_yarn group with 2 updates in the /extensions/npm directory: [minimatch](https://github.com/isaacs/minimatch) and [js-yaml](https://github.com/nodeca/js-yaml).\nBumps the npm_and_yarn group with 1 update in the /extensions/vscode-api-tests directory: [node-forge](https://github.com/digitalbazaar/forge).\nBumps the npm_and_yarn group with 2 updates in the /remote directory: [undici](https://github.com/nodejs/undici) and [@tootallnate/once](https://github.com/TooTallNate/once).\nBumps the npm_and_yarn group with 1 update in the /test/automation directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 1 update in the /test/integration/browser directory: [minimatch](https://github.com/isaacs/minimatch).\nBumps the npm_and_yarn group with 5 updates in the /test/mcp directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.18.1` | `1.26.0` |\n| [@playwright/mcp](https://github.com/microsoft/playwright-mcp) | `0.0.37` | `0.0.40` |\n\nBumps the npm_and_yarn group with 1 update in the /test/monaco directory: [lodash](https://github.com/lodash/lodash).\nBumps the npm_and_yarn group with 2 updates in the /test/smoke directory: [minimatch](https://github.com/isaacs/minimatch) and [form-data](https://github.com/form-data/form-data).\n\nUpdates `undici` from 7.9.0 to 7.24.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodejs/undici/releases\"\u003eundici's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.24.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: \u003cstrong\u003eproto\u003c/strong\u003e pollution by \u003ca href=\"https://github.com/rahulyadav5524\"\u003e\u003ccode\u003e@​rahulyadav5524\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4885\"\u003enodejs/undici#4885\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/nodejs/undici/compare/v7.24.0...v7.24.1\"\u003ehttps://github.com/nodejs/undici/compare/v7.24.0...v7.24.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.24.0\u003c/h2\u003e\n\u003ch1\u003eUndici v7.24.0 Security Release Notes\u003c/h1\u003e\n\u003cp\u003eThis release addresses multiple security vulnerabilities in Undici.\u003c/p\u003e\n\u003ch2\u003eUpgrade guidance\u003c/h2\u003e\n\u003cp\u003eAll users on v7 should upgrade to \u003cstrong\u003ev7.24.0\u003c/strong\u003e or later.\u003c/p\u003e\n\u003ch2\u003eFixed advisories\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm\"\u003eGHSA-2mjp-6q6p-2qxm\u003c/a\u003e / CVE-2026-1525 (Medium)\u003cbr /\u003e\nInconsistent interpretation of HTTP requests (request/response smuggling class issue).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj\"\u003eGHSA-f269-vfmq-vjvj\u003c/a\u003e / CVE-2026-1528 (High)\u003cbr /\u003e\nMalicious WebSocket 64-bit frame length handling could crash the client.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-phc3-fgpg-7m6h\"\u003eGHSA-phc3-fgpg-7m6h\u003c/a\u003e / CVE-2026-2581 (Medium)\u003cbr /\u003e\nUnbounded memory consumption in deduplication interceptor response buffering (DoS risk).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-4992-7rv2-5pvq\"\u003eGHSA-4992-7rv2-5pvq\u003c/a\u003e / CVE-2026-1527 (Medium)\u003cbr /\u003e\nCRLF injection via the \u003ccode\u003eupgrade\u003c/code\u003e option.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8\"\u003eGHSA-v9p9-hfj2-hcw8\u003c/a\u003e / CVE-2026-2229 (High)\u003cbr /\u003e\nUnhandled exception from invalid \u003ccode\u003eserver_max_window_bits\u003c/code\u003e in WebSocket permessage-deflate negotiation.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q\"\u003eGHSA-vrm6-8vpv-qv8q\u003c/a\u003e / CVE-2026-1526 (High)\u003cbr /\u003e\nUnbounded memory consumption in WebSocket permessage-deflate decompression.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAffected and patched ranges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-1525: affected \u003ccode\u003e7.0.0 \u0026lt; 7.24.0\u003c/code\u003e, patched \u003ccode\u003e7.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1528: affected \u003ccode\u003e7.0.0 \u0026lt; 7.24.0\u003c/code\u003e, patched \u003ccode\u003e7.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-2581: affected \u003ccode\u003e\u0026gt;= 7.17.0 \u0026lt; 7.24.0\u003c/code\u003e, patched \u003ccode\u003e7.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1527: affected \u003ccode\u003e7.0.0 \u0026lt; 7.24.0\u003c/code\u003e, patched \u003ccode\u003e7.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-2229: affected \u003ccode\u003e7.0.0 \u0026lt; 7.24.0\u003c/code\u003e, patched \u003ccode\u003e7.24.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-1526: affected \u003ccode\u003e7.0.0 \u0026lt; 7.24.0\u003c/code\u003e, patched \u003ccode\u003e7.24.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eReferences\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub Security Advisories: \u003ca href=\"https://github.com/nodejs/undici/security/advisories\"\u003ehttps://github.com/nodejs/undici/security/advisories\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1525: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1525\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNVD CVE-2026-1528: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2026-1528\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2026-1528\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/23e3cd362ba6beb3988e6a9a63000336dd219591\"\u003e\u003ccode\u003e23e3cd3\u003c/code\u003e\u003c/a\u003e Bumped v7.24.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/3aedaa8d5f701da767616df2dced7d4daa7c1566\"\u003e\u003ccode\u003e3aedaa8\u003c/code\u003e\u003c/a\u003e remove PLAN.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/0d7ec33ff37563d3e7c98d11d7bca736f330d156\"\u003e\u003ccode\u003e0d7ec33\u003c/code\u003e\u003c/a\u003e fix: \u003cstrong\u003eproto\u003c/strong\u003e pollution (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4885\"\u003e#4885\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/07a39067a0485c1953196f500d945fe09378a176\"\u003e\u003ccode\u003e07a3906\u003c/code\u003e\u003c/a\u003e Bumped v7.24.0 (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/4887\"\u003e#4887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/74495c63ab23ef39be99983ed6de81df5d203d45\"\u003e\u003ccode\u003e74495c6\u003c/code\u003e\u003c/a\u003e fix: reject duplicate content-length and host headers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/84235c62e0fe7494cec13f81d5732db0859df417\"\u003e\u003ccode\u003e84235c6\u003c/code\u003e\u003c/a\u003e Fix websocket 64-bit length overflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/77594f923cef4c27ee0bad365e7b4c44a199edae\"\u003e\u003ccode\u003e77594f9\u003c/code\u003e\u003c/a\u003e fix: validate upgrade header to prevent CRLF injection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/cb79c5704ac47e42ce01a72269994fc70e377536\"\u003e\u003ccode\u003ecb79c57\u003c/code\u003e\u003c/a\u003e fix: validate server_max_window_bits range in permessage-deflate\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/4147ce21277b3566d02d3be789e5f7a490089db2\"\u003e\u003ccode\u003e4147ce2\u003c/code\u003e\u003c/a\u003e Merge commit '2ee00cb3'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/2ee00cb322c76b0bf56829462d7c1dc53d1cbe3d\"\u003e\u003ccode\u003e2ee00cb\u003c/code\u003e\u003c/a\u003e fix(websocket): add maxDecompressedMessageSize limit for permessage-deflate\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodejs/undici/compare/v7.9.0...v7.24.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for undici since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 9.0.5 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 9.0.3 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 7.4.6 to 7.4.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 5.1.6 to 5.1.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 10.0.1 to 10.2.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack` from 5.100.0 to 5.105.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/releases\"\u003ewebpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.105.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eModule.getSourceBasicTypes\u003c/code\u003e to distinguish basic source types and clarify how modules with non-basic source types like \u003ccode\u003eremote\u003c/code\u003e still produce JavaScript output. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20546\"\u003e#20546\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003ecreateRequire\u003c/code\u003e in expressions. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20549\"\u003e#20549\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed types for multi stats. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20556\"\u003e#20556\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove empty needless js output for normal css module. (by \u003ca href=\"https://github.com/JSerFeng\"\u003e\u003ccode\u003e@​JSerFeng\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20162\"\u003e#20162\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate \u003ccode\u003eenhanced-resolve\u003c/code\u003e to support new features for \u003ccode\u003etsconfig.json\u003c/code\u003e. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20555\"\u003e#20555\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNarrows export presence guard detection to explicit existence checks on namespace imports only, i.e. patterns like \u0026quot;x\u0026quot; in ns. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20561\"\u003e#20561\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.105.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eContext modules now handle rejections correctly. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20455\"\u003e#20455\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnly mark asset modules as side-effect-free when \u003ccode\u003eexperimental.futureDefaults\u003c/code\u003e is set to true, so asset-copying use cases (e.g. \u003ccode\u003eimport \u0026quot;./x.png\u0026quot;\u003c/code\u003e) won’t break unless the option is enabled. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20535\"\u003e#20535\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd the missing \u003cstrong\u003ewebpack_exports\u003c/strong\u003e declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20463\"\u003e#20463\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed HMR failure for CSS modules with \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e when exportType !== \u0026quot;link\u0026quot;. When exportType is not \u0026quot;link\u0026quot;, CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e CSS to work correctly during hot module replacement. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20514\"\u003e#20514\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20454\"\u003e#20454\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDo not crash when a referenced chunk is not a runtime chunk. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20461\"\u003e#20461\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some types. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20412\"\u003e#20412\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20510\"\u003e#20510\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded \u003ccode\u003ecreateRequire\u003c/code\u003e support for ECMA modules. (by \u003ca href=\"https://github.com/stefanbinoj\"\u003e\u003ccode\u003e@​stefanbinoj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20497\"\u003e#20497\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded category for CJS reexport dependency to fix issues with ECMA modules. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20444\"\u003e#20444\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImplement immutable bytes for \u003ccode\u003ebytes\u003c/code\u003e import attribute to match tc39 spec. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20481\"\u003e#20481\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed deterministic search for graph roots regardless of edge order. (by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20452\"\u003e#20452\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.105.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eWebpackPluginInstance\u003c/code\u003e type regression. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20440\"\u003e#20440\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.105.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/blob/main/CHANGELOG.md\"\u003ewebpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.105.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003eModule.getSourceBasicTypes\u003c/code\u003e to distinguish basic source types and clarify how modules with non-basic source types like \u003ccode\u003eremote\u003c/code\u003e still produce JavaScript output. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20546\"\u003e#20546\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003ecreateRequire\u003c/code\u003e in expressions. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20549\"\u003e#20549\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed types for multi stats. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20556\"\u003e#20556\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove empty needless js output for normal css module. (by \u003ca href=\"https://github.com/JSerFeng\"\u003e\u003ccode\u003e@​JSerFeng\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20162\"\u003e#20162\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate \u003ccode\u003eenhanced-resolve\u003c/code\u003e to support new features for \u003ccode\u003etsconfig.json\u003c/code\u003e. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20555\"\u003e#20555\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNarrows export presence guard detection to explicit existence checks on namespace imports only, i.e. patterns like \u0026quot;x\u0026quot; in ns. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20561\"\u003e#20561\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.105.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eContext modules now handle rejections correctly. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20455\"\u003e#20455\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnly mark asset modules as side-effect-free when \u003ccode\u003eexperimental.futureDefaults\u003c/code\u003e is set to true, so asset-copying use cases (e.g. \u003ccode\u003eimport \u0026quot;./x.png\u0026quot;\u003c/code\u003e) won’t break unless the option is enabled. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20535\"\u003e#20535\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd the missing \u003cstrong\u003ewebpack_exports\u003c/strong\u003e declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20463\"\u003e#20463\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed HMR failure for CSS modules with \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e when exportType !== \u0026quot;link\u0026quot;. When exportType is not \u0026quot;link\u0026quot;, CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing \u003ca href=\"https://github.com/import\"\u003e\u003ccode\u003e@​import\u003c/code\u003e\u003c/a\u003e CSS to work correctly during hot module replacement. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20514\"\u003e#20514\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by \u003ca href=\"https://github.com/xiaoxiaojx\"\u003e\u003ccode\u003e@​xiaoxiaojx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20454\"\u003e#20454\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDo not crash when a referenced chunk is not a runtime chunk. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20461\"\u003e#20461\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix some types. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20412\"\u003e#20412\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eEnsure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20510\"\u003e#20510\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded \u003ccode\u003ecreateRequire\u003c/code\u003e support for ECMA modules. (by \u003ca href=\"https://github.com/stefanbinoj\"\u003e\u003ccode\u003e@​stefanbinoj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20497\"\u003e#20497\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded category for CJS reexport dependency to fix issues with ECMA modules. (by \u003ca href=\"https://github.com/hai-x\"\u003e\u003ccode\u003e@​hai-x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20444\"\u003e#20444\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImplement immutable bytes for \u003ccode\u003ebytes\u003c/code\u003e import attribute to match tc39 spec. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20481\"\u003e#20481\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed deterministic search for graph roots regardless of edge order. (by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20452\"\u003e#20452\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.105.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eWebpackPluginInstance\u003c/code\u003e type regression. (by \u003ca href=\"https://github.com/alexander-akait\"\u003e\u003ccode\u003e@​alexander-akait\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/webpack/webpack/pull/20440\"\u003e#20440\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/27c13b44c861908793f160f9f7413b32543c0522\"\u003e\u003ccode\u003e27c13b4\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20550\"\u003e#20550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/9b2f41ee98e01a9265c430d2c52fa6a9db0e177a\"\u003e\u003ccode\u003e9b2f41e\u003c/code\u003e\u003c/a\u003e chore: bump terser plugin (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20569\"\u003e#20569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/eafe0605b018dd4e19a46d45fb5d72442772aff1\"\u003e\u003ccode\u003eeafe060\u003c/code\u003e\u003c/a\u003e fix: narrow the export presence guard detection (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20561\"\u003e#20561\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/75d605cb57b23257ee88f99ada7938273ea3a1ff\"\u003e\u003ccode\u003e75d605c\u003c/code\u003e\u003c/a\u003e refactor: add AppendOnlyStackedSet iteration support and tests (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20560\"\u003e#20560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/afa607d0967f6b0259bfe9f62d99ef97db64bdac\"\u003e\u003ccode\u003eafa607d\u003c/code\u003e\u003c/a\u003e refactor: remove unused code (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20562\"\u003e#20562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/40989026fa542ceffa2821e5d25ae0d87c0bd09b\"\u003e\u003ccode\u003e4098902\u003c/code\u003e\u003c/a\u003e test: add source files for web-webworker and web-webworker-auto-public-path (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/f97be67fdd3c59acff2c0da7dd9f04835b037e4c\"\u003e\u003ccode\u003ef97be67\u003c/code\u003e\u003c/a\u003e refactor: fix duplicated word in Compilation JSDoc (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20547\"\u003e#20547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/9d76fff9f645d194c293f12dadf029173e9ed1d1\"\u003e\u003ccode\u003e9d76fff\u003c/code\u003e\u003c/a\u003e refactor: add Module.getSourceBasicTypes for basic JS type detection (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20546\"\u003e#20546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/a3d7839376784b2e44987b77f7d6bcc2ed3a0bdc\"\u003e\u003ccode\u003ea3d7839\u003c/code\u003e\u003c/a\u003e fix: types for multi stats (\u003ca href=\"https://redirect.github.com/webpack/webpack/issues/20556\"\u003e#20556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/b8e9b057bebccf6268d9b348bc23b056c66a067b\"\u003e\u003ccode\u003eb8e9b05\u003c/code\u003e\u003c/a\u003e fix: update \u003ccode\u003eenhanced-resolve\u003c/code\u003e to support new features for \u003ccode\u003etsconfig.json\u003c/code\u003e (#...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpack/webpack/compare/v5.100.0...v5.105.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for webpack since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 8.7.0 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/8.7.0...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tootallnate/once` from 3.0.0 to 3.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/releases\"\u003e\u003ccode\u003e@​tootallnate/once\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e28dbc5d: Fix promise hang when \u003ccode\u003eAbortSignal\u003c/code\u003e is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/blob/master/CHANGELOG.md\"\u003e\u003ccode\u003e@​tootallnate/once\u003c/code\u003e's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e28dbc5d: Fix promise hang when \u003ccode\u003eAbortSignal\u003c/code\u003e is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b31c7623e18b128325a05da02aa0832ee289b893\"\u003e\u003ccode\u003eb31c762\u003c/code\u003e\u003c/a\u003e Fix publish?\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/d2f7407721c023426c1af0712dbd71a3ca91d899\"\u003e\u003ccode\u003ed2f7407\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/TooTallNate/once/issues/9\"\u003e#9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/081645cb260aa86a55e5bffad2f1b52155cee8ea\"\u003e\u003ccode\u003e081645c\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/f01fa45d958113c60f54bf7f83e460741d811a47\"\u003e\u003ccode\u003ef01fa45\u003c/code\u003e\u003c/a\u003e Fix Release job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/28dbc5d7f9342ddfb6014ca5f3dc4206048db9cb\"\u003e\u003ccode\u003e28dbc5d\u003c/code\u003e\u003c/a\u003e Add Changesets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/e66503b7f028a9fe7d22e2547d17cea71be05937\"\u003e\u003ccode\u003ee66503b\u003c/code\u003e\u003c/a\u003e Use pnpm in CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/6ec8b43f617a6feeb78ab98a4eb999123b664d2b\"\u003e\u003ccode\u003e6ec8b43\u003c/code\u003e\u003c/a\u003e Fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b9f43cc5259bee2952d91ad3cdbd201a82df448a\"\u003e\u003ccode\u003eb9f43cc\u003c/code\u003e\u003c/a\u003e Fix promise hang when \u003ccode\u003eAbortSignal\u003c/code\u003e is aborted\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/a8c9dc3b7a241f992ebcde5b6b76ad5f97ce99af\"\u003e\u003ccode\u003ea8c9dc3\u003c/code\u003e\u003c/a\u003e Add pnpm-lock.yaml file\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/TooTallNate/once/compare/3.0.0...v3.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for \u003ccode\u003e@​tootallnate/once\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 3.0.1 to 3.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.3...v3.0.4\"\u003ev3.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/f5e7eb024bc3fc7e2074ff80f143a4f4cbc1dbda\"\u003e\u003ccode\u003ef5e7eb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/1a78b5dd05e508d67e97764d812ac7c6d92ea88d\"\u003e\u003ccode\u003e1a78b5d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/b22a64ef94ba4f3f6ff7d1ac72a54cca128567df\"\u003e\u003ccode\u003eb22a64e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/11d9f7338f18a59b431832a3562b49baece0a432\"\u003e\u003ccode\u003e11d9f73\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.2...v3.0.3\"\u003ev3.0.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/7fecefe4ba8f775634aff86a698776ad95ecffb5\"\u003e\u003ccode\u003e7fecefe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003ecross-spawn\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003epuppeteer\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/8261fcb8bf5944d30ae3bd04b91b71d6a9932ef4\"\u003e\u003ccode\u003e8261fcb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b82f59093cdbadb4b7ec0922d33ae7ab048b82ff\"\u003e\u003ccode\u003eb82f590\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/e5df7f24383342264bd73dee3274818a40d04065\"\u003e\u003ccode\u003ee5df7f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5a5bafee894fead10da49e1fa2b084e17f2e1034\"\u003e\u003ccode\u003e5a5bafe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.2\"\u003ev3.0.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] clean up ignores \u003ca href=\"https://github.com/form-data/form-data/commit/3217b3ded8e382e51171d5c74c6038a21cc54440\"\u003e\u003ccode\u003e3217b3d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: move util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e) \u003ca href=\"https://github.com/form-data/form-data/commit/edb555a811f6f7e4668db4831551cf41c1de1cac\"\u003e\u003ccode\u003eedb555a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/9c82fcdf0858b2764060a87803a55375ffbee6ed\"\u003e\u003ccode\u003e9c82fcd\u003c/code\u003e\u003c/a\u003e v3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e [meta] remove local commit hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/002b9b0c4862576305292ac44f7be25ec7ccea0e\"\u003e\u003ccode\u003e002b9b0\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e [Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.0 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.3...v3.0.4\"\u003ev3.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/f5e7eb024bc3fc7e2074ff80f143a4f4cbc1dbda\"\u003e\u003ccode\u003ef5e7eb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/1a78b5dd05e508d67e97764d812ac7c6d92ea88d\"\u003e\u003ccode\u003e1a78b5d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/b22a64ef94ba4f3f6ff7d1ac72a54cca128567df\"\u003e\u003ccode\u003eb22a64e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/11d9f7338f18a59b431832a3562b49baece0a432\"\u003e\u003ccode\u003e11d9f73\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.2...v3.0.3\"\u003ev3.0.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/7fecefe4ba8f775634aff86a698776ad95ecffb5\"\u003e\u003ccode\u003e7fecefe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003ecross-spawn\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003epuppeteer\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/8261fcb8bf5944d30ae3bd04b91b71d6a9932ef4\"\u003e\u003ccode\u003e8261fcb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b82f59093cdbadb4b7ec0922d33ae7ab048b82ff\"\u003e\u003ccode\u003eb82f590\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/e5df7f24383342264bd73dee3274818a40d04065\"\u003e\u003ccode\u003ee5df7f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5a5bafee894fead10da49e1fa2b084e17f2e1034\"\u003e\u003ccode\u003e5a5bafe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.2\"\u003ev3.0.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] clean up ignores \u003ca href=\"https://github.com/form-data/form-data/commit/3217b3ded8e382e51171d5c74c6038a21cc54440\"\u003e\u003ccode\u003e3217b3d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: move util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e) \u003ca href=\"https://github.com/form-data/form-data/commit/edb555a811f6f7e4668db4831551cf41c1de1cac\"\u003e\u003ccode\u003eedb555a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/9c82fcdf0858b2764060a87803a55375ffbee6ed\"\u003e\u003ccode\u003e9c82fcd\u003c/code\u003e\u003c/a\u003e v3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e [meta] remove local commit hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/002b9b0c4862576305292ac44f7be25ec7ccea0e\"\u003e\u003ccode\u003e002b9b0\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e [Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `braces` from 2.3.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/braces/blob/master/CHANGELOG.md\"\u003ebraces's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog ...\n\n_Description has been truncated_","html_url":"https://github.com/ctrivette96-tech/vscode/pull/20","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ctrivette96-tech%2Fvscode/issues/20","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/20/packages"}},{"old_version":"7.2.3","new_version":"7.2.4","update_type":"patch","path":null,"pr_created_at":"2026-03-13T22:40:25.000Z","version_change":"7.2.3 → 7.2.4","issue":{"uuid":"4073722463","node_id":"PR_kwDOP9kpyc7Kf4rL","number":14,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 24 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-13T22:40:25.000Z","updated_at":"2026-03-13T22:42:36.