BREAKING CHANGE: major release on 2026-03-26 includes a migration from elastic search to open search#2636
Open
Junjiequan wants to merge 216 commits intoreleasefrom
Open
BREAKING CHANGE: major release on 2026-03-26 includes a migration from elastic search to open search#2636Junjiequan wants to merge 216 commits intoreleasefrom
Junjiequan wants to merge 216 commits intoreleasefrom
Conversation
If the time send by the client is equal to the ressource on the server, the clients updated version is based on servers version with that time. or in other words: the client has taken into account the ressource on the server b/c the client should use the timestamp received with the ressource from the server. from the RFC: > The origin server MUST NOT perform the requested method > if the selected representation's last modification date is more > recent than the date provided in the field-value Client receives t0 Client sends update w/ t0 -> OK Server is on t1 Client received t0 (previously) Client sends update w/ t0 -> FAIL Change-Id: Ibdff18c17a8b43523cec88ac8b9c16a94fd77617
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.0.10 to 25.2.0. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.2.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.0.10 to 25.2.0. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Bumps [@types/nodemailer](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/nodemailer) from 7.0.5 to 7.0.9. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/nodemailer) --- updated-dependencies: - dependency-name: "@types/nodemailer" dependency-version: 7.0.9 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [@types/nodemailer](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/nodemailer) from 7.0.5 to 7.0.9. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/nodemailer">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Bumps [globals](https://github.com/sindresorhus/globals) from 17.1.0 to 17.3.0. - [Release notes](https://github.com/sindresorhus/globals/releases) - [Commits](sindresorhus/globals@v17.1.0...v17.3.0) --- updated-dependencies: - dependency-name: globals dependency-version: 17.3.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [globals](https://github.com/sindresorhus/globals) from 17.1.0 to 17.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sindresorhus/globals/releases">globals's releases</a>.</em></p> <blockquote> <h2>v17.3.0</h2> <ul> <li>Update globals (2026-02-01) (<a href="https://redirect.github.com/sindresorhus/globals/issues/336">#336</a>) 295fba9</li> </ul> <hr /> <p><a href="https://github.com/sindresorhus/globals/compare/v17.2.0...v17.3.0">https://github.com/sindresorhus/globals/compare/v17.2.0...v17.3.0</a></p> <h2>v17.2.0</h2> <ul> <li><code>jasmine</code>: Add <code>throwUnless</code> and <code>throwUnlessAsync</code> globals (<a href="https://redirect.github.com/sindresorhus/globals/issues/335">#335</a>) 97f23a7</li> </ul> <hr /> <p><a href="https://github.com/sindresorhus/globals/compare/v17.1.0...v17.2.0">https://github.com/sindresorhus/globals/compare/v17.1.0...v17.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sindresorhus/globals/commit/5edc6020698a76964b0fa17cb604f4484451143b"><code>5edc602</code></a> 17.3.0</li> <li><a href="https://github.com/sindresorhus/globals/commit/295fba929adf8b44f945688233778a57ff754368"><code>295fba9</code></a> Update globals (2026-02-01) (<a href="https://redirect.github.com/sindresorhus/globals/issues/336">#336</a>)</li> <li><a href="https://github.com/sindresorhus/globals/commit/8176ac7290e6eb0be1403b80a4184651c4cd95f6"><code>8176ac7</code></a> 17.2.0</li> <li><a href="https://github.com/sindresorhus/globals/commit/97f23a759b37c2b6c30845cdc5172fd862d5c5e2"><code>97f23a7</code></a> <code>jasmine</code>: Add <code>throwUnless</code> and <code>throwUnlessAsync</code> globals (<a href="https://redirect.github.com/sindresorhus/globals/issues/335">#335</a>)</li> <li>See full diff in <a href="https://github.com/sindresorhus/globals/compare/v17.1.0...v17.3.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 8.53.1 to 8.54