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":24,"packages":[{"name":"ai","old_version":"5.0.28","new_version":"5.0.52","repository_url":"https://github.com/vercel/ai"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"next","old_version":"15.3.3","new_version":"15.5.10","repository_url":"https://github.com/vercel/next.js"},{"name":"glob","old_version":"11.0.2","new_version":"12.0.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"validator","old_version":"13.15.15","new_version":"13.15.22","repository_url":"https://github.com/validatorjs/validator.js"},{"name":"@modelcontextprotocol/sdk","old_version":"1.12.1","new_version":"1.27.1","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.2.0","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"bn.js","old_version":"4.12.2","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"form-data","old_version":"4.0.3","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"mdast-util-to-hast","old_version":"13.2.0","new_version":"13.2.1","repository_url":"https://github.com/syntax-tree/mdast-util-to-hast"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"qs","old_version":"6.14.0","new_version":"6.15.0","repository_url":"https://github.com/ljharb/qs"},{"name":"rollup","old_version":"4.43.0","new_version":"4.59.0","repository_url":"https://github.com/rollup/rollup"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"3.0.9","new_version":"3.1.2","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"undici","old_version":"7.10.0","new_version":"7.24.1","repository_url":"https://github.com/nodejs/undici"},{"name":"zx","old_version":"7.2.3","new_version":"7.2.4","repository_url":"https://github.com/google/zx"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 22 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ai](https://github.com/vercel/ai) | `5.0.28` | `5.0.52` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [next](https://github.com/vercel/next.js) | `15.3.3` | `15.5.10` |\n| [glob](https://github.com/isaacs/node-glob) | `11.0.2` | `12.0.0` |\n| [validator](https://github.com/validatorjs/validator.js) | `13.15.15` | `13.15.22` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.12.1` | `1.27.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.2.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.2` | `4.12.3` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.3` | `4.0.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) | `13.2.0` | `13.2.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n| [rollup](https://github.com/rollup/rollup) | `4.43.0` | `4.59.0` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `3.0.9` | `3.1.2` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.11` |\n| [undici](https://github.com/nodejs/undici) | `7.10.0` | `7.24.1` |\n| [zx](https://github.com/google/zx) | `7.2.3` | `7.2.4` |\n\n\nUpdates `ai` from 5.0.28 to 5.0.52\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63d5f669098343a49173d788fe1490127e882bd1\"\u003e\u003ccode\u003e63d5f66\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8895\"\u003e#8895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/930399bb9839a8baf3d349614106d78268775eed\"\u003e\u003ccode\u003e930399b\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): download files when intermediate file cannot be downloaded...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7ca78f19a51859de09171daa3b0cefcc9df90a16\"\u003e\u003ccode\u003e7ca78f1\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/gateway): Add new Qwen models to Gateway model string...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1cfc209a5f9f281565538f2880f9c6278ca6bf04\"\u003e\u003ccode\u003e1cfc209\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): \u003ccode\u003eOpenAILanguageModelOptions\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8858\"\u003e#8858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/347b7ecce9953ae427e7fcf5b0441a63a3d44431\"\u003e\u003ccode\u003e347b7ec\u003c/code\u003e\u003c/a\u003e ci: rename \u003ccode\u003ev5.0\u003c/code\u003e branch to \u003ccode\u003erelease-v*\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/85909a9f6448c7e6eb52d780abcca4f96679e719\"\u003e\u003ccode\u003e85909a9\u003c/code\u003e\u003c/a\u003e Backport: chore(ai): update test message (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8875\"\u003e#8875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c56822dd81d5d70bcd5ef230a875f96a224849a4\"\u003e\u003ccode\u003ec56822d\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the `UIMessageChu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1461adf5841cc3f164482fdff72b66b4b22bf866\"\u003e\u003ccode\u003e1461adf\u003c/code\u003e\u003c/a\u003e Backport: chore(examples): remove redundant OpenAI reasoning examples (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8871\"\u003e#8871\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6bd07df02d9f954b389e44da128fc6d1358462d9\"\u003e\u003ccode\u003e6bd07df\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8853\"\u003e#8853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a45d61aa32f2f319254c5e660731085bcd30f273\"\u003e\u003ccode\u003ea45d61a\u003c/code\u003e\u003c/a\u003e ci(release): remove incorrect changeset bump for \u003ccode\u003e@ai-sdk/baseten\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/compare/ai@5.0.28...ai@5.0.52\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 15.3.3 to 15.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.10\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472\"\u003ehttps://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23864\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23864\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.4.11\u003c/h2\u003e\n\u003cp\u003ePlease see this \u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23864\"\u003echangelog\u003c/a\u003e for more information about this security patch.\u003c/p\u003e\n\u003ch2\u003ev15.3.9\u003c/h2\u003e\n\u003cp\u003ePlease see this \u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23864\"\u003echangelog\u003c/a\u003e for more information about this security patch.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/60a2aa97b6692d3a56e483f0ff93febaf6f33fd6\"\u003e\u003ccode\u003e60a2aa9\u003c/code\u003e\u003c/a\u003e v15.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/e5b834d208fe0edf64aa26b5d76dcf6a176500ec\"\u003e\u003ccode\u003ee5b834d\u003c/code\u003e\u003c/a\u003e fetch(next/image): reduce maximumResponseBody from 300MB to 50MB (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/88588\"\u003e#88588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/39a2f6a8d13dfa50cee843f93241c8c1dbaf801e\"\u003e\u003ccode\u003e39a2f6a\u003c/code\u003e\u003c/a\u003e feat(next/image)!: add \u003ccode\u003eimages.maximumResponseBody\u003c/code\u003e config (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/88183\"\u003e#88183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/bf9f0843edab3a7cf9d4c85b315bc33c87b282ce\"\u003e\u003ccode\u003ebf9f084\u003c/code\u003e\u003c/a\u003e Sync DoS mitigations for React Flight\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c5de33e93ccccaf3bee60cf50603e2152f9886e1\"\u003e\u003ccode\u003ec5de33e\u003c/code\u003e\u003c/a\u003e v15.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/dd233994aeb24e906cdb9aedca5447cdef401792\"\u003e\u003ccode\u003edd23399\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/facebook/react/issues/35351\"\u003efacebook/react#35351\u003c/a\u003e for 15.5.8 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/87086\"\u003e#87086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7526cd6f24300726964eaba78927fe2a9c3fed5e\"\u003e\u003ccode\u003e7526cd6\u003c/code\u003e\u003c/a\u003e v15.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/1e9ec4133af3657964833bfcc9abb0ee73fb19f0\"\u003e\u003ccode\u003e1e9ec41\u003c/code\u003e\u003c/a\u003e Update React Version (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/41\"\u003e#41\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/16141e5df9ce51136ba42988b574981f89d01081\"\u003e\u003ccode\u003e16141e5\u003c/code\u003e\u003c/a\u003e Update React Version (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/30\"\u003e#30\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/e01e589e181d66d48c57698238b8b7f59218dfef\"\u003e\u003ccode\u003ee01e589\u003c/code\u003e\u003c/a\u003e Backport Next.js changes to v15.5.8 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/23\"\u003e#23\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v15.3.3...v15.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.2 to 12.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2b03ccaf9fc397b6054d639cd5fbe97104d36221\"\u003e\u003ccode\u003e2b03cca\u003c/code\u003e\u003c/a\u003e 12.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d56203dc19a4af5c8f8177a3b67e63a14a246458\"\u003e\u003ccode\u003ed56203d\u003c/code\u003e\u003c/a\u003e prettier config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bb521e5d188a8cbbe86d5cef3bf57a49fdee7c59\"\u003e\u003ccode\u003ebb521e5\u003c/code\u003e\u003c/a\u003e Remove --shell option where unsafe to use\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2551fb51440d402fa2120457bf460e546ee9964d\"\u003e\u003ccode\u003e2551fb5\u003c/code\u003e\u003c/a\u003e 11.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146\"\u003e\u003ccode\u003e47473c0\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bc33fe1c6a47abd497703d79ad96036e7891ff62\"\u003e\u003ccode\u003ebc33fe1\u003c/code\u003e\u003c/a\u003e skip tilde test on systems that lack tilde expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/59bf9ca211bda5636c4fe9e32d41530c90a4f30d\"\u003e\u003ccode\u003e59bf9ca\u003c/code\u003e\u003c/a\u003e fix notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/dde4fa66c87e24b37bb5be28ed10c6e12019edac\"\u003e\u003ccode\u003edde4fa6\u003c/code\u003e\u003c/a\u003e docs(README): add #anchor and improve \u003ccode\u003enote\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/0559b0ed13c0f8147cd2ac9d48bb49684caaf20e\"\u003e\u003ccode\u003e0559b0e\u003c/code\u003e\u003c/a\u003e docs: add better links to path-scurry docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c9773c249b4b9ed6b2447222c226f9d20c6ce916\"\u003e\u003ccode\u003ec9773c2\u003c/code\u003e\u003c/a\u003e fix: correct typos in \u003ccode\u003eREADME.md\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v11.0.2...v12.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `validator` from 13.15.15 to 13.15.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/releases\"\u003evalidator's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e13.15.22\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003evalidatorjs/validator.js#2622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e-- made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003evalidatorjs/validator.js#2616\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e13.15.20\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003evalidatorjs/validator.js#2563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003evalidatorjs/validator.js#2556\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003evalidatorjs/validator.js#2576\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003evalidatorjs/validator.js#2574\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003evalidatorjs/validator.js#2584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003evalidatorjs/validator.js#2581\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003evalidatorjs/validator.js#2608\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md\"\u003evalidator's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e13.15.22\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e13.15.20\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2b5c17dbe03f2ca9ad9122c597f81e86ce1a9a1\"\u003e\u003ccode\u003ef2b5c17\u003c/code\u003e\u003c/a\u003e maintenance: 2511 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2627\"\u003e#2627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/d457ecaf55b0f3d8bd379d82757425d0d13dd382\"\u003e\u003ccode\u003ed457eca\u003c/code\u003e\u003c/a\u003e fix(isLength): correctly handle Unicode variation selectors (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2616\"\u003e#2616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2e3633f22fd3016656789d100bc451d857e7488\"\u003e\u003ccode\u003ef2e3633\u003c/code\u003e\u003c/a\u003e docs: add install instructions to contibution guide (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2621\"\u003e#2621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cf401458b8733d981a3724d634c795a9d612b516\"\u003e\u003ccode\u003ecf40145\u003c/code\u003e\u003c/a\u003e fix: URL validation for hostnames with ports (no protocol) (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2622\"\u003e#2622\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/4af61243ba0ae93f29e7689040e188b5849ff1b0\"\u003e\u003ccode\u003e4af6124\u003c/code\u003e\u003c/a\u003e maintenance: 2510 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2585\"\u003e#2585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/30d4fe02c16d36ed471f12da658c4b5d843781e0\"\u003e\u003ccode\u003e30d4fe0\u003c/code\u003e\u003c/a\u003e 13.15.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cbef5088f02d36caf978f378bb845fe49bdc0809\"\u003e\u003ccode\u003ecbef508\u003c/code\u003e\u003c/a\u003e fix(isURL): improve protocol detection. Resolves CVE-2025-56200 (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2608\"\u003e#2608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/6f436be36945e460ee624bf72a935a06daded859\"\u003e\u003ccode\u003e6f436be\u003c/code\u003e\u003c/a\u003e Fix typo in validators.test.js (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2581\"\u003e#2581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/3c857088d58197453957a2b924dfedea328003b6\"\u003e\u003ccode\u003e3c85708\u003c/code\u003e\u003c/a\u003e Fix: correct French VAT (FR) validation regex and add tests (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2584\"\u003e#2584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/eee525cd117d24ac905b9432f3f5a27e96aa9719\"\u003e\u003ccode\u003eeee525c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2491\"\u003e#2491\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2573\"\u003e#2573\u003c/a\u003e Simplify isBase64 to prevent stack overflow (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2574\"\u003e#2574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~wikirik\"\u003ewikirik\u003c/a\u003e, a new releaser for validator since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.12.1 to 1.27.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e\u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.27.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: implement auth/pre-registration conformance scenario by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1545\"\u003emodelcontextprotocol/typescript-sdk#1545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add governance documentation for SEP-1730 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1547\"\u003emodelcontextprotocol/typescript-sdk#1547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: comprehensive feature documentation for SEP-1730 Tier 1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1548\"\u003emodelcontextprotocol/typescript-sdk#1548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent command injection in example URL opening (v1.x backport) by \u003ca href=\"https://github.com/maxisbey\"\u003e\u003ccode\u003e@​maxisbey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1579\"\u003emodelcontextprotocol/typescript-sdk#1579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: call onerror for silently swallowed transport errors by \u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.27.1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1581\"\u003emodelcontextprotocol/typescript-sdk#1581\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add conformance test infrastructure for v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1518\"\u003emodelcontextprotocol/typescript-sdk#1518\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: backport discoverOAuthServerInfo() and discovery caching to v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1533\"\u003emodelcontextprotocol/typescript-sdk#1533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add url property to RequestInfo interface by \u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] feat(tasks): add streaming methods for elicitation and sampling by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1528\"\u003emodelcontextprotocol/typescript-sdk#1528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version for v1.27.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1541\"\u003emodelcontextprotocol/typescript-sdk#1541\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.26.0\u003c/h2\u003e\n\u003cp\u003eAddresses \u0026quot;Sharing server/transport instances can leak cross-client response data\u0026quot; in this GHSA \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump v1.25.3 for backport fixes by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1412\"\u003emodelcontextprotocol/typescript-sdk#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by \u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) by \u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.26.0 by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1479\"\u003emodelcontextprotocol/typescript-sdk#1479\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v1.x backport] Use correct schema for client sampling validation when tools are present by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1407\"\u003emodelcontextprotocol/typescript-sdk#1407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent Hono from overriding global Response object (v1.x) by \u003ca href=\"https://github.com/mattzcarey\"\u003e\u003ccode\u003e@​mattzcarey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1411\"\u003emodelcontextprotocol/typescript-sdk#1411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4faa8c899c069a98f8a0c3f804ec1a50dc2bae64\"\u003e\u003ccode\u003e4faa8c8\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.27.1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1581\"\u003e#1581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/09a85a80439f0ca9e5556ac20bdec41461e35234\"\u003e\u003ccode\u003e09a85a8\u003c/code\u003e\u003c/a\u003e fix: call onerror for silently swallowed transport errors (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1580\"\u003e#1580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/e79d14ab6d8fbcb49543cab3917a60a89d0a6df9\"\u003e\u003ccode\u003ee79d14a\u003c/code\u003e\u003c/a\u003e fix: prevent command injection in example URL opening (v1.x backport) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1579\"\u003e#1579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/342ea394ca6e660e294162efdeafc411284bcc0d\"\u003e\u003ccode\u003e342ea39\u003c/code\u003e\u003c/a\u003e docs: comprehensive feature documentation for SEP-1730 Tier 1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1548\"\u003e#1548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/2084a22074d4c8fd54ddc8637783fb10c13edf90\"\u003e\u003ccode\u003e2084a22\u003c/code\u003e\u003c/a\u003e docs: add governance documentation for SEP-1730 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1547\"\u003e#1547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/f2d21458ccccd7cfaa1a2a171a262961591d4d0b\"\u003e\u003ccode\u003ef2d2145\u003c/code\u003e\u003c/a\u003e feat: implement auth/pre-registration conformance scenario (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1545\"\u003e#1545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/8cbc65848388cb0364122f5760cb6b01ff8a3654\"\u003e\u003ccode\u003e8cbc658\u003c/code\u003e\u003c/a\u003e chore: bump version for v1.27.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1541\"\u003e#1541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/5c16ae3339bfa1dd71b0dee1a534e1b6d8be658e\"\u003e\u003ccode\u003e5c16ae3\u003c/code\u003e\u003c/a\u003e [v1.x] feat(tasks): add streaming methods for elicitation and sampling (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1528\"\u003e#1528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/97ab379e4572ac8e38ff8b99891f29a69cfbb5bb\"\u003e\u003ccode\u003e97ab379\u003c/code\u003e\u003c/a\u003e feat: add url property to RequestInfo interface (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/825e9ab80332e7fac19d221f6aae352dc73172fe\"\u003e\u003ccode\u003e825e9ab\u003c/code\u003e\u003c/a\u003e feat: backport discoverOAuthServerInfo() and discovery caching to v1.x (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1533\"\u003e#1533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.12.1...v1.27.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~pcarleton\"\u003epcarleton\u003c/a\u003e, a new releaser for \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5d41e45073ed1a8a3b5e5a1bbfcd131e61295bf8\"\u003e\u003ccode\u003e5d41e45\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/49c2e73ed1cae4962ae38b33ab93a3548c2f5622\"\u003e\u003ccode\u003e49c2e73\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/2a2a0e6514357b9eda07c2f8afbd3f04727a7cd9\"\u003e\u003ccode\u003e2a2a0e6\u003c/code\u003e\u003c/a\u003e Skip invalid filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/65c90d949c0f8a9709759dff9e76bbe07061812b\"\u003e\u003ccode\u003e65c90d9\u003c/code\u003e\u003c/a\u003e Fix permissions for workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/593cb7831bec60d5590acc3eeb2e553f4a431167\"\u003e\u003ccode\u003e593cb78\u003c/code\u003e\u003c/a\u003e Set permissions for workflow jobs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/36adf110beabc9acdcad122149a2ea795a2b1a6c\"\u003e\u003ccode\u003e36adf11\u003c/code\u003e\u003c/a\u003e Remove deprecated CodeQL check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9da4af0e1f82fe372bedc1b7820f55c6eaf012e5\"\u003e\u003ccode\u003e9da4af0\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/699303975bea182b966f9f34a1ecbbebe92afcef\"\u003e\u003ccode\u003e6993039\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0b8f7560e11af817d70ff17f986b334ba2e99b81\"\u003e\u003ccode\u003e0b8f756\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/67a53f21623e4047d28d7a6f98f539f1adc9d1d0\"\u003e\u003ccode\u003e67a53f2\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.2 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.2...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 2.2.0 to 2.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README links by \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: release notes for the v1.20.4 release by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/674\"\u003eexpressjs/body-parser#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update URL-encoded parser description to include ISO-8859-1 encoding support by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/679\"\u003eexpressjs/body-parser#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use standard jsdoc tags everywhere by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/677\"\u003eexpressjs/body-parser#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/689\"\u003eexpressjs/body-parser#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/693\"\u003eexpressjs/body-parser#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.2.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/691\"\u003eexpressjs/body-parser#691\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\"\u003ehttps://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-13466\"\u003eCVE-2025-13466\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/593\"\u003eexpressjs/body-parser#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/594\"\u003eexpressjs/body-parser#594\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: type-is@^2.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/599\"\u003eexpressjs/body-parser#599\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/609\"\u003eexpressjs/body-parser#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/610\"\u003eexpressjs/body-parser#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/611\"\u003eexpressjs/body-parser#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/613\"\u003eexpressjs/body-parser#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/612\"\u003eexpressjs/body-parser#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add codeql github workflows scanning by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/614\"\u003eexpressjs/body-parser#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update CodeQL config to ignore the test directory by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/615\"\u003eexpressjs/body-parser#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/620\"\u003eexpressjs/body-parser#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/619\"\u003eexpressjs/body-parser#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): unpin devDependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/616\"\u003eexpressjs/body-parser#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/621\"\u003eexpressjs/body-parser#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/623\"\u003eexpressjs/body-parser#623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/624\"\u003eexpressjs/body-parser#624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/617\"\u003eexpressjs/body-parser#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/625\"\u003eexpressjs/body-parser#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/630\"\u003eexpressjs/body-parser#630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: move common request validation to read function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/600\"\u003eexpressjs/body-parser#600\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump iconv-lite by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/631\"\u003eexpressjs/body-parser#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: pull beta changelog forward into 2.0.0 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/629\"\u003eexpressjs/body-parser#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: optimize raw and text parsers with shared passthrough function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/634\"\u003eexpressjs/body-parser#634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/640\"\u003eexpressjs/body-parser#640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/639\"\u003eexpressjs/body-parser#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/636\"\u003eexpressjs/body-parser#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/637\"\u003eexpressjs/body-parser#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/638\"\u003eexpressjs/body-parser#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: raw-body@^3.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/641\"\u003eexpressjs/body-parser#641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.2.2 / 2026-01-07\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@^6.14.1\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.1 / 2025-11-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.1\u003c/li\u003e\n\u003cli\u003eiconv-lite@^0.7.0\n\u003cul\u003e\n\u003cli\u003eHandle split surrogate pairs when encoding UTF-8\u003c/li\u003e\n\u003cli\u003eAvoid false positives in \u003ccode\u003eencodingExists\u003c/code\u003e by using prototype-less objects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eraw-body@^3.0.1\u003c/li\u003e\n\u003cli\u003edebug@^4.4.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/3d248660b2e8b66732b232d7c758517fbf2420a6\"\u003e\u003ccode\u003e3d24866\u003c/code\u003e\u003c/a\u003e 2.2.2 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/8474a984c3ba36a1b4328ce019833b99caa0f08f\"\u003e\u003ccode\u003e8474a98\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/693\"\u003e#693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/03f17c2538552a57e6be537afca8c7587bd40aaa\"\u003e\u003ccode\u003e03f17c2\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/689\"\u003e#689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ea1f25e503c1b2f7ba6f8562724ae0fcd247fb75\"\u003e\u003ccode\u003eea1f25e\u003c/code\u003e\u003c/a\u003e docs: use standard jsdoc tags everywhere (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d7deef8ec61307fa28c22bc443cf8ed2f267945a\"\u003e\u003ccode\u003ed7deef8\u003c/code\u003e\u003c/a\u003e docs: update URL-encoded parser description to include ISO-8859-1 encoding su...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b6f52aabc65137c5227c8a462bddb761daeb96e7\"\u003e\u003ccode\u003eb6f52aa\u003c/code\u003e\u003c/a\u003e docs: release notes for the v1.20.4 release (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2965ca4af4883109cb2f651f4ce12da310902a0c\"\u003e\u003ccode\u003e2965ca4\u003c/code\u003e\u003c/a\u003e docs: update links (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d96b63da8d7445de317736471633bac83ec76cbb\"\u003e\u003ccode\u003ed96b63d\u003c/code\u003e\u003c/a\u003e 2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/659\"\u003e#659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63\"\u003e\u003ccode\u003eb204886\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2025-13466\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/e20e3512e085c1162e8ffe36ac65c705a8017251\"\u003e\u003ccode\u003ee20e351\u003c/code\u003e\u003c/a\u003e feat: remove \u003ccode\u003ehistory.md\u003c/code\u003e from being packaged on publish (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.0...v2.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 4.0.2 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 4.0.2 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev4.0.3 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5\"\u003e\u003ccode\u003ef06f3e4\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75\"\u003e\u003ccode\u003e0179a48\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683\"\u003e\u003ccode\u003e4568cae\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a\"\u003e\u003ccode\u003e4de0ffa\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~explodingcabbage\"\u003eexplodingcabbage\u003c/a\u003e, a new releaser for diff since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.3 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.4...v4.0.5\"\u003ev4.0.5\u003c/a\u003e - 2025-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set Symbol.toStringTag in the proper place \u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/68ff7dda8834d6de095a7008cef0e03bc252ca98\"\u003e\u003ccode\u003e68ff7dd\u003c/code\u003e\u003c/a\u003e v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e [Fix] set Symbol.toStringTag in the proper place\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e [Tests] Switch to newer v8 prediction library; enable node 24 testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e [Tests] fix linting errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `immutable` from 5.1.2 to 4.3.8\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md\"\u003eimmutable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e,\nand this project adheres to \u003ca href=\"https://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\nDates are formatted as YYYY-MM-DD.\u003c/p\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003ch2\u003e5.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate some files to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2125\"\u003eimmutable-js/immutable-js#2125\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIterator.ts\u003c/li\u003e\n\u003cli\u003ePairSorting.ts\u003c/li\u003e\n\u003cli\u003etoJS.ts\u003c/li\u003e\n\u003cli\u003eMath.ts\u003c/li\u003e\n\u003cli\u003eHash.ts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eExtract CollectionHelperMethods and convert to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2131\"\u003eimmutable-js/immutable-js#2131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse npm \u003ca href=\"https://docs.npmjs.com/trusted-publishers\"\u003etrusted publishing only\u003c/a\u003e to avoid token stealing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/a11y issues by \u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDoc add Map.get signature update by \u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(doc):minor-issues#2132 by \u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix algolia search by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2135\"\u003eimmutable-js/immutable-js#2135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTypo in OrderedMap by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2144\"\u003eimmutable-js/immutable-js#2144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: Sort all imports and activate eslint import rule by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2119\"\u003eimmutable-js/immutable-js#2119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.3\u003c/h2\u003e\n\u003ch3\u003eTypeScript\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: allow readonly map entry constructor by \u003ca href=\"https://github.com/septs\"\u003e\u003ccode\u003e@​septs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2123\"\u003eimmutable-js/immutable-js#2123\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cp\u003eThere has been a huge amount of changes in the documentation, mainly migrate from an autogenerated documentation from .d.ts file, to a proper documentation in markdown.\nThe playground has been included on ...\n\n_Description has been truncated_\n\n---\n\n🔄 This PR is an automated dependency update that bumps 24 npm packages across the monorepo, including major updates to Next.js (15.3.3 → 15.5.10), AI SDK (5.0.28 → 5.0.52), and lodash (4.17.21 → 4.17.23), along with various security patches and bug fixes.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Framework Updates**: Next.js updated from 15.3.3 to 15.5.10, bringing security fixes for CVE-2025-59471, CVE-2025-59472, and CVE-2026-23864\n- **AI SDK Enhancement**: Vercel AI SDK updated from 5.0.28 to 5.0.52 with new features and bug fixes across multiple packages\n- **Security Patches**: Multiple packages received security updates including lodash (prototype pollution fix), validator (CVE-2025-56200), and glob (command injection prevention)\n- **Utility Libraries**: Updates to core utilities like nanoid (5.1.5 → 5.1.6), validator (13.15.15 → 13.15.22), and various build tools\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 24 Outdated Packages]\n    B --\u003e C[Security Vulnerabilities Found]\n    B --\u003e D[Feature Updates Available]\n    C --\u003e E[Apply Security Patches]\n    D --\u003e F[Update Framework Versions]\n    E --\u003e G[Update package.json Files]\n    F --\u003e G\n    G --\u003e H[15 Package Files Modified]\n    H --\u003e I[Maintain Workspace Dependencies]\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple CVEs including prototype pollution, command injection, and URL validation vulnerabilities\n- **Framework Improvements**: Next.js updates bring performance optimizations, bug fixes, and enhanced image handling capabilities\n- **Development Experience**: Updated AI SDK provides better streaming support, OAuth improvements, and enhanced error handling\n- **Maintenance**: Automated dependency management ensures the project stays current with latest patches and improvements\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/plate/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Fplate/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"}},{"old_version":"7.2.3","new_version":"7.2.4","update_type":"patch","path":null,"pr_created_at":"2026-03-11T20:55:08.000Z","version_change":"7.2.3 → 7.2.4","issue":{"uuid":"4060620282","node_id":"PR_kwDOP9kpyc7J1UAx","number":13,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 24 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-11T20:55:08.000Z","updated_at":"2026-03-11T20:58:10.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":24,"packages":[{"name":"ai","old_version":"5.0.28","new_version":"5.0.52","repository_url":"https://github.com/vercel/ai"},{"name":"lodash","old_version":"4.17.21","new_version":"4.17.23","repository_url":"https://github.com/lodash/lodash"},{"name":"next","old_version":"15.3.3","new_version":"15.5.10","repository_url":"https://github.com/vercel/next.js"},{"name":"glob","old_version":"11.0.2","new_version":"12.0.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"validator","old_version":"13.15.15","new_version":"13.15.22","repository_url":"https://github.com/validatorjs/validator.js"},{"name":"@modelcontextprotocol/sdk","old_version":"1.12.1","new_version":"1.27.1","repository_url":"https://github.com/modelcontextprotocol/typescript-sdk"},{"name":"ajv","old_version":"6.12.6","new_version":"6.14.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"basic-ftp","old_version":"5.0.5","new_version":"5.2.0","repository_url":"https://github.com/patrickjuchli/basic-ftp"},{"name":"bn.js","old_version":"4.12.2","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"form-data","old_version":"4.0.3","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"mdast-util-to-hast","old_version":"13.2.0","new_version":"13.2.1","repository_url":"https://github.com/syntax-tree/mdast-util-to-hast"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"qs","old_version":"6.14.0","new_version":"6.15.0","repository_url":"https://github.com/ljharb/qs"},{"name":"rollup","old_version":"4.43.0","new_version":"4.59.0","repository_url":"https://github.com/rollup/rollup"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"3.0.9","new_version":"3.1.2","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"undici","old_version":"7.10.0","new_version":"7.22.0","repository_url":"https://github.com/nodejs/undici"},{"name":"zx","old_version":"7.2.3","new_version":"7.2.4","repository_url":"https://github.com/google/zx"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 22 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ai](https://github.com/vercel/ai) | `5.0.28` | `5.0.52` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [next](https://github.com/vercel/next.js) | `15.3.3` | `15.5.10` |\n| [glob](https://github.com/isaacs/node-glob) | `11.0.2` | `12.0.0` |\n| [validator](https://github.com/validatorjs/validator.js) | `13.15.15` | `13.15.22` |\n| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.12.1` | `1.27.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` |\n| [basic-ftp](https://github.com/patrickjuchli/basic-ftp) | `5.0.5` | `5.2.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.2` | `4.12.3` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.3` | `4.0.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast) | `13.2.0` | `13.2.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [qs](https://github.com/ljharb/qs) | `6.14.0` | `6.15.0` |\n| [rollup](https://github.com/rollup/rollup) | `4.43.0` | `4.59.0` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `3.0.9` | `3.1.2` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.11` |\n| [undici](https://github.com/nodejs/undici) | `7.10.0` | `7.22.0` |\n| [zx](https://github.com/google/zx) | `7.2.3` | `7.2.4` |\n\n\nUpdates `ai` from 5.0.28 to 5.0.52\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/63d5f669098343a49173d788fe1490127e882bd1\"\u003e\u003ccode\u003e63d5f66\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8895\"\u003e#8895\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/930399bb9839a8baf3d349614106d78268775eed\"\u003e\u003ccode\u003e930399b\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): download files when intermediate file cannot be downloaded...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7ca78f19a51859de09171daa3b0cefcc9df90a16\"\u003e\u003ccode\u003e7ca78f1\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/gateway): Add new Qwen models to Gateway model string...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1cfc209a5f9f281565538f2880f9c6278ca6bf04\"\u003e\u003ccode\u003e1cfc209\u003c/code\u003e\u003c/a\u003e Backport: feat(provider/openai): \u003ccode\u003eOpenAILanguageModelOptions\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8858\"\u003e#8858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/347b7ecce9953ae427e7fcf5b0441a63a3d44431\"\u003e\u003ccode\u003e347b7ec\u003c/code\u003e\u003c/a\u003e ci: rename \u003ccode\u003ev5.0\u003c/code\u003e branch to \u003ccode\u003erelease-v*\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/85909a9f6448c7e6eb52d780abcca4f96679e719\"\u003e\u003ccode\u003e85909a9\u003c/code\u003e\u003c/a\u003e Backport: chore(ai): update test message (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8875\"\u003e#8875\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c56822dd81d5d70bcd5ef230a875f96a224849a4\"\u003e\u003ccode\u003ec56822d\u003c/code\u003e\u003c/a\u003e Backport: fix(ai): update \u003ccode\u003euiMessageChunkSchema\u003c/code\u003e to satisfy the `UIMessageChu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1461adf5841cc3f164482fdff72b66b4b22bf866\"\u003e\u003ccode\u003e1461adf\u003c/code\u003e\u003c/a\u003e Backport: chore(examples): remove redundant OpenAI reasoning examples (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8871\"\u003e#8871\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6bd07df02d9f954b389e44da128fc6d1358462d9\"\u003e\u003ccode\u003e6bd07df\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/vercel/ai/issues/8853\"\u003e#8853\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a45d61aa32f2f319254c5e660731085bcd30f273\"\u003e\u003ccode\u003ea45d61a\u003c/code\u003e\u003c/a\u003e ci(release): remove incorrect changeset bump for \u003ccode\u003e@ai-sdk/baseten\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/compare/ai@5.0.28...ai@5.0.52\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.17.23\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb\"\u003e\u003ccode\u003edec55b7\u003c/code\u003e\u003c/a\u003e Bump main to v4.17.23 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6088\"\u003e#6088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117\"\u003e\u003ccode\u003e19c9251\u003c/code\u003e\u003c/a\u003e fix: setCacheHas JSDoc return type should be boolean (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6071\"\u003e#6071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578\"\u003e\u003ccode\u003eb5e6729\u003c/code\u003e\u003c/a\u003e jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6062\"\u003e#6062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81\"\u003e\u003ccode\u003eedadd45\u003c/code\u003e\u003c/a\u003e Prevent prototype pollution on baseUnset function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d\"\u003e\u003ccode\u003e4879a7a\u003c/code\u003e\u003c/a\u003e doc: fix autoLink function, conversion of source links (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6056\"\u003e#6056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8\"\u003e\u003ccode\u003e9648f69\u003c/code\u003e\u003c/a\u003e chore: remove \u003ccode\u003eyarn.lock\u003c/code\u003e file (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6053\"\u003e#6053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9\"\u003e\u003ccode\u003edfa407d\u003c/code\u003e\u003c/a\u003e ci: remove legacy configuration files (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6052\"\u003e#6052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64\"\u003e\u003ccode\u003e156e196\u003c/code\u003e\u003c/a\u003e feat: add renovate setup (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6039\"\u003e#6039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce\"\u003e\u003ccode\u003e933e106\u003c/code\u003e\u003c/a\u003e ci: add pipeline for Bun (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6023\"\u003e#6023\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20\"\u003e\u003ccode\u003e072a807\u003c/code\u003e\u003c/a\u003e docs: update links related to Open JS Foundation (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/5968\"\u003e#5968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.17.23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 15.3.3 to 15.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.10\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472\"\u003ehttps://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23864\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23864\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.4.11\u003c/h2\u003e\n\u003cp\u003ePlease see this \u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23864\"\u003echangelog\u003c/a\u003e for more information about this security patch.\u003c/p\u003e\n\u003ch2\u003ev15.3.9\u003c/h2\u003e\n\u003cp\u003ePlease see this \u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23864\"\u003echangelog\u003c/a\u003e for more information about this security patch.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/60a2aa97b6692d3a56e483f0ff93febaf6f33fd6\"\u003e\u003ccode\u003e60a2aa9\u003c/code\u003e\u003c/a\u003e v15.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/e5b834d208fe0edf64aa26b5d76dcf6a176500ec\"\u003e\u003ccode\u003ee5b834d\u003c/code\u003e\u003c/a\u003e fetch(next/image): reduce maximumResponseBody from 300MB to 50MB (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/88588\"\u003e#88588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/39a2f6a8d13dfa50cee843f93241c8c1dbaf801e\"\u003e\u003ccode\u003e39a2f6a\u003c/code\u003e\u003c/a\u003e feat(next/image)!: add \u003ccode\u003eimages.maximumResponseBody\u003c/code\u003e config (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/88183\"\u003e#88183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/bf9f0843edab3a7cf9d4c85b315bc33c87b282ce\"\u003e\u003ccode\u003ebf9f084\u003c/code\u003e\u003c/a\u003e Sync DoS mitigations for React Flight\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c5de33e93ccccaf3bee60cf50603e2152f9886e1\"\u003e\u003ccode\u003ec5de33e\u003c/code\u003e\u003c/a\u003e v15.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/dd233994aeb24e906cdb9aedca5447cdef401792\"\u003e\u003ccode\u003edd23399\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/facebook/react/issues/35351\"\u003efacebook/react#35351\u003c/a\u003e for 15.5.8 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/87086\"\u003e#87086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7526cd6f24300726964eaba78927fe2a9c3fed5e\"\u003e\u003ccode\u003e7526cd6\u003c/code\u003e\u003c/a\u003e v15.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/1e9ec4133af3657964833bfcc9abb0ee73fb19f0\"\u003e\u003ccode\u003e1e9ec41\u003c/code\u003e\u003c/a\u003e Update React Version (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/41\"\u003e#41\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/16141e5df9ce51136ba42988b574981f89d01081\"\u003e\u003ccode\u003e16141e5\u003c/code\u003e\u003c/a\u003e Update React Version (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/30\"\u003e#30\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/e01e589e181d66d48c57698238b8b7f59218dfef\"\u003e\u003ccode\u003ee01e589\u003c/code\u003e\u003c/a\u003e Backport Next.js changes to v15.5.8 (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/23\"\u003e#23\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v15.3.3...v15.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 11.0.2 to 12.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2b03ccaf9fc397b6054d639cd5fbe97104d36221\"\u003e\u003ccode\u003e2b03cca\u003c/code\u003e\u003c/a\u003e 12.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d56203dc19a4af5c8f8177a3b67e63a14a246458\"\u003e\u003ccode\u003ed56203d\u003c/code\u003e\u003c/a\u003e prettier config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bb521e5d188a8cbbe86d5cef3bf57a49fdee7c59\"\u003e\u003ccode\u003ebb521e5\u003c/code\u003e\u003c/a\u003e Remove --shell option where unsafe to use\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/2551fb51440d402fa2120457bf460e546ee9964d\"\u003e\u003ccode\u003e2551fb5\u003c/code\u003e\u003c/a\u003e 11.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146\"\u003e\u003ccode\u003e47473c0\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/bc33fe1c6a47abd497703d79ad96036e7891ff62\"\u003e\u003ccode\u003ebc33fe1\u003c/code\u003e\u003c/a\u003e skip tilde test on systems that lack tilde expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/59bf9ca211bda5636c4fe9e32d41530c90a4f30d\"\u003e\u003ccode\u003e59bf9ca\u003c/code\u003e\u003c/a\u003e fix notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/dde4fa66c87e24b37bb5be28ed10c6e12019edac\"\u003e\u003ccode\u003edde4fa6\u003c/code\u003e\u003c/a\u003e docs(README): add #anchor and improve \u003ccode\u003enote\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/0559b0ed13c0f8147cd2ac9d48bb49684caaf20e\"\u003e\u003ccode\u003e0559b0e\u003c/code\u003e\u003c/a\u003e docs: add better links to path-scurry docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c9773c249b4b9ed6b2447222c226f9d20c6ce916\"\u003e\u003ccode\u003ec9773c2\u003c/code\u003e\u003c/a\u003e fix: correct typos in \u003ccode\u003eREADME.md\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v11.0.2...v12.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for glob since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `validator` from 13.15.15 to 13.15.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/releases\"\u003evalidator's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e13.15.22\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003evalidatorjs/validator.js#2622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e-- made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003evalidatorjs/validator.js#2616\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.20...13.15.22\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e13.15.20\u003c/h2\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003evalidatorjs/validator.js#2563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003evalidatorjs/validator.js#2556\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003evalidatorjs/validator.js#2576\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003evalidatorjs/validator.js#2574\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003evalidatorjs/validator.js#2584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003evalidatorjs/validator.js#2581\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003evalidatorjs/validator.js#2608\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\"\u003ehttps://github.com/validatorjs/validator.js/compare/13.15.15...13.15.20\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md\"\u003evalidator's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e13.15.22\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2622\"\u003e#2622\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: fix regression with hostnames with ports \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2616\"\u003e#2616\u003c/a\u003e \u003ccode\u003eisLength\u003c/code\u003e: improve handling Unicode variation selectors \u003ca href=\"https://github.com/koral\"\u003e\u003ccode\u003e@​koral\u003c/code\u003e\u003c/a\u003e--\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2621\"\u003e#2621\u003c/a\u003e \u003ca href=\"https://github.com/mbtools\"\u003e\u003ccode\u003e@​mbtools\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e13.15.20\u003c/h1\u003e\n\u003ch3\u003eFixes, New Locales and Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2556\"\u003e#2556\u003c/a\u003e \u003ccode\u003eisMobilePhone\u003c/code\u003e: add \u003ccode\u003ear-QA\u003c/code\u003e locale \u003ca href=\"https://github.com/WardKhaddour\"\u003e\u003ccode\u003e@​WardKhaddour\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2576\"\u003e#2576\u003c/a\u003e \u003ccode\u003eisAlpha\u003c/code\u003e/\u003ccode\u003eisAlphanuneric\u003c/code\u003e: add Indic locales (\u003ccode\u003eta-IN\u003c/code\u003e, \u003ccode\u003ete-IN\u003c/code\u003e, \u003ccode\u003ekn-IN\u003c/code\u003e, \u003ccode\u003eml-IN\u003c/code\u003e, \u003ccode\u003egu-IN\u003c/code\u003e, \u003ccode\u003epa-IN\u003c/code\u003e, \u003ccode\u003eor-IN\u003c/code\u003e) \u003ca href=\"https://github.com/avadootharajesh\"\u003e\u003ccode\u003e@​avadootharajesh\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2574\"\u003e#2574\u003c/a\u003e \u003ccode\u003eisBase64\u003c/code\u003e: improve padding regex \u003ca href=\"https://github.com/KrayzeeKev\"\u003e\u003ccode\u003e@​KrayzeeKev\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2584\"\u003e#2584\u003c/a\u003e \u003ccode\u003eisVAT\u003c/code\u003e: improve \u003ccode\u003eFR\u003c/code\u003e locale \u003ca href=\"https://github.com/iamAmer\"\u003e\u003ccode\u003e@​iamAmer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2608\"\u003e#2608\u003c/a\u003e \u003ccode\u003eisURL\u003c/code\u003e: improve protocol detection. Resolves CVE-2025-56200 \u003ca href=\"https://github.com/theofidry\"\u003e\u003ccode\u003e@​theofidry\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDoc fixes and others:\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2563\"\u003e#2563\u003c/a\u003e \u003ca href=\"https://github.com/stoneLeaf\"\u003e\u003ccode\u003e@​stoneLeaf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/pull/2581\"\u003e#2581\u003c/a\u003e \u003ca href=\"https://github.com/camillobruni\"\u003e\u003ccode\u003e@​camillobruni\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2b5c17dbe03f2ca9ad9122c597f81e86ce1a9a1\"\u003e\u003ccode\u003ef2b5c17\u003c/code\u003e\u003c/a\u003e maintenance: 2511 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2627\"\u003e#2627\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/d457ecaf55b0f3d8bd379d82757425d0d13dd382\"\u003e\u003ccode\u003ed457eca\u003c/code\u003e\u003c/a\u003e fix(isLength): correctly handle Unicode variation selectors (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2616\"\u003e#2616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/f2e3633f22fd3016656789d100bc451d857e7488\"\u003e\u003ccode\u003ef2e3633\u003c/code\u003e\u003c/a\u003e docs: add install instructions to contibution guide (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2621\"\u003e#2621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cf401458b8733d981a3724d634c795a9d612b516\"\u003e\u003ccode\u003ecf40145\u003c/code\u003e\u003c/a\u003e fix: URL validation for hostnames with ports (no protocol) (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2622\"\u003e#2622\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/4af61243ba0ae93f29e7689040e188b5849ff1b0\"\u003e\u003ccode\u003e4af6124\u003c/code\u003e\u003c/a\u003e maintenance: 2510 release (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2585\"\u003e#2585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/30d4fe02c16d36ed471f12da658c4b5d843781e0\"\u003e\u003ccode\u003e30d4fe0\u003c/code\u003e\u003c/a\u003e 13.15.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/cbef5088f02d36caf978f378bb845fe49bdc0809\"\u003e\u003ccode\u003ecbef508\u003c/code\u003e\u003c/a\u003e fix(isURL): improve protocol detection. Resolves CVE-2025-56200 (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2608\"\u003e#2608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/6f436be36945e460ee624bf72a935a06daded859\"\u003e\u003ccode\u003e6f436be\u003c/code\u003e\u003c/a\u003e Fix typo in validators.test.js (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2581\"\u003e#2581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/3c857088d58197453957a2b924dfedea328003b6\"\u003e\u003ccode\u003e3c85708\u003c/code\u003e\u003c/a\u003e Fix: correct French VAT (FR) validation regex and add tests (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2584\"\u003e#2584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/validatorjs/validator.js/commit/eee525cd117d24ac905b9432f3f5a27e96aa9719\"\u003e\u003ccode\u003eeee525c\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2491\"\u003e#2491\u003c/a\u003e \u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2573\"\u003e#2573\u003c/a\u003e Simplify isBase64 to prevent stack overflow (\u003ca href=\"https://redirect.github.com/validatorjs/validator.js/issues/2574\"\u003e#2574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/validatorjs/validator.js/compare/13.15.15...13.15.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~wikirik\"\u003ewikirik\u003c/a\u003e, a new releaser for validator since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@modelcontextprotocol/sdk` from 1.12.1 to 1.27.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/releases\"\u003e\u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.27.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: implement auth/pre-registration conformance scenario by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1545\"\u003emodelcontextprotocol/typescript-sdk#1545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add governance documentation for SEP-1730 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1547\"\u003emodelcontextprotocol/typescript-sdk#1547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: comprehensive feature documentation for SEP-1730 Tier 1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1548\"\u003emodelcontextprotocol/typescript-sdk#1548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent command injection in example URL opening (v1.x backport) by \u003ca href=\"https://github.com/maxisbey\"\u003e\u003ccode\u003e@​maxisbey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1579\"\u003emodelcontextprotocol/typescript-sdk#1579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: call onerror for silently swallowed transport errors by \u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.27.1 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1581\"\u003emodelcontextprotocol/typescript-sdk#1581\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qing-ant\"\u003e\u003ccode\u003e@​qing-ant\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1580\"\u003emodelcontextprotocol/typescript-sdk#1580\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.27.0...v1.27.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add conformance test infrastructure for v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1518\"\u003emodelcontextprotocol/typescript-sdk#1518\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: backport discoverOAuthServerInfo() and discovery caching to v1.x by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1533\"\u003emodelcontextprotocol/typescript-sdk#1533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add url property to RequestInfo interface by \u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[v1.x] feat(tasks): add streaming methods for elicitation and sampling by \u003ca href=\"https://github.com/LucaButBoring\"\u003e\u003ccode\u003e@​LucaButBoring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1528\"\u003emodelcontextprotocol/typescript-sdk#1528\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version for v1.27.0 by \u003ca href=\"https://github.com/felixweinberger\"\u003e\u003ccode\u003e@​felixweinberger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1541\"\u003emodelcontextprotocol/typescript-sdk#1541\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/valentinbeggi\"\u003e\u003ccode\u003e@​valentinbeggi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1353\"\u003emodelcontextprotocol/typescript-sdk#1353\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.26.0...v1.27.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.26.0\u003c/h2\u003e\n\u003cp\u003eAddresses \u0026quot;Sharing server/transport instances can leak cross-client response data\u0026quot; in this GHSA \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-345p-7cg4-v4c7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump v1.25.3 for backport fixes by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1412\"\u003emodelcontextprotocol/typescript-sdk#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by \u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1430\"\u003e#1430\u003c/a\u003e: Client Credentials providers scopes support (backported) by \u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 1.26.0 by \u003ca href=\"https://github.com/pcarleton\"\u003e\u003ccode\u003e@​pcarleton\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1479\"\u003emodelcontextprotocol/typescript-sdk#1479\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/samuv\"\u003e\u003ccode\u003e@​samuv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1382\"\u003emodelcontextprotocol/typescript-sdk#1382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NSeydoux\"\u003e\u003ccode\u003e@​NSeydoux\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1442\"\u003emodelcontextprotocol/typescript-sdk#1442\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.3...v1.26.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v1.x backport] Use correct schema for client sampling validation when tools are present by \u003ca href=\"https://github.com/olaservo\"\u003e\u003ccode\u003e@​olaservo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1407\"\u003emodelcontextprotocol/typescript-sdk#1407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent Hono from overriding global Response object (v1.x) by \u003ca href=\"https://github.com/mattzcarey\"\u003e\u003ccode\u003e@​mattzcarey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/pull/1411\"\u003emodelcontextprotocol/typescript-sdk#1411\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\"\u003ehttps://github.com/modelcontextprotocol/typescript-sdk/compare/v1.25.2...v1.25.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/4faa8c899c069a98f8a0c3f804ec1a50dc2bae64\"\u003e\u003ccode\u003e4faa8c8\u003c/code\u003e\u003c/a\u003e chore: bump version to 1.27.1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1581\"\u003e#1581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/09a85a80439f0ca9e5556ac20bdec41461e35234\"\u003e\u003ccode\u003e09a85a8\u003c/code\u003e\u003c/a\u003e fix: call onerror for silently swallowed transport errors (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1580\"\u003e#1580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/e79d14ab6d8fbcb49543cab3917a60a89d0a6df9\"\u003e\u003ccode\u003ee79d14a\u003c/code\u003e\u003c/a\u003e fix: prevent command injection in example URL opening (v1.x backport) (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1579\"\u003e#1579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/342ea394ca6e660e294162efdeafc411284bcc0d\"\u003e\u003ccode\u003e342ea39\u003c/code\u003e\u003c/a\u003e docs: comprehensive feature documentation for SEP-1730 Tier 1 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1548\"\u003e#1548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/2084a22074d4c8fd54ddc8637783fb10c13edf90\"\u003e\u003ccode\u003e2084a22\u003c/code\u003e\u003c/a\u003e docs: add governance documentation for SEP-1730 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1547\"\u003e#1547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/f2d21458ccccd7cfaa1a2a171a262961591d4d0b\"\u003e\u003ccode\u003ef2d2145\u003c/code\u003e\u003c/a\u003e feat: implement auth/pre-registration conformance scenario (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1545\"\u003e#1545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/8cbc65848388cb0364122f5760cb6b01ff8a3654\"\u003e\u003ccode\u003e8cbc658\u003c/code\u003e\u003c/a\u003e chore: bump version for v1.27.0 (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1541\"\u003e#1541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/5c16ae3339bfa1dd71b0dee1a534e1b6d8be658e\"\u003e\u003ccode\u003e5c16ae3\u003c/code\u003e\u003c/a\u003e [v1.x] feat(tasks): add streaming methods for elicitation and sampling (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1528\"\u003e#1528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/97ab379e4572ac8e38ff8b99891f29a69cfbb5bb\"\u003e\u003ccode\u003e97ab379\u003c/code\u003e\u003c/a\u003e feat: add url property to RequestInfo interface (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/commit/825e9ab80332e7fac19d221f6aae352dc73172fe\"\u003e\u003ccode\u003e825e9ab\u003c/code\u003e\u003c/a\u003e feat: backport discoverOAuthServerInfo() and discovery caching to v1.x (\u003ca href=\"https://redirect.github.com/modelcontextprotocol/typescript-sdk/issues/1533\"\u003e#1533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/modelcontextprotocol/typescript-sdk/compare/1.12.1...v1.27.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~pcarleton\"\u003epcarleton\u003c/a\u003e, a new releaser for \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.14.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `basic-ftp` from 5.0.5 to 5.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/releases\"\u003ebasic-ftp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md\"\u003ebasic-ftp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanged: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\"\u003ehttps://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-5rq4-664w-9x2c\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded: Add the option to prevent the use of separate transfer host IPs when using PASV. (\u003ca href=\"https://redirect.github.com/patrickjuchli/basic-ftp/issues/259\"\u003e#259\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/5d41e45073ed1a8a3b5e5a1bbfcd131e61295bf8\"\u003e\u003ccode\u003e5d41e45\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/49c2e73ed1cae4962ae38b33ab93a3548c2f5622\"\u003e\u003ccode\u003e49c2e73\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/2a2a0e6514357b9eda07c2f8afbd3f04727a7cd9\"\u003e\u003ccode\u003e2a2a0e6\u003c/code\u003e\u003c/a\u003e Skip invalid filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/65c90d949c0f8a9709759dff9e76bbe07061812b\"\u003e\u003ccode\u003e65c90d9\u003c/code\u003e\u003c/a\u003e Fix permissions for workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/593cb7831bec60d5590acc3eeb2e553f4a431167\"\u003e\u003ccode\u003e593cb78\u003c/code\u003e\u003c/a\u003e Set permissions for workflow jobs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/36adf110beabc9acdcad122149a2ea795a2b1a6c\"\u003e\u003ccode\u003e36adf11\u003c/code\u003e\u003c/a\u003e Remove deprecated CodeQL check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/9da4af0e1f82fe372bedc1b7820f55c6eaf012e5\"\u003e\u003ccode\u003e9da4af0\u003c/code\u003e\u003c/a\u003e Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/699303975bea182b966f9f34a1ecbbebe92afcef\"\u003e\u003ccode\u003e6993039\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/0b8f7560e11af817d70ff17f986b334ba2e99b81\"\u003e\u003ccode\u003e0b8f756\u003c/code\u003e\u003c/a\u003e Improve naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/patrickjuchli/basic-ftp/commit/67a53f21623e4047d28d7a6f98f539f1adc9d1d0\"\u003e\u003ccode\u003e67a53f2\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/patrickjuchli/basic-ftp/compare/v5.0.5...v5.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~patrickjuchli\"\u003epatrickjuchli\u003c/a\u003e, a new releaser for basic-ftp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.2 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.2...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 2.2.0 to 2.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README links by \u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: release notes for the v1.20.4 release by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/674\"\u003eexpressjs/body-parser#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update URL-encoded parser description to include ISO-8859-1 encoding support by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/679\"\u003eexpressjs/body-parser#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: use standard jsdoc tags everywhere by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/677\"\u003eexpressjs/body-parser#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/689\"\u003eexpressjs/body-parser#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/693\"\u003eexpressjs/body-parser#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.2.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/691\"\u003eexpressjs/body-parser#691\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efekrskl\"\u003e\u003ccode\u003e@​efekrskl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/673\"\u003eexpressjs/body-parser#673\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\"\u003ehttps://github.com/expressjs/body-parser/compare/v2.2.1...v2.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-13466\"\u003eCVE-2025-13466\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: add dependabot by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/593\"\u003eexpressjs/body-parser#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use full SHAs for github action versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/594\"\u003eexpressjs/body-parser#594\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: type-is@^2.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/599\"\u003eexpressjs/body-parser#599\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/609\"\u003eexpressjs/body-parser#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/610\"\u003eexpressjs/body-parser#610\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/611\"\u003eexpressjs/body-parser#611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/613\"\u003eexpressjs/body-parser#613\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/612\"\u003eexpressjs/body-parser#612\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add codeql github workflows scanning by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/614\"\u003eexpressjs/body-parser#614\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: update CodeQL config to ignore the test directory by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/615\"\u003eexpressjs/body-parser#615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/620\"\u003eexpressjs/body-parser#620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/619\"\u003eexpressjs/body-parser#619\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): unpin devDependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/616\"\u003eexpressjs/body-parser#616\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/621\"\u003eexpressjs/body-parser#621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/623\"\u003eexpressjs/body-parser#623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/624\"\u003eexpressjs/body-parser#624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/617\"\u003eexpressjs/body-parser#617\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/625\"\u003eexpressjs/body-parser#625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/630\"\u003eexpressjs/body-parser#630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: move common request validation to read function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/600\"\u003eexpressjs/body-parser#600\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump iconv-lite by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/631\"\u003eexpressjs/body-parser#631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: pull beta changelog forward into 2.0.0 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/629\"\u003eexpressjs/body-parser#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: optimize raw and text parsers with shared passthrough function by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/634\"\u003eexpressjs/body-parser#634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/640\"\u003eexpressjs/body-parser#640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/639\"\u003eexpressjs/body-parser#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/636\"\u003eexpressjs/body-parser#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/637\"\u003eexpressjs/body-parser#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/638\"\u003eexpressjs/body-parser#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: raw-body@^3.0.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/641\"\u003eexpressjs/body-parser#641\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/master/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.2.2 / 2026-01-07\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@^6.14.1\u003c/li\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.2.1 / 2025-11-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4\"\u003eGHSA-wqch-xfxh-vrr4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps:\n\u003cul\u003e\n\u003cli\u003etype-is@^2.0.1\u003c/li\u003e\n\u003cli\u003eiconv-lite@^0.7.0\n\u003cul\u003e\n\u003cli\u003eHandle split surrogate pairs when encoding UTF-8\u003c/li\u003e\n\u003cli\u003eAvoid false positives in \u003ccode\u003eencodingExists\u003c/code\u003e by using prototype-less objects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eraw-body@^3.0.1\u003c/li\u003e\n\u003cli\u003edebug@^4.4.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/3d248660b2e8b66732b232d7c758517fbf2420a6\"\u003e\u003ccode\u003e3d24866\u003c/code\u003e\u003c/a\u003e 2.2.2 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/691\"\u003e#691\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/8474a984c3ba36a1b4328ce019833b99caa0f08f\"\u003e\u003ccode\u003e8474a98\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/693\"\u003e#693\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/03f17c2538552a57e6be537afca8c7587bd40aaa\"\u003e\u003ccode\u003e03f17c2\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/689\"\u003e#689\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ea1f25e503c1b2f7ba6f8562724ae0fcd247fb75\"\u003e\u003ccode\u003eea1f25e\u003c/code\u003e\u003c/a\u003e docs: use standard jsdoc tags everywhere (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d7deef8ec61307fa28c22bc443cf8ed2f267945a\"\u003e\u003ccode\u003ed7deef8\u003c/code\u003e\u003c/a\u003e docs: update URL-encoded parser description to include ISO-8859-1 encoding su...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b6f52aabc65137c5227c8a462bddb761daeb96e7\"\u003e\u003ccode\u003eb6f52aa\u003c/code\u003e\u003c/a\u003e docs: release notes for the v1.20.4 release (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2965ca4af4883109cb2f651f4ce12da310902a0c\"\u003e\u003ccode\u003e2965ca4\u003c/code\u003e\u003c/a\u003e docs: update links (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d96b63da8d7445de317736471633bac83ec76cbb\"\u003e\u003ccode\u003ed96b63d\u003c/code\u003e\u003c/a\u003e 2.2.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/659\"\u003e#659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b204886a6744b0b6d297cd0e849d75de836f3b63\"\u003e\u003ccode\u003eb204886\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2025-13466\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/e20e3512e085c1162e8ffe36ac65c705a8017251\"\u003e\u003ccode\u003ee20e351\u003c/code\u003e\u003c/a\u003e feat: remove \u003ccode\u003ehistory.md\u003c/code\u003e from being packaged on publish (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/660\"\u003e#660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/v2.2.0...v2.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 4.0.2 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 4.0.2 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev4.0.3 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5\"\u003e\u003ccode\u003ef06f3e4\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75\"\u003e\u003ccode\u003e0179a48\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683\"\u003e\u003ccode\u003e4568cae\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a\"\u003e\u003ccode\u003e4de0ffa\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~explodingcabbage\"\u003eexplodingcabbage\u003c/a\u003e, a new releaser for diff since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 4.0.3 to 4.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.4...v4.0.5\"\u003ev4.0.5\u003c/a\u003e - 2025-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] Switch to newer v8 prediction library; enable node 24 testing \u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] set Symbol.toStringTag in the proper place \u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4\"\u003ev4.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0\"\u003e\u003ccode\u003e3d17230\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix linting errors \u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/58c25d76406a5b0dfdf54045cf252563f2bbda8d\"\u003e\u003ccode\u003e58c25d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/68ff7dda8834d6de095a7008cef0e03bc252ca98\"\u003e\u003ccode\u003e68ff7dd\u003c/code\u003e\u003c/a\u003e v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7\"\u003e\u003ccode\u003e5822467\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7\"\u003e\u003ccode\u003e76d0dee\u003c/code\u003e\u003c/a\u003e [Fix] set Symbol.toStringTag in the proper place\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a\"\u003e\u003ccode\u003e16e0076\u003c/code\u003e\u003c/a\u003e [Tests] Switch to newer v8 prediction library; enable node 24 testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/41996f5ac73a867046d48512cab62e64fc846dad\"\u003e\u003ccode\u003e41996f5\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/316c82ba93fd4985af757b771b9a1f26d3b709ef\"\u003e\u003ccode\u003e316c82b\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/2300ca19595b0ee96431e868fe2a40db79e41c61\"\u003e\u003ccode\u003e2300ca1\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/811f68282fab0315209d0e2d1c44b6c32ea0d479\"\u003e\u003ccode\u003e811f682\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/5e340800b5f8914213e4e0378c084aae71cfd73a\"\u003e\u003ccode\u003e5e34080\u003c/code\u003e\u003c/a\u003e [Tests] fix linting errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/1d11a76434d101f22fdb26b8aef8615f28b98402\"\u003e\u003ccode\u003e1d11a76\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v4.0.3...v4.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `immutable` from 5.1.2 to 4.3.8\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md\"\u003eimmutable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e,\nand this project adheres to \u003ca href=\"https://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\nDates are formatted as YYYY-MM-DD.\u003c/p\u003e\n\u003ch2\u003eUnreleased\u003c/h2\u003e\n\u003ch2\u003e5.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate some files to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2125\"\u003eimmutable-js/immutable-js#2125\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIterator.ts\u003c/li\u003e\n\u003cli\u003ePairSorting.ts\u003c/li\u003e\n\u003cli\u003etoJS.ts\u003c/li\u003e\n\u003cli\u003eMath.ts\u003c/li\u003e\n\u003cli\u003eHash.ts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eExtract CollectionHelperMethods and convert to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2131\"\u003eimmutable-js/immutable-js#2131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse npm \u003ca href=\"https://docs.npmjs.com/trusted-publishers\"\u003etrusted publishing only\u003c/a\u003e to avoid token stealing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/a11y issues by \u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDoc add Map.get signature update by \u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(doc):minor-issues#2132 by \u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix algolia search by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2135\"\u003eimmutable-js/immutable-js#2135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTypo in OrderedMap by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2144\"\u003eimmutable-js/immutable-js#2144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: Sort all imports and activate eslint import rule by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2119\"\u003eimmutable-js/immutable-js#2119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.3\u003c/h2\u003e\n\u003ch3\u003eTypeScript\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: allow readonly map entry constructor by \u003ca href=\"https://github.com/septs\"\u003e\u003ccode\u003e@​septs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2123\"\u003eimmutable-js/immutable-js#2123\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cp\u003eThere has been a huge amount of changes in the documentation, mainly migrate from an autogenerated documentation from .d.ts file, to a proper documentation in markdown.\nThe playground has been included on ...\n\n_Description has been truncated_\n\n---\n\n🔄 This PR is an automated dependency update that bumps 24 npm packages across the monorepo, including major updates to Next.js (15.3.3 → 15.5.10), AI SDK (5.0.28 → 5.0.52), and lodash (4.17.21 → 4.17.23), along with various security patches and bug fixes.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Framework Updates**: Next.js updated from 15.3.3 to 15.5.10, bringing security fixes for CVE-2025-59471, CVE-2025-59472, and CVE-2026-23864\n- **AI SDK Enhancement**: Vercel AI SDK updated from 5.0.28 to 5.0.52 with new features and bug fixes across multiple packages\n- **Security Patches**: Multiple packages received security updates including lodash (prototype pollution fix), validator (CVE-2025-56200), and glob (command injection prevention)\n- **Utility Libraries**: Updates to core utilities like nanoid (5.1.5 → 5.1.6) and validator (13.15.15 → 13.15.22)\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 24 Outdated Packages]\n    B --\u003e C[Security Vulnerabilities Found]\n    B --\u003e D[Feature Updates Available]\n    C --\u003e E[Apply Security Patches]\n    D --\u003e F[Update Framework Versions]\n    E --\u003e G[Update package.json Files]\n    F --\u003e G\n    G --\u003e H[15 Package Files Modified]\n    H --\u003e I[Maintain Workspace Dependencies]\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple CVEs including prototype pollution, command injection, and URL validation vulnerabilities\n- **Framework Improvements**: Next.js updates include image optimization improvements and React Flight DoS mitigations\n- **Development Experience**: Updated AI SDK provides better tooling and bug fixes for AI-powered features\n- **Maintenance**: Automated dependency management ensures the project stays current with latest patches and improvements\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/plate/pull/13","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Fplate/issues/13","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/13/packages"}},{"old_version":"4.2.0","new_version":"8.8.5","update_type":"major","path":null,"pr_created_at":"2026-03-11T03:30:29.000Z","version_change":"4.2.0 → 8.8.5","issue":{"uuid":"4055493259","node_id":"PR_kwDOPT54fM7JkgG9","number":86,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 9 directories with 29 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":6,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-11T03:30:29.000Z","updated_at":"2026-03-11T03:35:10.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":29,"packages":[{"name":"vite","old_version":"5.0.11","new_version":"5.4.21","repository_url":"https://github.com/vitejs/vite"},{"name":"storybook","old_version":"7.6.7","new_version":"7.6.21","repository_url":"https://github.com/storybookjs/storybook"},{"name":"zx","old_version":"4.2.0","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"axios","old_version":"0.27.2","new_version":"0.30.3","repository_url":"https://github.com/axios/axios"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.3","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"secp256k1","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/cryptocoinjs/secp256k1-node"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"react-router","old_version":"6.8.1","new_version":"6.30.2","repository_url":"https://github.com/remix-run/react-router"},{"name":"webpack","old_version":"5.84.1","new_version":"5.104.1","repository_url":"https://github.com/webpack/webpack"},{"name":"@babel/helpers","old_version":"7.12.5","new_version":"7.28.6","repository_url":"https://github.com/babel/babel"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"fast-xml-parser","old_version":"4.2.6","new_version":"4.5.4","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"min-document","old_version":"2.19.0","new_version":"2.19.2","repository_url":"https://github.com/Raynos/min-document"},{"name":"nanoid","old_version":"3.3.4","new_version":"3.3.11","repository_url":"https://github.com/ai/nanoid"},{"name":"qs","old_version":"6.5.3","new_version":"6.5.5","repository_url":"https://github.com/ljharb/qs"},{"name":"store2","old_version":"2.14.2","new_version":"2.14.4","repository_url":"https://github.com/nbubna/store"},{"name":"tar-fs","old_version":"2.1.1","new_version":"2.1.4","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tiny-secp256k1","old_version":"1.1.6","new_version":"1.1.7","repository_url":"https://github.com/bitcoinjs/tiny-secp256k1"},{"name":"vm2","old_version":"3.9.19","new_version":"3.10.5","repository_url":"https://github.com/patriksimek/vm2"},{"name":"secp256k1","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/cryptocoinjs/secp256k1-node"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 20 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.0.11` | `5.4.21` |\n| [storybook](https://github.com/storybookjs/storybook/tree/HEAD/code/core) | `7.6.7` | `7.6.21` |\n| [zx](https://github.com/google/zx) | `4.2.0` | `8.8.5` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [axios](https://github.com/axios/axios) | `0.27.2` | `0.30.3` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.3` |\n| [secp256k1](https://github.com/cryptocoinjs/secp256k1-node) | `4.0.3` | `4.0.4` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `6.8.1` | `6.30.2` |\n| [webpack](https://github.com/webpack/webpack) | `5.84.1` | `5.104.1` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.12.5` | `7.28.6` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.2.6` | `4.5.4` |\n| [min-document](https://github.com/Raynos/min-document) | `2.19.0` | `2.19.2` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.4` | `3.3.11` |\n| [qs](https://github.com/ljharb/qs) | `6.5.3` | `6.5.5` |\n| [store2](https://github.com/nbubna/store) | `2.14.2` | `2.14.4` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.1.1` | `2.1.4` |\n| [tiny-secp256k1](https://github.com/bitcoinjs/tiny-secp256k1) | `1.1.6` | `1.1.7` |\n| [vm2](https://github.com/patriksimek/vm2) | `3.9.19` | `3.10.5` |\n| [secp256k1](https://github.com/cryptocoinjs/secp256k1-node) | `4.0.3` | `4.0.4` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/background directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/hooks directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/mobile directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/stores directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/stores-etc directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /packages/types directory: [axios](https://github.com/axios/axios).\nBumps the npm_and_yarn group with 1 update in the /scripts/mobile-publish directory: [zx](https://github.com/google/zx).\nBumps the npm_and_yarn group with 16 updates in the /wallet-api-example directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [zx](https://github.com/google/zx) | `7.2.3` | `8.8.5` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [webpack](https://github.com/webpack/webpack) | `5.88.2` | `5.105.4` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.22.15` | `7.28.6` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.9` | `3.0.11` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.6` | `2.0.9` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.6` | `3.3.11` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.3.3` |\n| [rollup](https://github.com/rollup/rollup) | `2.79.1` | `2.80.0` |\n| [tiny-secp256k1](https://github.com/bitcoinjs/tiny-secp256k1) | `1.1.6` | `1.1.7` |\n| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `4.15.1` | `4.15.2` |\n\n\nUpdates `vite` from 5.0.11 to 5.4.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.4.21\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.20\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/ca88ed7398288ce0c60176ac9a6392f10654c67c/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.19\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.19/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.21 (2025-10-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970\"\u003e#20970\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c\"\u003ecad1d31\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20968\"\u003e#20968\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20970\"\u003e#20970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update CHANGELOG (\u003ca href=\"https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c\"\u003eca88ed7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.20 (2025-09-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea\"\u003e482000f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20736\"\u003e#20736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: port sirv@3.0.2 changes to sirv@2.0.4 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20737\"\u003e#20737\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/4f1c35bcbb5830290c694aa14b6789e07450f069\"\u003e4f1c35b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20737\"\u003e#20737\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.19 (2025-04-30)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e, check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966\"\u003e#19966\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0\"\u003e766947e\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19965\"\u003e#19965\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19966\"\u003e#19966\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.18 (2025-04-10)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830\"\u003e#19830\u003c/a\u003e, reject requests with \u003ccode\u003e#\u003c/code\u003e in request-target (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831\"\u003e#19831\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f\"\u003e823675b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19830\"\u003e#19830\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19831\"\u003e#19831\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.17 (2025-04-03)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19782\"\u003e#19782\u003c/a\u003e, fs check with svg and relative paths (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19784\"\u003e#19784\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/84b2b46ed129be8215108e789a90adbb33a9c42c\"\u003e84b2b46\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19782\"\u003e#19782\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19784\"\u003e#19784\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.16 (2025-03-31)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19761\"\u003e#19761\u003c/a\u003e, fs check in transform middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19762\"\u003e#19762\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/b627c50d359f3bd9b602408fbbf462cf4a2f019c\"\u003eb627c50\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19761\"\u003e#19761\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19762\"\u003e#19762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.15 (2025-03-24)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19702\"\u003e#19702\u003c/a\u003e, fs raw query with query separators (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19703\"\u003e#19703\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/807d7f06d33ab49c48a2a3501da3eea1906c0d41\"\u003e807d7f0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19702\"\u003e#19702\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19703\"\u003e#19703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.14 (2025-01-21)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: \u003ccode\u003epreview.allowedHosts\u003c/code\u003e with specific values was not respected (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19246\"\u003e#19246\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/9df6e6beabf0d18988ec13b8b742d2aba29662f9\"\u003e9df6e6b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19246\"\u003e#19246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: allow CORS from loopback addresses by default (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19249\"\u003e#19249\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/7d1699ccf673e2790704756d89d2e1e4ee478fb4\"\u003e7d1699c\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19249\"\u003e#19249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/adce3c22c64cc9d44cc8f45cc92b543e3e4bf385\"\u003e\u003ccode\u003eadce3c2\u003c/code\u003e\u003c/a\u003e release: v5.4.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c\"\u003e\u003ccode\u003ecad1d31\u003c/code\u003e\u003c/a\u003e fix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970\"\u003e#20970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c\"\u003e\u003ccode\u003eca88ed7\u003c/code\u003e\u003c/a\u003e chore: update CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/997700f01c7199daf7330d33a7fd3a43b2e9e3ba\"\u003e\u003ccode\u003e997700f\u003c/code\u003e\u003c/a\u003e release: v5.4.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea\"\u003e\u003ccode\u003e482000f\u003c/code\u003e\u003c/a\u003e fix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/80a333a23103ced0442d4463d1191433d90f5e19\"\u003e\u003ccode\u003e80a333a\u003c/code\u003e\u003c/a\u003e release: v5.4.19\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0\"\u003e\u003ccode\u003e766947e\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e, check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966\"\u003e#19966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/731b77d19d36f5682a5441b49cb2f6473389ad99\"\u003e\u003ccode\u003e731b77d\u003c/code\u003e\u003c/a\u003e release: v5.4.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f\"\u003e\u003ccode\u003e823675b\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830\"\u003e#19830\u003c/a\u003e, reject requests with \u003ccode\u003e#\u003c/code\u003e in request-target (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831\"\u003e#19831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/0a2518a98d2354c61ee8ef51f7d00fa92aebb511\"\u003e\u003ccode\u003e0a2518a\u003c/code\u003e\u003c/a\u003e release: v5.4.17\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v5.4.21/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `storybook` from 7.6.7 to 7.6.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/releases\"\u003estorybook's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.6.21\u003c/h2\u003e\n\u003ch2\u003e7.6.21\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCore: Fix .env-file parsing, thanks \u003ca href=\"https://github.com/jreinhold\"\u003e\u003ccode\u003e@​jreinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md\"\u003estorybook's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.2.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNext.js: Add support for v16.2 - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34046\"\u003e#34046\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCSF-Factories: Fix ConfigFile parser false warning on \u003ccode\u003edefinePreview({...}).type\u0026lt;T\u0026gt;()\u003c/code\u003e export default - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33885\"\u003e#33885\u003c/a\u003e, thanks \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Add host/origin validation to requests and websocket connections - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33835\"\u003e#33835\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ghengeveld\"\u003e\u003ccode\u003e@​ghengeveld\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Add vike metadata frameworks - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33965\"\u003e#33965\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yannbf\"\u003e\u003ccode\u003e@​yannbf\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Resolve builder preset path correctly in pnpm strict mode - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34032\"\u003e#34032\u003c/a\u003e, thanks \u003ca href=\"https://github.com/braedenfoster\"\u003e\u003ccode\u003e@​braedenfoster\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Update default allowed hosts in host validation middleware - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34045\"\u003e#34045\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ghengeveld\"\u003e\u003ccode\u003e@​ghengeveld\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCore: Storybook failed to load iframe.html when publishing - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33896\"\u003e#33896\u003c/a\u003e, thanks \u003ca href=\"https://github.com/danielalanbates\"\u003e\u003ccode\u003e@​danielalanbates\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eManager-API: Update refs sequentially in experimental_setFilter - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33958\"\u003e#33958\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ia319\"\u003e\u003ccode\u003e@​ia319\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Handle render identifier in manifest snippet generation - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33940\"\u003e#33940\u003c/a\u003e, thanks \u003ca href=\"https://github.com/kasperpeulen\"\u003e\u003ccode\u003e@​kasperpeulen\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCLI: Set STORYBOOK environment variable - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33938\"\u003e#33938\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yannbf\"\u003e\u003ccode\u003e@​yannbf\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent crash when tag filters contain undefined entries - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33931\"\u003e#33931\u003c/a\u003e, thanks \u003ca href=\"https://github.com/abhaysinh1000\"\u003e\u003ccode\u003e@​abhaysinh1000\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Pseudo-states: Process all nested css rules - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33605\"\u003e#33605\u003c/a\u003e, thanks \u003ca href=\"https://github.com/hpohlmeyer\"\u003e\u003ccode\u003e@​hpohlmeyer\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eBuilder-Vite: Prevent config duplication - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33883\"\u003e#33883\u003c/a\u003e, thanks \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCLI: Fix React native web A11y issues - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33937\"\u003e#33937\u003c/a\u003e, thanks \u003ca href=\"https://github.com/jonniebigodes\"\u003e\u003ccode\u003e@​jonniebigodes\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Avoid hanging when inferring args for recursive calls on DOM elemens - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33922\"\u003e#33922\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eEslint: Fix ESLint 10 compatibility in eslint-plugin-storybook rules - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33884\"\u003e#33884\u003c/a\u003e, thanks \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eViewport: Prioritize story viewport globals and avoid user-global pollution - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33849\"\u003e#33849\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ia319\"\u003e\u003ccode\u003e@​ia319\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCore: Sanitize inputs for save from controls - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33868\"\u003e#33868\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add project age - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33910\"\u003e#33910\u003c/a\u003e, thanks \u003ca href=\"https://github.com/shilman\"\u003e\u003ccode\u003e@​shilman\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eWebpack: Improve performance of module-mocking plugins - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33169\"\u003e#33169\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon-Vitest: Fix postinstall a11y installation - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33888\"\u003e#33888\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eManifests: Use correct story name - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33709\"\u003e#33709\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eNext.js: Handle legacyBehavior prop in Link mock component  - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33862\"\u003e#33862\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Fix manifest stories empty when meta has no explicit title - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33878\"\u003e#33878\u003c/a\u003e, thanks \u003ca href=\"https://github.com/kasperpeulen\"\u003e\u003ccode\u003e@​kasperpeulen\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCore: Require token for websocket connections - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33820\"\u003e#33820\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ghengeveld\"\u003e\u003ccode\u003e@​ghengeveld\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.9\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/storybookjs/storybook/commits/v7.6.21/code/core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~storybook-bot\"\u003estorybook-bot\u003c/a\u003e, a new releaser for storybook since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 4.2.0 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/4.2.0...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sha.js` from 2.4.11 to 2.4.12\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/sha.js/blob/master/CHANGELOG.md\"\u003esha.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/sha.js/compare/v2.4.11...v2.4.12\"\u003ev2.4.12\u003c/a\u003e - 2025-07-01\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/sha.js/commit/7acadfbd3abb558880212b20669fcb09e1aa1c58\"\u003e\u003ccode\u003e7acadfb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/b46e7116ebeaa82f34bbf2d7494fff7ef46eab3e\"\u003e\u003ccode\u003eb46e711\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix package.json indentation \u003ca href=\"https://github.com/browserify/sha.js/commit/df9d521e16ddf55dc877c43c05706d43c057fad4\"\u003e\u003ccode\u003edf9d521\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/sha.js/commit/c43c64adc6d3607d470538df72338fc02e63bc24\"\u003e\u003ccode\u003ec43c64a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] support multi-byte wide typed arrays \u003ca href=\"https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5\"\u003e\u003ccode\u003ef2a258e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] reorder package.json \u003ca href=\"https://github.com/browserify/sha.js/commit/d8d77c0a729c99593e304047f9d4335b498fd9ed\"\u003e\u003ccode\u003ed8d77c0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/35aec35c667b606b2495be3e4186bbe977b9e087\"\u003e\u003ccode\u003e35aec35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] avoid console logs \u003ca href=\"https://github.com/browserify/sha.js/commit/73e33ae0ca6bca232627cac7473028e1d218f67e\"\u003e\u003ccode\u003e73e33ae\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests run in batch \u003ca href=\"https://github.com/browserify/sha.js/commit/262913006e94616c8cd245ef6bd61bc4410b29e3\"\u003e\u003ccode\u003e2629130\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] drop node requirement to 0.10 \u003ca href=\"https://github.com/browserify/sha.js/commit/00c7f234aa3bdbd427ffeb929bacbb05334eb3e9\"\u003e\u003ccode\u003e00c7f23\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ebuffer\u003c/code\u003e, \u003ccode\u003ehash-test-vectors\u003c/code\u003e, \u003ccode\u003estandard\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypedarray\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/92b5de5f67472d9f18413d38ad5b9aba29ff4c22\"\u003e\u003ccode\u003e92b5de5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] drop node requirement to v3 \u003ca href=\"https://github.com/browserify/sha.js/commit/9b5eca80fd9bb21cf05bdf43ce42661f1bbafeaa\"\u003e\u003ccode\u003e9b5eca8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] set engines to \u003ccode\u003e\u0026amp;gt;= 4\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/807084c5c0f943459e89838252cafbd175b549b7\"\u003e\u003ccode\u003e807084c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/sha.js/commit/c72789c7a129cf453d44008ba27a88b90ac7989b\"\u003e\u003ccode\u003ec72789c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/5428cfc6f7177ad1a41c837b9387308848db96de\"\u003e\u003ccode\u003e5428cfc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/2dbe0aab419e90add5032c70c9663b8fc562adb8\"\u003e\u003ccode\u003e2dbe0aa\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate README to reflect LICENSE \u003ca href=\"https://github.com/browserify/sha.js/commit/8938256dbb2241a7c749e4a399dbaff48cbe8e95\"\u003e\u003ccode\u003e8938256\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/sha.js/commit/d52889688ce524e63570f35e448635a29e6dd791\"\u003e\u003ccode\u003ed528896\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused \u003ccode\u003ebuffer\u003c/code\u003e dep \u003ca href=\"https://github.com/browserify/sha.js/commit/94ca7247f467ef045f41d534708bf7c700e03828\"\u003e\u003ccode\u003e94ca724\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/eb4ea2fd3da93d41e250f9ac8a1a133ce450e0a2\"\u003e\u003ccode\u003eeb4ea2f\u003c/code\u003e\u003c/a\u003e v2.4.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/d8d77c0a729c99593e304047f9d4335b498fd9ed\"\u003e\u003ccode\u003ed8d77c0\u003c/code\u003e\u003c/a\u003e [meta] reorder package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/df9d521e16ddf55dc877c43c05706d43c057fad4\"\u003e\u003ccode\u003edf9d521\u003c/code\u003e\u003c/a\u003e [eslint] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/35aec35c667b606b2495be3e4186bbe977b9e087\"\u003e\u003ccode\u003e35aec35\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/d52889688ce524e63570f35e448635a29e6dd791\"\u003e\u003ccode\u003ed528896\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/b46e7116ebeaa82f34bbf2d7494fff7ef46eab3e\"\u003e\u003ccode\u003eb46e711\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/94ca7247f467ef045f41d534708bf7c700e03828\"\u003e\u003ccode\u003e94ca724\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused \u003ccode\u003ebuffer\u003c/code\u003e dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/2dbe0aab419e90add5032c70c9663b8fc562adb8\"\u003e\u003ccode\u003e2dbe0aa\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/73e33ae0ca6bca232627cac7473028e1d218f67e\"\u003e\u003ccode\u003e73e33ae\u003c/code\u003e\u003c/a\u003e [Tests] avoid console logs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5\"\u003e\u003ccode\u003ef2a258e\u003c/code\u003e\u003c/a\u003e [Fix] support multi-byte wide typed arrays\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/sha.js/compare/v2.4.11...v2.4.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for sha.js since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 0.27.2 to 0.30.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease notes - v0.30.3\u003c/h2\u003e\n\u003cp\u003eThis is a critical security maintenance release for the v0.x branch. It addresses a high-priority vulnerability involving prototype pollution that could lead to a Denial of Service (DoS).\u003c/p\u003e\n\u003cp\u003eRecommendation: All users currently on the 0.x release line should upgrade to this version immediately to ensure environment stability.\u003c/p\u003e\n\u003ch2\u003e🛡️ Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBackport: Fix DoS via \u003cstrong\u003eproto\u003c/strong\u003e key in merge config\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003ePatched a vulnerability where specifically crafted configuration objects using the \u003cstrong\u003eproto\u003c/strong\u003e key could cause a Denial of Service during the merge process. - \u003cem\u003eby \u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e in [PR \u003ca href=\"https://redirect.github.com/axios/axios/issues/7388\"\u003e#7388\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/axios/axios/pull/7388\"\u003eaxios/axios#7388\u003c/a\u003e)\u003c/em\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚙️ Maintenance \u0026amp; CI\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCI Infrastructure Update\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated Continuous Integration workflows for the v0.x branch to maintain long-term support and build reliability. - \u003cem\u003eby \u003ca href=\"https://github.com/jasonsaayman\"\u003e\u003ccode\u003e@​jasonsaayman\u003c/code\u003e\u003c/a\u003e in [PR \u003ca href=\"https://redirect.github.com/axios/axios/issues/7407\"\u003e#7407\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/axios/axios/pull/7407\"\u003eaxios/axios#7407\u003c/a\u003e)\u003c/em\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Breaking Changes\u003c/h2\u003e\n\u003cp\u003eConfiguration Merging Behavior:\u003c/p\u003e\n\u003cp\u003eAs part of the security fix, Axios now restricts the merging of the \u003cstrong\u003eproto\u003c/strong\u003e key within configuration objects. If your codebase relies on unconventional deep-merging patterns that target the object prototype via Axios config, those operations will now be blocked. This is a necessary change to prevent prototype pollution.\u003c/p\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/axios/axios/compare/v0.30.2...v0.30.3\"\u003ev0.30.2...v0.30.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.30.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u003ccode\u003emaxContentLength\u003c/code\u003e vulnerability fix to v0.x by \u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/7034\"\u003eaxios/axios#7034\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/axios/axios/pull/7034\"\u003eaxios/axios#7034\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/axios/axios/compare/v0.30.1...v0.30.2\"\u003ehttps://github.com/axios/axios/compare/v0.30.1...v0.30.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v0.30.1\u003c/h2\u003e\n\u003ch2\u003eRelease notes:\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): bump form-data from 4.0.0 to 4.0.4 for v0.x by \u003ca href=\"https://github.com/wolandec\"\u003e\u003ccode\u003e@​wolandec\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6978\"\u003eaxios/axios#6978\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wolandec\"\u003e\u003ccode\u003e@​wolandec\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6978\"\u003eaxios/axios#6978\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/axios/axios/compare/v0.30.0...v0.30.1\"\u003ehttps://github.com/axios/axios/compare/v0.30.0...v0.30.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v0.30.0\u003c/h2\u003e\n\u003ch2\u003eRelease notes:\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: modify log while request is aborted by \u003ca href=\"https://github.com/mori5321\"\u003e\u003ccode\u003e@​mori5321\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/4917\"\u003eaxios/axios#4917\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update CHANGELOG.md for v0.x by \u003ca href=\"https://github.com/TehZarathustra\"\u003e\u003ccode\u003e@​TehZarathustra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6271\"\u003eaxios/axios#6271\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: modify upgrade guide for 0.28.1's breaking change by \u003ca href=\"https://github.com/nafeger\"\u003e\u003ccode\u003e@​nafeger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6787\"\u003eaxios/axios#6787\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f53bcf6c3747652c9d3811dc0bbcd3674e21567a\"\u003e\u003ccode\u003ef53bcf6\u003c/code\u003e\u003c/a\u003e chore: release 0.30.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3ddccd3bf478c8aab863f2fdd4a52461849eab45\"\u003e\u003ccode\u003e3ddccd3\u003c/code\u003e\u003c/a\u003e chore: remove publish as this wont work\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9ef39d07245286df678c1a16e7b5769610ba8326\"\u003e\u003ccode\u003e9ef39d0\u003c/code\u003e\u003c/a\u003e chore: try with npm token\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4775de601df704d8d4e7336a57b08a2e21de8ff4\"\u003e\u003ccode\u003e4775de6\u003c/code\u003e\u003c/a\u003e chore: fix version scheme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f96f26b2014404534424e765b83a1dbbd8cb091f\"\u003e\u003ccode\u003ef96f26b\u003c/code\u003e\u003c/a\u003e chore: fix issues with using replace\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ead45c20b05ab32c26cb63d0f7a20e8b123d9f68\"\u003e\u003ccode\u003eead45c2\u003c/code\u003e\u003c/a\u003e chore: update the publish workflow to run on tag\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/8119265e6ce71898d19448d30356789cccc2de56\"\u003e\u003ccode\u003e8119265\u003c/code\u003e\u003c/a\u003e chore: tag version as legacy on v0.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/995498519881c23ba97b42dda16bcadc0e4791a7\"\u003e\u003ccode\u003e9954985\u003c/code\u003e\u003c/a\u003e chore: dispatch for first time\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3f8b70fdfc7903aa137ea4f6539cd00f5df97afb\"\u003e\u003ccode\u003e3f8b70f\u003c/code\u003e\u003c/a\u003e chore: final rename\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c66558430e71cf0c113a2969355cde25cb159fff\"\u003e\u003ccode\u003ec665584\u003c/code\u003e\u003c/a\u003e chore: revert naming\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.27.2...v0.30.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pbkdf2` from 3.1.2 to 3.1.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md\"\u003epbkdf2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.3\"\u003ev3.1.3\u003c/a\u003e - 2025-06-20\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8b067308eedcc3b7da3e06202d437ff532de75bd\"\u003e\u003ccode\u003e8b06730\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix whitespace \u003ca href=\"https://github.com/browserify/pbkdf2/commit/9a76e2f37ef4541aeff92d97b7335b7fa6e989a8\"\u003e\u003ccode\u003e9a76e2f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix parens/curlies/semis/etc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/6fd84bf64a423d207d9e665f3e9fd88b148c4480\"\u003e\u003ccode\u003e6fd84bf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/796c38d428ed9546e7ddfbb38322faa99921d716\"\u003e\u003ccode\u003e796c38d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node 17 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/3661fb0156177bfe380c7bcc133917e7ee501bc7\"\u003e\u003ccode\u003e3661fb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;[Tests] fix tests in node \u0026lt; 3\u0026quot; \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7431b5766805cbf880c1b3d0f38d484357844ff7\"\u003e\u003ccode\u003e7431b57\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node \u0026lt; 3 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/eb9f97a66ed83836bebc4ff563a1588248708501\"\u003e\u003ccode\u003eeb9f97a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] ensure unknown algorithms throw + known ones match node \u003ca href=\"https://github.com/browserify/pbkdf2/commit/26d4fd391e00ed806840ea1ef7341937985f4ba8\"\u003e\u003ccode\u003e26d4fd3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add GHA, always run nyc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/513906a735e80a0e125e1a3363c5dbe90bb34bb7\"\u003e\u003ccode\u003e513906a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix a few more rules \u003ca href=\"https://github.com/browserify/pbkdf2/commit/ab04da834a0342cb3779486314fa67ebc1e3f035\"\u003e\u003ccode\u003eab04da8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] switch to eslint \u003ca href=\"https://github.com/browserify/pbkdf2/commit/89694cf7e4062a8c924fbe74ad2b2d3cf78f1715\"\u003e\u003ccode\u003e89694cf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add coverage \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d0d534bfdc4db6d6ea9f719606ad18a78db6c124\"\u003e\u003ccode\u003ed0d534b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb\"\u003e\u003ccode\u003ee3102a8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] improve badges \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fca0c9d4c5b053d911315a3607367d1db9f9f605\"\u003e\u003ccode\u003efca0c9d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] remove unused travis file \u003ca href=\"https://github.com/browserify/pbkdf2/commit/a2c7d93bbcad73c49dad0c18fef6b8a4af8c3310\"\u003e\u003ccode\u003ea2c7d93\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] switch from \u003ccode\u003efiles\u003c/code\u003e to \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7f31fbca528fa5af3b7d3910daf09a7e5ed8adb4\"\u003e\u003ccode\u003e7f31fbc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] use .nycrc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8d628e8d5559b4acd4d4a714afb04a2990f901b7\"\u003e\u003ccode\u003e8d628e8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] minor tweaks \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fc61005c8cbd480e24ee103ac39a45f0d90ac636\"\u003e\u003ccode\u003efc61005\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ecreate-hmac\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e, \u003ccode\u003esha.js\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/ae2a7d051c9133c25d5212ba4f46747c0ed4c190\"\u003e\u003ccode\u003eae2a7d0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] pin \u003ccode\u003ecreate-hash\u003c/code\u003e, \u003ccode\u003eripemd160\u003c/code\u003e due to breaking changes \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e07996890af79296f1913431fb3b252e25df2f0e\"\u003e\u003ccode\u003ee079968\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node 3 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/45fbcf30431f9585ae3b61f2207c0a16c1953915\"\u003e\u003ccode\u003e45fbcf3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] skip publishing benchmarks \u003ca href=\"https://github.com/browserify/pbkdf2/commit/19ea57bf11d055ddcd97d2556cd3097663b050b9\"\u003e\u003ccode\u003e19ea57b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/pbkdf2/commit/645e252375087e97beb95e518038b99eb5724c5b\"\u003e\u003ccode\u003e645e252\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/3e40827b183f7f5a14946bdb7d57de3d1d8dd581\"\u003e\u003ccode\u003e3e40827\u003c/code\u003e\u003c/a\u003e v3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb\"\u003e\u003ccode\u003ee3102a8\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/7431b5766805cbf880c1b3d0f38d484357844ff7\"\u003e\u003ccode\u003e7431b57\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;[Tests] fix tests in node \u0026lt; 3\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/19ea57bf11d055ddcd97d2556cd3097663b050b9\"\u003e\u003ccode\u003e19ea57b\u003c/code\u003e\u003c/a\u003e [meta] skip publishing benchmarks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/a2c7d93bbcad73c49dad0c18fef6b8a4af8c3310\"\u003e\u003ccode\u003ea2c7d93\u003c/code\u003e\u003c/a\u003e [Tests] remove unused travis file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/645e252375087e97beb95e518038b99eb5724c5b\"\u003e\u003ccode\u003e645e252\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/796c38d428ed9546e7ddfbb38322faa99921d716\"\u003e\u003ccode\u003e796c38d\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/d0d534bfdc4db6d6ea9f719606ad18a78db6c124\"\u003e\u003ccode\u003ed0d534b\u003c/code\u003e\u003c/a\u003e [Tests] add coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/7f31fbca528fa5af3b7d3910daf09a7e5ed8adb4\"\u003e\u003ccode\u003e7f31fbc\u003c/code\u003e\u003c/a\u003e [meta] switch from \u003ccode\u003efiles\u003c/code\u003e to \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/fca0c9d4c5b053d911315a3607367d1db9f9f605\"\u003e\u003ccode\u003efca0c9d\u003c/code\u003e\u003c/a\u003e [readme] improve badges\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for pbkdf2 since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `secp256k1` from 4.0.3 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/secp256k1-node/commit/756fce19036700a3fc421ba5a9520cd090d2b92a\"\u003e\u003ccode\u003e756fce1\u003c/code\u003e\u003c/a\u003e 4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/secp256k1-node/commit/8bd6446e000fa59df3cda0ae3e424300747ea5ed\"\u003e\u003ccode\u003e8bd6446\u003c/code\u003e\u003c/a\u003e elliptic: fix key verification in loadCompressedPublicKey\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/secp256k1-node/commit/840834e833f9b077e0f29828140cc8cd91be3ee2\"\u003e\u003ccode\u003e840834e\u003c/code\u003e\u003c/a\u003e Update elliptic to 6.5.7 (CVE-2024-42461) (\u003ca href=\"https://redirect.github.com/cryptocoinjs/secp256k1-node/issues/206\"\u003e#206\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cryptocoinjs/secp256k1-node/compare/v4.0.3...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `elliptic` from 6.5.3 to 6.6.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/9b77436a59cc35eccf4ffb848259c8762a492ee7\"\u003e\u003ccode\u003e9b77436\u003c/code\u003e\u003c/a\u003e 6.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/04cb6f54ce552b3ebde6be06d6050419e1c7333e\"\u003e\u003ccode\u003e04cb6f5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/b8a7edd61a0d9bddd0bbf3436a4b476401edbe20\"\u003e\u003ccode\u003eb8a7edd\u003c/code\u003e\u003c/a\u003e 6.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/34c853478cec1be4e37260ed2cb12cdbdc6402cf\"\u003e\u003ccode\u003e34c8534\u003c/code\u003e\u003c/a\u003e fix: signature verification due to leading zeros\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/3e46a48fdd2ef2f89593e5e058d85530578c9761\"\u003e\u003ccode\u003e3e46a48\u003c/code\u003e\u003c/a\u003e 6.5.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/accb61e9c1a005e5c8ff96a8b33893100bb42d11\"\u003e\u003ccode\u003eaccb61e\u003c/code\u003e\u003c/a\u003e lib: DER signature decoding correction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/03e06e135c8e44a2da560fa197d0ba1e1e2759e9\"\u003e\u003ccode\u003e03e06e1\u003c/code\u003e\u003c/a\u003e 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/7ac5360118f74eb02da73bdf9f24fd0c72ff5281\"\u003e\u003ccode\u003e7ac5360\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/75700785ff41bb5d029d19186beff26d4883caa5\"\u003e\u003ccode\u003e7570078\u003c/code\u003e\u003c/a\u003e 6.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/206da2ee373e68466cde353f81fb59ef251b740b\"\u003e\u003ccode\u003e206da2e\u003c/code\u003e\u003c/a\u003e lib: lint\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/elliptic/compare/v6.5.3...v6.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-router` from 6.8.1 to 6.30.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/releases\"\u003ereact-router's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.30.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/v6/CHANGELOG.md#v6302\"\u003ehttps://github.com/remix-run/react-router/blob/v6/CHANGELOG.md#v6302\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.30.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6301\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6301\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.30.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6300\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6300\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.29.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6290\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6290\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.28.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6282\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6282\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.28.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6281\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6281\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.28.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6280\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6280\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.27.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6270\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6270\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.26.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6262\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6262\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.26.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6261\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6261\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.26.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6260\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6260\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.25.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6251\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6251\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.25.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6250\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6250\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.24.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6241\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6241\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.24.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6240\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6240\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.23.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6231\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6231\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.23.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6230\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6230\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/blob/react-router@6.30.2/packages/react-router/CHANGELOG.md\"\u003ereact-router's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.30.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@remix-run/router@1.23.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.30.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePartially revert optimization added in \u003ccode\u003e6.29.0\u003c/code\u003e to reduce calls to \u003ccode\u003ematchRoutes\u003c/code\u003e because it surfaced other issues (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/13623\"\u003e#13623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eStop logging invalid warning when \u003ccode\u003ev7_relativeSplatPath\u003c/code\u003e is set to false (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/13502\"\u003e#13502\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.30.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003efetcherKey\u003c/code\u003e as a parameter to \u003ccode\u003epatchRoutesOnNavigation\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/13109\"\u003e#13109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@remix-run/router@1.23.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.29.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eProvide the request \u003ccode\u003esignal\u003c/code\u003e as a parameter to \u003ccode\u003epatchRoutesOnNavigation\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/12900\"\u003e#12900\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThis can be used to abort any manifest fetches if the in-flight navigation/fetcher is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDo not log v7 deprecation warnings in production builds (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/12794\"\u003e#12794\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eLimit matchRoutes optimization to client side routers (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/12881\"\u003e#12881\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize route matching by skipping redundant \u003ccode\u003ematchRoutes\u003c/code\u003e calls when possible (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/12169\"\u003e#12169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@remix-run/router@1.22.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.28.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@remix-run/router@1.21.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.28.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/26b5d4581fb2829dc7eaeaad413de4735173a6eb\"\u003e\u003ccode\u003e26b5d45\u003c/code\u003e\u003c/a\u003e chore: Update version for release (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14541\"\u003e#14541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/919f8a86b95f0c8956e3820743503d5609f572cd\"\u003e\u003ccode\u003e919f8a8\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre-v6) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14540\"\u003e#14540\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/69bf7056f1540918a0324e0af215978cdaf5d486\"\u003e\u003ccode\u003e69bf705\u003c/code\u003e\u003c/a\u003e Normalize double slashes in resolvePath (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14537\"\u003e#14537\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/3f2400e9a7e255953afef3d29126db2efb6c08ab\"\u003e\u003ccode\u003e3f2400e\u003c/code\u003e\u003c/a\u003e chore: Update version for release (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13647\"\u003e#13647\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/25a264d87bce0bd5f0170e99a3dcad3a61a5f080\"\u003e\u003ccode\u003e25a264d\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre-v6) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13638\"\u003e#13638\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/b5705a0b5e905212487336d7548d86418b299f16\"\u003e\u003ccode\u003eb5705a0\u003c/code\u003e\u003c/a\u003e Remove matchRoutes optimization from render pass (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13623\"\u003e#13623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/785f6f6d7796d36a1c60d1c718a69e6cb1f8d415\"\u003e\u003ccode\u003e785f6f6\u003c/code\u003e\u003c/a\u003e Prevent invalid warning for v7_relativeSplatPath (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13502\"\u003e#13502\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/e4ba5224c911e070b1eabd12cff2aa581270dfb3\"\u003e\u003ccode\u003ee4ba522\u003c/code\u003e\u003c/a\u003e chore: Update version for release (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13128\"\u003e#13128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/f0bc784ce8951cc5ed67bf6d48d9c132b9bdc621\"\u003e\u003ccode\u003ef0bc784\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre-v6) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13111\"\u003e#13111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/d9ed8241d677de006a9bfe808d32fe4582184dad\"\u003e\u003ccode\u003ed9ed824\u003c/code\u003e\u003c/a\u003e Fix up changelogs\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/remix-run/react-router/commits/react-router@6.30.2/packages/react-router\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for react-router since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack` from 5.84.1 to 5.104.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/releases\"\u003ewebpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.104.1\u003c/h2\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.104.0\u003c/h2\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.103.0\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eDotenvPlugin\u003c/code\u003e and top level \u003ccode\u003edotenv\u003c/code\u003e option to enable this plugin\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eWebpackManifestPlugin\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded support the \u003ccode\u003eignoreList\u003c/code\u003e option in devtool plugins\u003c/li\u003e\n\u003cli\u003eAllow to use custom javascript parse function\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/blob/main/CHANGELOG.md\"\u003ewebpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003c...\n\n_Description has been truncated_","html_url":"https://github.com/RemyLoveLogicAI/asi-alliance-wallet/pull/86","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/RemyLoveLogicAI%2Fasi-alliance-wallet/issues/86","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/86/packages"}},{"old_version":"4.2.0","new_version":"8.8.5","update_type":"major","path":null,"pr_created_at":"2026-03-11T03:27:11.000Z","version_change":"4.2.0 → 8.8.5","issue":{"uuid":"4055482771","node_id":"PR_kwDOPT54fM7Jkd_E","number":85,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 3 directories with 34 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":5,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-11T03:27:11.000Z","updated_at":"2026-03-11T03:30:52.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":34,"packages":[{"name":"vite","old_version":"5.0.11","new_version":"5.4.21","repository_url":"https://github.com/vitejs/vite"},{"name":"storybook","old_version":"7.6.7","new_version":"7.6.21","repository_url":"https://github.com/storybookjs/storybook"},{"name":"zx","old_version":"4.2.0","new_version":"8.8.5","repository_url":"https://github.com/google/zx"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"axios","old_version":"0.27.2","new_version":"0.30.3","repository_url":"https://github.com/axios/axios"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.3","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"secp256k1","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/cryptocoinjs/secp256k1-node"},{"name":"js-yaml","old_version":"4.1.0","new_version":"4.1.1","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"react-router","old_version":"6.8.1","new_version":"6.30.2","repository_url":"https://github.com/remix-run/react-router"},{"name":"webpack","old_version":"5.84.1","new_version":"5.104.1","repository_url":"https://github.com/webpack/webpack"},{"name":"@babel/helpers","old_version":"7.12.5","new_version":"7.28.6","repository_url":"https://github.com/babel/babel"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"express","old_version":"4.18.2","new_version":"4.22.1","repository_url":"https://github.com/expressjs/express"},{"name":"fast-xml-parser","old_version":"4.2.6","new_version":"4.5.4","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"min-document","old_version":"2.19.0","new_version":"2.19.2","repository_url":"https://github.com/Raynos/min-document"},{"name":"nanoid","old_version":"3.3.4","new_version":"3.3.11","repository_url":"https://github.com/ai/nanoid"},{"name":"qs","old_version":"6.5.3","new_version":"6.5.5","repository_url":"https://github.com/ljharb/qs"},{"name":"serve-static","old_version":"1.15.0","new_version":"1.16.3","repository_url":"https://github.com/expressjs/serve-static"},{"name":"store2","old_version":"2.14.2","new_version":"2.14.4","repository_url":"https://github.com/nbubna/store"},{"name":"tar-fs","old_version":"2.1.1","new_version":"2.1.4","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tiny-secp256k1","old_version":"1.1.6","new_version":"1.1.7","repository_url":"https://github.com/bitcoinjs/tiny-secp256k1"},{"name":"vm2","old_version":"3.9.19","new_version":"3.10.5","repository_url":"https://github.com/patriksimek/vm2"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 22 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.0.11` | `5.4.21` |\n| [storybook](https://github.com/storybookjs/storybook/tree/HEAD/code/core) | `7.6.7` | `7.6.21` |\n| [zx](https://github.com/google/zx) | `4.2.0` | `8.8.5` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [axios](https://github.com/axios/axios) | `0.27.2` | `0.30.3` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.3` |\n| [secp256k1](https://github.com/cryptocoinjs/secp256k1-node) | `4.0.3` | `4.0.4` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `6.8.1` | `6.30.2` |\n| [webpack](https://github.com/webpack/webpack) | `5.84.1` | `5.104.1` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.12.5` | `7.28.6` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.1` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.2.6` | `4.5.4` |\n| [min-document](https://github.com/Raynos/min-document) | `2.19.0` | `2.19.2` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.4` | `3.3.11` |\n| [qs](https://github.com/ljharb/qs) | `6.5.3` | `6.5.5` |\n| [serve-static](https://github.com/expressjs/serve-static) | `1.15.0` | `1.16.3` |\n| [store2](https://github.com/nbubna/store) | `2.14.2` | `2.14.4` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.1.1` | `2.1.4` |\n| [tiny-secp256k1](https://github.com/bitcoinjs/tiny-secp256k1) | `1.1.6` | `1.1.7` |\n| [vm2](https://github.com/patriksimek/vm2) | `3.9.19` | `3.10.5` |\n\nBumps the npm_and_yarn group with 1 update in the /scripts/mobile-publish directory: [zx](https://github.com/google/zx).\nBumps the npm_and_yarn group with 18 updates in the /wallet-api-example directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [zx](https://github.com/google/zx) | `7.2.3` | `8.8.5` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [webpack](https://github.com/webpack/webpack) | `5.88.2` | `5.105.4` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.22.15` | `7.28.6` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.9` | `3.0.11` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.1` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.6` | `2.0.9` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |\n| [micromatch](https://github.com/micromatch/micromatch) | `4.0.5` | `4.0.8` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.6` | `3.3.11` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.3.3` |\n| [rollup](https://github.com/rollup/rollup) | `2.79.1` | `2.80.0` |\n| [tiny-secp256k1](https://github.com/bitcoinjs/tiny-secp256k1) | `1.1.6` | `1.1.7` |\n| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `4.15.1` | `4.15.2` |\n\n\nUpdates `vite` from 5.0.11 to 5.4.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.4.21\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.20\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/ca88ed7398288ce0c60176ac9a6392f10654c67c/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev5.4.19\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.19/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.21 (2025-10-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970\"\u003e#20970\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c\"\u003ecad1d31\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20968\"\u003e#20968\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20970\"\u003e#20970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update CHANGELOG (\u003ca href=\"https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c\"\u003eca88ed7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.20 (2025-09-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea\"\u003e482000f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20736\"\u003e#20736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: port sirv@3.0.2 changes to sirv@2.0.4 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20737\"\u003e#20737\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/4f1c35bcbb5830290c694aa14b6789e07450f069\"\u003e4f1c35b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20737\"\u003e#20737\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.19 (2025-04-30)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e, check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966\"\u003e#19966\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0\"\u003e766947e\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19965\"\u003e#19965\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19966\"\u003e#19966\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.18 (2025-04-10)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830\"\u003e#19830\u003c/a\u003e, reject requests with \u003ccode\u003e#\u003c/code\u003e in request-target (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831\"\u003e#19831\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f\"\u003e823675b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19830\"\u003e#19830\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19831\"\u003e#19831\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.17 (2025-04-03)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19782\"\u003e#19782\u003c/a\u003e, fs check with svg and relative paths (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19784\"\u003e#19784\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/84b2b46ed129be8215108e789a90adbb33a9c42c\"\u003e84b2b46\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19782\"\u003e#19782\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19784\"\u003e#19784\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.16 (2025-03-31)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19761\"\u003e#19761\u003c/a\u003e, fs check in transform middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19762\"\u003e#19762\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/b627c50d359f3bd9b602408fbbf462cf4a2f019c\"\u003eb627c50\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19761\"\u003e#19761\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19762\"\u003e#19762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.15 (2025-03-24)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19702\"\u003e#19702\u003c/a\u003e, fs raw query with query separators (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19703\"\u003e#19703\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/807d7f06d33ab49c48a2a3501da3eea1906c0d41\"\u003e807d7f0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19702\"\u003e#19702\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19703\"\u003e#19703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e5.4.14 (2025-01-21)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: \u003ccode\u003epreview.allowedHosts\u003c/code\u003e with specific values was not respected (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19246\"\u003e#19246\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/9df6e6beabf0d18988ec13b8b742d2aba29662f9\"\u003e9df6e6b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19246\"\u003e#19246\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: allow CORS from loopback addresses by default (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19249\"\u003e#19249\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/7d1699ccf673e2790704756d89d2e1e4ee478fb4\"\u003e7d1699c\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19249\"\u003e#19249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/adce3c22c64cc9d44cc8f45cc92b543e3e4bf385\"\u003e\u003ccode\u003eadce3c2\u003c/code\u003e\u003c/a\u003e release: v5.4.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/cad1d31d0635dd8fd4ddfe6e5a92eb9ff13cd06c\"\u003e\u003ccode\u003ecad1d31\u003c/code\u003e\u003c/a\u003e fix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20970\"\u003e#20970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca88ed7398288ce0c60176ac9a6392f10654c67c\"\u003e\u003ccode\u003eca88ed7\u003c/code\u003e\u003c/a\u003e chore: update CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/997700f01c7199daf7330d33a7fd3a43b2e9e3ba\"\u003e\u003ccode\u003e997700f\u003c/code\u003e\u003c/a\u003e release: v5.4.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/482000f57f56fe6ff2e905305100cfe03043ddea\"\u003e\u003ccode\u003e482000f\u003c/code\u003e\u003c/a\u003e fix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/80a333a23103ced0442d4463d1191433d90f5e19\"\u003e\u003ccode\u003e80a333a\u003c/code\u003e\u003c/a\u003e release: v5.4.19\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/766947e7cbf1cdd07df9737394e8c870401b78b0\"\u003e\u003ccode\u003e766947e\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e, check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19966\"\u003e#19966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/731b77d19d36f5682a5441b49cb2f6473389ad99\"\u003e\u003ccode\u003e731b77d\u003c/code\u003e\u003c/a\u003e release: v5.4.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/823675baff2bd6809c74ba2d9acca0327923a54f\"\u003e\u003ccode\u003e823675b\u003c/code\u003e\u003c/a\u003e fix: backport \u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19830\"\u003e#19830\u003c/a\u003e, reject requests with \u003ccode\u003e#\u003c/code\u003e in request-target (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19831\"\u003e#19831\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/0a2518a98d2354c61ee8ef51f7d00fa92aebb511\"\u003e\u003ccode\u003e0a2518a\u003c/code\u003e\u003c/a\u003e release: v5.4.17\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v5.4.21/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `storybook` from 7.6.7 to 7.6.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/releases\"\u003estorybook's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.6.21\u003c/h2\u003e\n\u003ch2\u003e7.6.21\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCore: Fix .env-file parsing, thanks \u003ca href=\"https://github.com/jreinhold\"\u003e\u003ccode\u003e@​jreinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md\"\u003estorybook's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.2.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNext.js: Add support for v16.2 - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34046\"\u003e#34046\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCSF-Factories: Fix ConfigFile parser false warning on \u003ccode\u003edefinePreview({...}).type\u0026lt;T\u0026gt;()\u003c/code\u003e export default - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33885\"\u003e#33885\u003c/a\u003e, thanks \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Add host/origin validation to requests and websocket connections - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33835\"\u003e#33835\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ghengeveld\"\u003e\u003ccode\u003e@​ghengeveld\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Add vike metadata frameworks - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33965\"\u003e#33965\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yannbf\"\u003e\u003ccode\u003e@​yannbf\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Resolve builder preset path correctly in pnpm strict mode - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34032\"\u003e#34032\u003c/a\u003e, thanks \u003ca href=\"https://github.com/braedenfoster\"\u003e\u003ccode\u003e@​braedenfoster\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Update default allowed hosts in host validation middleware - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/34045\"\u003e#34045\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ghengeveld\"\u003e\u003ccode\u003e@​ghengeveld\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCore: Storybook failed to load iframe.html when publishing - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33896\"\u003e#33896\u003c/a\u003e, thanks \u003ca href=\"https://github.com/danielalanbates\"\u003e\u003ccode\u003e@​danielalanbates\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eManager-API: Update refs sequentially in experimental_setFilter - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33958\"\u003e#33958\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ia319\"\u003e\u003ccode\u003e@​ia319\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Handle render identifier in manifest snippet generation - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33940\"\u003e#33940\u003c/a\u003e, thanks \u003ca href=\"https://github.com/kasperpeulen\"\u003e\u003ccode\u003e@​kasperpeulen\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCLI: Set STORYBOOK environment variable - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33938\"\u003e#33938\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yannbf\"\u003e\u003ccode\u003e@​yannbf\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eUI: Prevent crash when tag filters contain undefined entries - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33931\"\u003e#33931\u003c/a\u003e, thanks \u003ca href=\"https://github.com/abhaysinh1000\"\u003e\u003ccode\u003e@​abhaysinh1000\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon Pseudo-states: Process all nested css rules - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33605\"\u003e#33605\u003c/a\u003e, thanks \u003ca href=\"https://github.com/hpohlmeyer\"\u003e\u003ccode\u003e@​hpohlmeyer\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eBuilder-Vite: Prevent config duplication - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33883\"\u003e#33883\u003c/a\u003e, thanks \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCLI: Fix React native web A11y issues - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33937\"\u003e#33937\u003c/a\u003e, thanks \u003ca href=\"https://github.com/jonniebigodes\"\u003e\u003ccode\u003e@​jonniebigodes\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eCore: Avoid hanging when inferring args for recursive calls on DOM elemens - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33922\"\u003e#33922\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eEslint: Fix ESLint 10 compatibility in eslint-plugin-storybook rules - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33884\"\u003e#33884\u003c/a\u003e, thanks \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eViewport: Prioritize story viewport globals and avoid user-global pollution - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33849\"\u003e#33849\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ia319\"\u003e\u003ccode\u003e@​ia319\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCore: Sanitize inputs for save from controls - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33868\"\u003e#33868\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eTelemetry: Add project age - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33910\"\u003e#33910\u003c/a\u003e, thanks \u003ca href=\"https://github.com/shilman\"\u003e\u003ccode\u003e@​shilman\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eWebpack: Improve performance of module-mocking plugins - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33169\"\u003e#33169\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddon-Vitest: Fix postinstall a11y installation - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33888\"\u003e#33888\u003c/a\u003e, thanks \u003ca href=\"https://github.com/valentinpalkovic\"\u003e\u003ccode\u003e@​valentinpalkovic\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eManifests: Use correct story name - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33709\"\u003e#33709\u003c/a\u003e, thanks \u003ca href=\"https://github.com/JReinhold\"\u003e\u003ccode\u003e@​JReinhold\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eNext.js: Handle legacyBehavior prop in Link mock component  - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33862\"\u003e#33862\u003c/a\u003e, thanks \u003ca href=\"https://github.com/yatishgoel\"\u003e\u003ccode\u003e@​yatishgoel\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eReact: Fix manifest stories empty when meta has no explicit title - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33878\"\u003e#33878\u003c/a\u003e, thanks \u003ca href=\"https://github.com/kasperpeulen\"\u003e\u003ccode\u003e@​kasperpeulen\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCore: Require token for websocket connections - \u003ca href=\"https://redirect.github.com/storybookjs/storybook/pull/33820\"\u003e#33820\u003c/a\u003e, thanks \u003ca href=\"https://github.com/ghengeveld\"\u003e\u003ccode\u003e@​ghengeveld\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2.9\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/storybookjs/storybook/commits/v7.6.21/code/core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~storybook-bot\"\u003estorybook-bot\u003c/a\u003e, a new releaser for storybook since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zx` from 4.2.0 to 8.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/zx/releases\"\u003ezx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.8.5 — Temporary Reservoir\u003c/h2\u003e\n\u003cp\u003eThis release fixes the issue, when zx flushes external \u003ccode\u003enode_modules\u003c/code\u003e on linking  \u003ca href=\"https://redirect.github.com/google/zx/issues/1348\"\u003e#1348\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eAlso \u003ca href=\"https://github.com/sindresorhus/globby/releases/tag/v15.0.0\"\u003e\u003ccode\u003eglobby@15.0.0\u003c/code\u003e\u003c/a\u003e arrives here.\u003c/p\u003e\n\u003ch2\u003e8.8.4 — Flange Coupling\u003c/h2\u003e\n\u003cp\u003eIt's time. This release updates zx internals to make \u003ca href=\"https://google.github.io/zx/api#ps\"\u003ethe \u003ccode\u003eps\u003c/code\u003e API\u003c/a\u003e and related methods \u003ccode\u003eProcessPromise.kill()\u003c/code\u003e, \u003ccode\u003ekill()\u003c/code\u003e work on Windows systems without \u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmic\"\u003e\u003ccode\u003ewmic\u003c/code\u003e\u003c/a\u003e.\n\u003ca href=\"https://redirect.github.com/google/zx/pull/1344\"\u003e#1344\u003c/a\u003e \u003ca href=\"https://redirect.github.com/webpod/ps/pull/15\"\u003ewebpod/ps#15\u003c/a\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003eWMIC will be missing in Windows 11 25H2 (kernel \u0026gt;= 26000)\u003c/li\u003e\n\u003cli\u003eThe windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\"\u003ehttps://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e8.8.3 — Sealing Gasket\u003c/h2\u003e\n\u003cp\u003eContinues \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e to prevent injections via \u003ccode\u003eProxy\u003c/code\u003e input or custom \u003ccode\u003etoString()\u003c/code\u003e manipulations.\u003c/p\u003e\n\u003ch2\u003e8.8.2 — Leaking Valve\u003c/h2\u003e\n\u003cp\u003eFixes potential cmd injection via \u003ccode\u003ekill()\u003c/code\u003e method for Windows platform. \u003ca href=\"https://redirect.github.com/google/zx/issues/1337\"\u003e#1337\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1339\"\u003e#1339\u003c/a\u003e. Affects the versions range \u003ccode\u003e8.7.1...8.8.1\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e8.8.1 — Turbo Flush\u003c/h2\u003e\n\u003cp\u003eWe keep improving the projects internal infra to bring more stability, safety and performance for artifacts.\u003c/p\u003e\n\u003ch2\u003eFeatfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied flags filtration for CLI-driven deps install \u003ca href=\"https://redirect.github.com/google/zx/pull/1308\"\u003e#1308\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ekill()\u003c/code\u003e event logging \u003ca href=\"https://redirect.github.com/google/zx/pull/1312\"\u003e#1312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eSIGTERM\u003c/code\u003e as \u003ccode\u003ekill()\u003c/code\u003e fallback signal \u003ca href=\"https://redirect.github.com/google/zx/pull/1313\"\u003e#1313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllowed \u003ccode\u003estdio()\u003c/code\u003e arg be an array \u003ca href=\"https://redirect.github.com/google/zx/pull/1311\"\u003e#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003econst p = $({halt: true})`cmd`\r\np.stdio([stream, 'ignore', 'pipe'])\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded check for \u003cstrong\u003ezx@lite\u003c/strong\u003e pkg contents \u003ca href=\"https://redirect.github.com/google/zx/pull/1317\"\u003e#1317\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/issues/1316\"\u003e#1316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplified \u003ccode\u003eProcessPromise[asyncIterator]\u003c/code\u003e inners \u003ca href=\"https://redirect.github.com/google/zx/pull/1307\"\u003e#1307\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 \u003ca href=\"https://redirect.github.com/google/zx/pull/1309\"\u003e#1309\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1323\"\u003e#1323\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1326\"\u003e#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded TS@next to the test matrix \u003ca href=\"https://redirect.github.com/google/zx/pull/1310\"\u003e#1310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimized internal \u003ccode\u003eshell\u003c/code\u003e setters \u003ca href=\"https://redirect.github.com/google/zx/pull/1314\"\u003e#1314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRefactored build-publish pipelines and scripts \u003ca href=\"https://redirect.github.com/google/zx/pull/1319\"\u003e#1319\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1320\"\u003e#1320\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1321\"\u003e#1321\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1322\"\u003e#1322\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1324\"\u003e#1324\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1325\"\u003e#1325\u003c/a\u003e \u003ca href=\"https://redirect.github.com/google/zx/pull/1327\"\u003e#1327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.8.0 — Pressure Tested\u003c/h2\u003e\n\u003cp\u003eThis release enhances the coherence between the \u003cstrong\u003eProcessPromise\u003c/strong\u003e and the \u003cstrong\u003eStreams API\u003c/strong\u003e, eliminating the need for certain script-level workarounds.\u003c/p\u003e\n\u003ch2\u003e✨ New Features\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003eunpipe()\u003c/code\u003e — Selectively stop piping\u003c/h3\u003e\n\u003cp\u003eYou can now call \u003ccode\u003e.unpipe()\u003c/code\u003e to stop data transfer from a source to a destination without closing any of the pair. \u003ca href=\"https://redirect.github.com/google/zx/pull/1302\"\u003e#1302\u003c/a\u003e\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1ca92700ef5430b2119d9b8a915ba87cd9d678f3\"\u003e\u003ccode\u003e1ca9270\u003c/code\u003e\u003c/a\u003e chore: pr template formatting (\u003ca href=\"https://redirect.github.com/google/zx/issues/1359\"\u003e#1359\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/52b01a11a209cf1f0848a8437329852cdab5f1e6\"\u003e\u003ccode\u003e52b01a1\u003c/code\u003e\u003c/a\u003e chore: update pr template (\u003ca href=\"https://redirect.github.com/google/zx/issues/1358\"\u003e#1358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/70ecf236ca1d45120711e5128cd58ba0aaca8d9a\"\u003e\u003ccode\u003e70ecf23\u003c/code\u003e\u003c/a\u003e chore: update issue templates (\u003ca href=\"https://redirect.github.com/google/zx/issues/1357\"\u003e#1357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/8b08fc03bc8ea7853ec2d45fda06776b88acc2af\"\u003e\u003ccode\u003e8b08fc0\u003c/code\u003e\u003c/a\u003e chore: bump version to 8.8.5 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1356\"\u003e#1356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/6045c3463ab1e97b2d84bb345f02ceed03526333\"\u003e\u003ccode\u003e6045c34\u003c/code\u003e\u003c/a\u003e chore: update globby to v15 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1354\"\u003e#1354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb\"\u003e\u003ccode\u003ea4d1bc2\u003c/code\u003e\u003c/a\u003e fix: checks \u003ccode\u003enode_modules\u003c/code\u003e ref on linking (\u003ca href=\"https://redirect.github.com/google/zx/issues/1355\"\u003e#1355\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681\"\u003e\u003ccode\u003e9ef6d3c\u003c/code\u003e\u003c/a\u003e fix(cli): prevent external node_modules deletion with --prefer-local (\u003ca href=\"https://redirect.github.com/google/zx/issues/1349\"\u003e#1349\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/cc2a4f7b5b429c2161073b68aaa749f928978c66\"\u003e\u003ccode\u003ecc2a4f7\u003c/code\u003e\u003c/a\u003e ci: update zizmor to v1.15.1 (\u003ca href=\"https://redirect.github.com/google/zx/issues/1353\"\u003e#1353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/b47a5f0c0136c6e9e0dc9e9ce148e9ae808068ca\"\u003e\u003ccode\u003eb47a5f0\u003c/code\u003e\u003c/a\u003e ci: refactor smoke tests naming (\u003ca href=\"https://redirect.github.com/google/zx/issues/1352\"\u003e#1352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/zx/commit/1fb8c9f2e7526e027ae673ee8bce15cb750f2aee\"\u003e\u003ccode\u003e1fb8c9f\u003c/code\u003e\u003c/a\u003e ci: update gh actions (\u003ca href=\"https://redirect.github.com/google/zx/issues/1351\"\u003e#1351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/zx/compare/4.2.0...8.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sha.js` from 2.4.11 to 2.4.12\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/sha.js/blob/master/CHANGELOG.md\"\u003esha.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/sha.js/compare/v2.4.11...v2.4.12\"\u003ev2.4.12\u003c/a\u003e - 2025-07-01\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/sha.js/commit/7acadfbd3abb558880212b20669fcb09e1aa1c58\"\u003e\u003ccode\u003e7acadfb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/b46e7116ebeaa82f34bbf2d7494fff7ef46eab3e\"\u003e\u003ccode\u003eb46e711\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix package.json indentation \u003ca href=\"https://github.com/browserify/sha.js/commit/df9d521e16ddf55dc877c43c05706d43c057fad4\"\u003e\u003ccode\u003edf9d521\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/sha.js/commit/c43c64adc6d3607d470538df72338fc02e63bc24\"\u003e\u003ccode\u003ec43c64a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] support multi-byte wide typed arrays \u003ca href=\"https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5\"\u003e\u003ccode\u003ef2a258e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] reorder package.json \u003ca href=\"https://github.com/browserify/sha.js/commit/d8d77c0a729c99593e304047f9d4335b498fd9ed\"\u003e\u003ccode\u003ed8d77c0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/35aec35c667b606b2495be3e4186bbe977b9e087\"\u003e\u003ccode\u003e35aec35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] avoid console logs \u003ca href=\"https://github.com/browserify/sha.js/commit/73e33ae0ca6bca232627cac7473028e1d218f67e\"\u003e\u003ccode\u003e73e33ae\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests run in batch \u003ca href=\"https://github.com/browserify/sha.js/commit/262913006e94616c8cd245ef6bd61bc4410b29e3\"\u003e\u003ccode\u003e2629130\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] drop node requirement to 0.10 \u003ca href=\"https://github.com/browserify/sha.js/commit/00c7f234aa3bdbd427ffeb929bacbb05334eb3e9\"\u003e\u003ccode\u003e00c7f23\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ebuffer\u003c/code\u003e, \u003ccode\u003ehash-test-vectors\u003c/code\u003e, \u003ccode\u003estandard\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypedarray\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/92b5de5f67472d9f18413d38ad5b9aba29ff4c22\"\u003e\u003ccode\u003e92b5de5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] drop node requirement to v3 \u003ca href=\"https://github.com/browserify/sha.js/commit/9b5eca80fd9bb21cf05bdf43ce42661f1bbafeaa\"\u003e\u003ccode\u003e9b5eca8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] set engines to \u003ccode\u003e\u0026amp;gt;= 4\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/807084c5c0f943459e89838252cafbd175b549b7\"\u003e\u003ccode\u003e807084c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/sha.js/commit/c72789c7a129cf453d44008ba27a88b90ac7989b\"\u003e\u003ccode\u003ec72789c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/5428cfc6f7177ad1a41c837b9387308848db96de\"\u003e\u003ccode\u003e5428cfc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/2dbe0aab419e90add5032c70c9663b8fc562adb8\"\u003e\u003ccode\u003e2dbe0aa\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate README to reflect LICENSE \u003ca href=\"https://github.com/browserify/sha.js/commit/8938256dbb2241a7c749e4a399dbaff48cbe8e95\"\u003e\u003ccode\u003e8938256\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/sha.js/commit/d52889688ce524e63570f35e448635a29e6dd791\"\u003e\u003ccode\u003ed528896\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused \u003ccode\u003ebuffer\u003c/code\u003e dep \u003ca href=\"https://github.com/browserify/sha.js/commit/94ca7247f467ef045f41d534708bf7c700e03828\"\u003e\u003ccode\u003e94ca724\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/eb4ea2fd3da93d41e250f9ac8a1a133ce450e0a2\"\u003e\u003ccode\u003eeb4ea2f\u003c/code\u003e\u003c/a\u003e v2.4.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/d8d77c0a729c99593e304047f9d4335b498fd9ed\"\u003e\u003ccode\u003ed8d77c0\u003c/code\u003e\u003c/a\u003e [meta] reorder package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/df9d521e16ddf55dc877c43c05706d43c057fad4\"\u003e\u003ccode\u003edf9d521\u003c/code\u003e\u003c/a\u003e [eslint] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/35aec35c667b606b2495be3e4186bbe977b9e087\"\u003e\u003ccode\u003e35aec35\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/d52889688ce524e63570f35e448635a29e6dd791\"\u003e\u003ccode\u003ed528896\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/b46e7116ebeaa82f34bbf2d7494fff7ef46eab3e\"\u003e\u003ccode\u003eb46e711\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/94ca7247f467ef045f41d534708bf7c700e03828\"\u003e\u003ccode\u003e94ca724\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused \u003ccode\u003ebuffer\u003c/code\u003e dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/2dbe0aab419e90add5032c70c9663b8fc562adb8\"\u003e\u003ccode\u003e2dbe0aa\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/73e33ae0ca6bca232627cac7473028e1d218f67e\"\u003e\u003ccode\u003e73e33ae\u003c/code\u003e\u003c/a\u003e [Tests] avoid console logs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5\"\u003e\u003ccode\u003ef2a258e\u003c/code\u003e\u003c/a\u003e [Fix] support multi-byte wide typed arrays\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/sha.js/compare/v2.4.11...v2.4.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for sha.js since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 0.27.2 to 0.30.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease notes - v0.30.3\u003c/h2\u003e\n\u003cp\u003eThis is a critical security maintenance release for the v0.x branch. It addresses a high-priority vulnerability involving prototype pollution that could lead to a Denial of Service (DoS).\u003c/p\u003e\n\u003cp\u003eRecommendation: All users currently on the 0.x release line should upgrade to this version immediately to ensure environment stability.\u003c/p\u003e\n\u003ch2\u003e🛡️ Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBackport: Fix DoS via \u003cstrong\u003eproto\u003c/strong\u003e key in merge config\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003ePatched a vulnerability where specifically crafted configuration objects using the \u003cstrong\u003eproto\u003c/strong\u003e key could cause a Denial of Service during the merge process. - \u003cem\u003eby \u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e in [PR \u003ca href=\"https://redirect.github.com/axios/axios/issues/7388\"\u003e#7388\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/axios/axios/pull/7388\"\u003eaxios/axios#7388\u003c/a\u003e)\u003c/em\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚙️ Maintenance \u0026amp; CI\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCI Infrastructure Update\u003c/strong\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated Continuous Integration workflows for the v0.x branch to maintain long-term support and build reliability. - \u003cem\u003eby \u003ca href=\"https://github.com/jasonsaayman\"\u003e\u003ccode\u003e@​jasonsaayman\u003c/code\u003e\u003c/a\u003e in [PR \u003ca href=\"https://redirect.github.com/axios/axios/issues/7407\"\u003e#7407\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/axios/axios/pull/7407\"\u003eaxios/axios#7407\u003c/a\u003e)\u003c/em\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Breaking Changes\u003c/h2\u003e\n\u003cp\u003eConfiguration Merging Behavior:\u003c/p\u003e\n\u003cp\u003eAs part of the security fix, Axios now restricts the merging of the \u003cstrong\u003eproto\u003c/strong\u003e key within configuration objects. If your codebase relies on unconventional deep-merging patterns that target the object prototype via Axios config, those operations will now be blocked. This is a necessary change to prevent prototype pollution.\u003c/p\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/axios/axios/compare/v0.30.2...v0.30.3\"\u003ev0.30.2...v0.30.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.30.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport \u003ccode\u003emaxContentLength\u003c/code\u003e vulnerability fix to v0.x by \u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/7034\"\u003eaxios/axios#7034\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FeBe95\"\u003e\u003ccode\u003e@​FeBe95\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/axios/axios/pull/7034\"\u003eaxios/axios#7034\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/axios/axios/compare/v0.30.1...v0.30.2\"\u003ehttps://github.com/axios/axios/compare/v0.30.1...v0.30.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v0.30.1\u003c/h2\u003e\n\u003ch2\u003eRelease notes:\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): bump form-data from 4.0.0 to 4.0.4 for v0.x by \u003ca href=\"https://github.com/wolandec\"\u003e\u003ccode\u003e@​wolandec\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6978\"\u003eaxios/axios#6978\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wolandec\"\u003e\u003ccode\u003e@​wolandec\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6978\"\u003eaxios/axios#6978\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/axios/axios/compare/v0.30.0...v0.30.1\"\u003ehttps://github.com/axios/axios/compare/v0.30.0...v0.30.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v0.30.0\u003c/h2\u003e\n\u003ch2\u003eRelease notes:\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: modify log while request is aborted by \u003ca href=\"https://github.com/mori5321\"\u003e\u003ccode\u003e@​mori5321\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/4917\"\u003eaxios/axios#4917\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update CHANGELOG.md for v0.x by \u003ca href=\"https://github.com/TehZarathustra\"\u003e\u003ccode\u003e@​TehZarathustra\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6271\"\u003eaxios/axios#6271\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: modify upgrade guide for 0.28.1's breaking change by \u003ca href=\"https://github.com/nafeger\"\u003e\u003ccode\u003e@​nafeger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/axios/axios/pull/6787\"\u003eaxios/axios#6787\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f53bcf6c3747652c9d3811dc0bbcd3674e21567a\"\u003e\u003ccode\u003ef53bcf6\u003c/code\u003e\u003c/a\u003e chore: release 0.30.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3ddccd3bf478c8aab863f2fdd4a52461849eab45\"\u003e\u003ccode\u003e3ddccd3\u003c/code\u003e\u003c/a\u003e chore: remove publish as this wont work\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/9ef39d07245286df678c1a16e7b5769610ba8326\"\u003e\u003ccode\u003e9ef39d0\u003c/code\u003e\u003c/a\u003e chore: try with npm token\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4775de601df704d8d4e7336a57b08a2e21de8ff4\"\u003e\u003ccode\u003e4775de6\u003c/code\u003e\u003c/a\u003e chore: fix version scheme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f96f26b2014404534424e765b83a1dbbd8cb091f\"\u003e\u003ccode\u003ef96f26b\u003c/code\u003e\u003c/a\u003e chore: fix issues with using replace\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/ead45c20b05ab32c26cb63d0f7a20e8b123d9f68\"\u003e\u003ccode\u003eead45c2\u003c/code\u003e\u003c/a\u003e chore: update the publish workflow to run on tag\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/8119265e6ce71898d19448d30356789cccc2de56\"\u003e\u003ccode\u003e8119265\u003c/code\u003e\u003c/a\u003e chore: tag version as legacy on v0.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/995498519881c23ba97b42dda16bcadc0e4791a7\"\u003e\u003ccode\u003e9954985\u003c/code\u003e\u003c/a\u003e chore: dispatch for first time\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3f8b70fdfc7903aa137ea4f6539cd00f5df97afb\"\u003e\u003ccode\u003e3f8b70f\u003c/code\u003e\u003c/a\u003e chore: final rename\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c66558430e71cf0c113a2969355cde25cb159fff\"\u003e\u003ccode\u003ec665584\u003c/code\u003e\u003c/a\u003e chore: revert naming\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.27.2...v0.30.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pbkdf2` from 3.1.2 to 3.1.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md\"\u003epbkdf2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.3\"\u003ev3.1.3\u003c/a\u003e - 2025-06-20\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8b067308eedcc3b7da3e06202d437ff532de75bd\"\u003e\u003ccode\u003e8b06730\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix whitespace \u003ca href=\"https://github.com/browserify/pbkdf2/commit/9a76e2f37ef4541aeff92d97b7335b7fa6e989a8\"\u003e\u003ccode\u003e9a76e2f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix parens/curlies/semis/etc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/6fd84bf64a423d207d9e665f3e9fd88b148c4480\"\u003e\u003ccode\u003e6fd84bf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/796c38d428ed9546e7ddfbb38322faa99921d716\"\u003e\u003ccode\u003e796c38d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node 17 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/3661fb0156177bfe380c7bcc133917e7ee501bc7\"\u003e\u003ccode\u003e3661fb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;[Tests] fix tests in node \u0026lt; 3\u0026quot; \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7431b5766805cbf880c1b3d0f38d484357844ff7\"\u003e\u003ccode\u003e7431b57\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node \u0026lt; 3 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/eb9f97a66ed83836bebc4ff563a1588248708501\"\u003e\u003ccode\u003eeb9f97a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] ensure unknown algorithms throw + known ones match node \u003ca href=\"https://github.com/browserify/pbkdf2/commit/26d4fd391e00ed806840ea1ef7341937985f4ba8\"\u003e\u003ccode\u003e26d4fd3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add GHA, always run nyc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/513906a735e80a0e125e1a3363c5dbe90bb34bb7\"\u003e\u003ccode\u003e513906a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix a few more rules \u003ca href=\"https://github.com/browserify/pbkdf2/commit/ab04da834a0342cb3779486314fa67ebc1e3f035\"\u003e\u003ccode\u003eab04da8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] switch to eslint \u003ca href=\"https://github.com/browserify/pbkdf2/commit/89694cf7e4062a8c924fbe74ad2b2d3cf78f1715\"\u003e\u003ccode\u003e89694cf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add coverage \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d0d534bfdc4db6d6ea9f719606ad18a78db6c124\"\u003e\u003ccode\u003ed0d534b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb\"\u003e\u003ccode\u003ee3102a8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] improve badges \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fca0c9d4c5b053d911315a3607367d1db9f9f605\"\u003e\u003ccode\u003efca0c9d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] remove unused travis file \u003ca href=\"https://github.com/browserify/pbkdf2/commit/a2c7d93bbcad73c49dad0c18fef6b8a4af8c3310\"\u003e\u003ccode\u003ea2c7d93\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] switch from \u003ccode\u003efiles\u003c/code\u003e to \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7f31fbca528fa5af3b7d3910daf09a7e5ed8adb4\"\u003e\u003ccode\u003e7f31fbc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] use .nycrc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8d628e8d5559b4acd4d4a714afb04a2990f901b7\"\u003e\u003ccode\u003e8d628e8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] minor tweaks \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fc61005c8cbd480e24ee103ac39a45f0d90ac636\"\u003e\u003ccode\u003efc61005\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ecreate-hmac\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e, \u003ccode\u003esha.js\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/ae2a7d051c9133c25d5212ba4f46747c0ed4c190\"\u003e\u003ccode\u003eae2a7d0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] pin \u003ccode\u003ecreate-hash\u003c/code\u003e, \u003ccode\u003eripemd160\u003c/code\u003e due to breaking changes \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e07996890af79296f1913431fb3b252e25df2f0e\"\u003e\u003ccode\u003ee079968\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node 3 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/45fbcf30431f9585ae3b61f2207c0a16c1953915\"\u003e\u003ccode\u003e45fbcf3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] skip publishing benchmarks \u003ca href=\"https://github.com/browserify/pbkdf2/commit/19ea57bf11d055ddcd97d2556cd3097663b050b9\"\u003e\u003ccode\u003e19ea57b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/pbkdf2/commit/645e252375087e97beb95e518038b99eb5724c5b\"\u003e\u003ccode\u003e645e252\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/3e40827b183f7f5a14946bdb7d57de3d1d8dd581\"\u003e\u003ccode\u003e3e40827\u003c/code\u003e\u003c/a\u003e v3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb\"\u003e\u003ccode\u003ee3102a8\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/7431b5766805cbf880c1b3d0f38d484357844ff7\"\u003e\u003ccode\u003e7431b57\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;[Tests] fix tests in node \u0026lt; 3\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/19ea57bf11d055ddcd97d2556cd3097663b050b9\"\u003e\u003ccode\u003e19ea57b\u003c/code\u003e\u003c/a\u003e [meta] skip publishing benchmarks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/a2c7d93bbcad73c49dad0c18fef6b8a4af8c3310\"\u003e\u003ccode\u003ea2c7d93\u003c/code\u003e\u003c/a\u003e [Tests] remove unused travis file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/645e252375087e97beb95e518038b99eb5724c5b\"\u003e\u003ccode\u003e645e252\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/796c38d428ed9546e7ddfbb38322faa99921d716\"\u003e\u003ccode\u003e796c38d\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/d0d534bfdc4db6d6ea9f719606ad18a78db6c124\"\u003e\u003ccode\u003ed0d534b\u003c/code\u003e\u003c/a\u003e [Tests] add coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/7f31fbca528fa5af3b7d3910daf09a7e5ed8adb4\"\u003e\u003ccode\u003e7f31fbc\u003c/code\u003e\u003c/a\u003e [meta] switch from \u003ccode\u003efiles\u003c/code\u003e to \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/fca0c9d4c5b053d911315a3607367d1db9f9f605\"\u003e\u003ccode\u003efca0c9d\u003c/code\u003e\u003c/a\u003e [readme] improve badges\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for pbkdf2 since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `secp256k1` from 4.0.3 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/secp256k1-node/commit/756fce19036700a3fc421ba5a9520cd090d2b92a\"\u003e\u003ccode\u003e756fce1\u003c/code\u003e\u003c/a\u003e 4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/secp256k1-node/commit/8bd6446e000fa59df3cda0ae3e424300747ea5ed\"\u003e\u003ccode\u003e8bd6446\u003c/code\u003e\u003c/a\u003e elliptic: fix key verification in loadCompressedPublicKey\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/secp256k1-node/commit/840834e833f9b077e0f29828140cc8cd91be3ee2\"\u003e\u003ccode\u003e840834e\u003c/code\u003e\u003c/a\u003e Update elliptic to 6.5.7 (CVE-2024-42461) (\u003ca href=\"https://redirect.github.com/cryptocoinjs/secp256k1-node/issues/206\"\u003e#206\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cryptocoinjs/secp256k1-node/compare/v4.0.3...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `elliptic` from 6.5.3 to 6.6.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/9b77436a59cc35eccf4ffb848259c8762a492ee7\"\u003e\u003ccode\u003e9b77436\u003c/code\u003e\u003c/a\u003e 6.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/04cb6f54ce552b3ebde6be06d6050419e1c7333e\"\u003e\u003ccode\u003e04cb6f5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/b8a7edd61a0d9bddd0bbf3436a4b476401edbe20\"\u003e\u003ccode\u003eb8a7edd\u003c/code\u003e\u003c/a\u003e 6.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/34c853478cec1be4e37260ed2cb12cdbdc6402cf\"\u003e\u003ccode\u003e34c8534\u003c/code\u003e\u003c/a\u003e fix: signature verification due to leading zeros\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/3e46a48fdd2ef2f89593e5e058d85530578c9761\"\u003e\u003ccode\u003e3e46a48\u003c/code\u003e\u003c/a\u003e 6.5.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/accb61e9c1a005e5c8ff96a8b33893100bb42d11\"\u003e\u003ccode\u003eaccb61e\u003c/code\u003e\u003c/a\u003e lib: DER signature decoding correction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/03e06e135c8e44a2da560fa197d0ba1e1e2759e9\"\u003e\u003ccode\u003e03e06e1\u003c/code\u003e\u003c/a\u003e 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/7ac5360118f74eb02da73bdf9f24fd0c72ff5281\"\u003e\u003ccode\u003e7ac5360\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/75700785ff41bb5d029d19186beff26d4883caa5\"\u003e\u003ccode\u003e7570078\u003c/code\u003e\u003c/a\u003e 6.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/206da2ee373e68466cde353f81fb59ef251b740b\"\u003e\u003ccode\u003e206da2e\u003c/code\u003e\u003c/a\u003e lib: lint\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/elliptic/compare/v6.5.3...v6.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 4.1.0 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-router` from 6.8.1 to 6.30.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/releases\"\u003ereact-router's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.30.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/v6/CHANGELOG.md#v6302\"\u003ehttps://github.com/remix-run/react-router/blob/v6/CHANGELOG.md#v6302\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.30.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6301\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6301\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.30.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6300\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6300\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.29.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6290\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6290\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.28.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6282\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6282\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.28.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6281\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6281\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.28.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6280\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6280\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.27.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6270\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6270\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.26.2\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6262\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6262\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.26.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6261\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6261\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.26.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6260\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6260\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.25.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6251\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6251\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.25.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6250\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6250\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.24.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6241\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6241\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.24.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6240\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6240\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.23.1\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6231\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6231\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.23.0\u003c/h2\u003e\n\u003cp\u003eSee the changelog for release notes: \u003ca href=\"https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6230\"\u003ehttps://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6230\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/remix-run/react-router/blob/react-router@6.30.2/packages/react-router/CHANGELOG.md\"\u003ereact-router's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.30.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@remix-run/router@1.23.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.30.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePartially revert optimization added in \u003ccode\u003e6.29.0\u003c/code\u003e to reduce calls to \u003ccode\u003ematchRoutes\u003c/code\u003e because it surfaced other issues (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/13623\"\u003e#13623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eStop logging invalid warning when \u003ccode\u003ev7_relativeSplatPath\u003c/code\u003e is set to false (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/13502\"\u003e#13502\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.30.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003efetcherKey\u003c/code\u003e as a parameter to \u003ccode\u003epatchRoutesOnNavigation\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/13109\"\u003e#13109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@remix-run/router@1.23.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.29.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eProvide the request \u003ccode\u003esignal\u003c/code\u003e as a parameter to \u003ccode\u003epatchRoutesOnNavigation\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/12900\"\u003e#12900\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThis can be used to abort any manifest fetches if the in-flight navigation/fetcher is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDo not log v7 deprecation warnings in production builds (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/12794\"\u003e#12794\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eLimit matchRoutes optimization to client side routers (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/12881\"\u003e#12881\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize route matching by skipping redundant \u003ccode\u003ematchRoutes\u003c/code\u003e calls when possible (\u003ca href=\"https://redirect.github.com/remix-run/react-router/pull/12169\"\u003e#12169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@remix-run/router@1.22.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.28.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@remix-run/router@1.21.1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.28.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/26b5d4581fb2829dc7eaeaad413de4735173a6eb\"\u003e\u003ccode\u003e26b5d45\u003c/code\u003e\u003c/a\u003e chore: Update version for release (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14541\"\u003e#14541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/919f8a86b95f0c8956e3820743503d5609f572cd\"\u003e\u003ccode\u003e919f8a8\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre-v6) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14540\"\u003e#14540\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/69bf7056f1540918a0324e0af215978cdaf5d486\"\u003e\u003ccode\u003e69bf705\u003c/code\u003e\u003c/a\u003e Normalize double slashes in resolvePath (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/14537\"\u003e#14537\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/3f2400e9a7e255953afef3d29126db2efb6c08ab\"\u003e\u003ccode\u003e3f2400e\u003c/code\u003e\u003c/a\u003e chore: Update version for release (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13647\"\u003e#13647\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/25a264d87bce0bd5f0170e99a3dcad3a61a5f080\"\u003e\u003ccode\u003e25a264d\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre-v6) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13638\"\u003e#13638\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/b5705a0b5e905212487336d7548d86418b299f16\"\u003e\u003ccode\u003eb5705a0\u003c/code\u003e\u003c/a\u003e Remove matchRoutes optimization from render pass (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13623\"\u003e#13623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/785f6f6d7796d36a1c60d1c718a69e6cb1f8d415\"\u003e\u003ccode\u003e785f6f6\u003c/code\u003e\u003c/a\u003e Prevent invalid warning for v7_relativeSplatPath (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13502\"\u003e#13502\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/e4ba5224c911e070b1eabd12cff2aa581270dfb3\"\u003e\u003ccode\u003ee4ba522\u003c/code\u003e\u003c/a\u003e chore: Update version for release (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13128\"\u003e#13128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/f0bc784ce8951cc5ed67bf6d48d9c132b9bdc621\"\u003e\u003ccode\u003ef0bc784\u003c/code\u003e\u003c/a\u003e chore: Update version for release (pre-v6) (\u003ca href=\"https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/13111\"\u003e#13111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/remix-run/react-router/commit/d9ed8241d677de006a9bfe808d32fe4582184dad\"\u003e\u003ccode\u003ed9ed824\u003c/code\u003e\u003c/a\u003e Fix up changelogs\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/remix-run/react-router/commits/react-router@6.30.2/packages/react-router\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by [GitHub Actions](\u003ca href=\"https://www.npmjs.com/~GitHub\"\u003ehttps://www.npmjs.com/~GitHub\u003c/a\u003e Actions), a new releaser for react-router since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack` from 5.84.1 to 5.104.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/releases\"\u003ewebpack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.104.1\u003c/h2\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.104.0\u003c/h2\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.103.0\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eDotenvPlugin\u003c/code\u003e and top level \u003ccode\u003edotenv\u003c/code\u003e option to enable this plugin\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eWebpackManifestPlugin\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded support the \u003ccode\u003eignoreList\u003c/code\u003e option in devtool plugins\u003c/li\u003e\n\u003cli\u003eAllow to use custom javascript parse function\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack/blob/main/CHANGELOG.md\"\u003ewebpack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.104.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e2efd21b: Reexports runtime calculation should not accessing \u003cstrong\u003eWEBPACK_IMPORT_KEY\u003c/strong\u003e decl with var.\u003c/li\u003e\n\u003cli\u003ec510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.104.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed3dd841: Use method shorthand to render module content in \u003ccode\u003e__webpack_modules__\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003ed3dd841: Enhance \u003ccode\u003eimport.meta.env\u003c/code\u003e to support object access.\u003c/li\u003e\n\u003cli\u003e4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.\u003c/li\u003e\n\u003cli\u003e04cd530: Handle more at-rules for CSS modules.\u003c/li\u003e\n\u003cli\u003ecafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added \u003ccode\u003ebase64url\u003c/code\u003e, \u003ccode\u003ebase62\u003c/code\u003e, \u003ccode\u003ebase58\u003c/code\u003e, \u003ccode\u003ebase52\u003c/code\u003e, \u003ccode\u003ebase49\u003c/code\u003e, \u003ccode\u003ebase36\u003c/code\u003e, \u003ccode\u003ebase32\u003c/code\u003e and \u003ccode\u003ebase25\u003c/code\u003e digests.\u003c/li\u003e\n\u003cli\u003e5983843: Provide a stable runtime function variable \u003ccode\u003e__webpack_global__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Improved \u003ccode\u003elocalIdentName\u003c/code\u003e hashing for CSS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e22c48fb: Added module existence check for informative error message in development mode.\u003c/li\u003e\n\u003cli\u003e50689e1: Use the fully qualified class name (or export name) for \u003ccode\u003e[fullhash]\u003c/code\u003e placeholder in CSS modules.\u003c/li\u003e\n\u003cli\u003ed3dd841: Support universal lazy compilation.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed module library export definitions when multiple runtimes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Fixed CSS nesting and CSS custom properties parsing.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't write fragment from URL to filename and apply fragment to module URL.\u003c/li\u003e\n\u003cli\u003eaab1da9: Fixed bugs for \u003ccode\u003ecss/global\u003c/code\u003e type.\u003c/li\u003e\n\u003cli\u003ed3dd841: Compatibility \u003ccode\u003eimport.meta.filename\u003c/code\u003e and \u003ccode\u003eimport.meta.dirname\u003c/code\u003e with \u003ccode\u003eeval\u003c/code\u003e devtools.\u003c/li\u003e\n\u003cli\u003ed3dd841: Handle nested \u003ccode\u003e__webpack_require__\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e728ddb7: The speed of identifier parsing has been improved.\u003c/li\u003e\n\u003cli\u003e0f8b31b: Improve types.\u003c/li\u003e\n\u003cli\u003ed3dd841: Don't corrupt \u003ccode\u003edebugId\u003c/code\u003e injection when \u003ccode\u003ehidden-source-map\u003c/code\u003e is used.\u003c/li\u003e\n\u003cli\u003e2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.\u003c/li\u003e\n\u003cli\u003ed3dd841: Serialize \u003ccode\u003eHookWebpackError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ed3dd841: Added ability to use built-in properties in dotenv and define plugin.\u003c/li\u003e\n\u003cli\u003e3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.\u003c/li\u003e\n\u003cli\u003ed3dd841: Reduce collision for local indent name in CSS.\u003c/li\u003e\n\u003cli\u003ed3dd841: Remove CSS link tags when CSS imports are removed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack/commit/24e3c2d2c9f8c6d60810302b2ea70ed86e2863dc\"\u003e\u003ccode\u003e24e3c2d\u003c/code\u003e\u003c/a\u003e chore(release): new release (\u003ca href=\"https://redirect.git...\n\n_Description has been truncated_\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nBump dependencies to improve security and script stability across the repo. The main changes upgrade `axios` to 0.30.3, `zx` to 8.8.5, and align `secp256k1` to 4.0.4 in `packages/fetch-extension`.\n\n- **Dependencies**\n  - Upgraded `axios` to `^0.30.3` in core packages (security fix for prototype pollution; stricter config merging).\n  - Upgraded `zx` to `^8.8.5` in root, `scripts/mobile-publish`, and `wallet-api-example` (safer process handling, Windows support, prevents accidental `node_modules` deletion).\n  - Set `secp256k1` to `^4.0.4` in `packages/fetch-extension` (dependency chain security fix).\n  - Regenerated lockfiles across the repo.\n\n- **Migration**\n  - Check `fetch-extension` for any usage of `axios` v1-only APIs and adjust configs that relied on merging `__proto__`.\n  - Validate publish scripts using `zx` locally and in CI to ensure expected behavior.\n\n\u003csup\u003eWritten for commit 6906c7e6a74afa3d0b0a304845f28993ddbf3033. Summary will update on new commits.\u003c/sup\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/RemyLoveLogicAI/asi-alliance-wallet/pull/85","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/RemyLoveLogicAI%2Fasi-alliance-wallet/issues/85","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/85/packages"}}]}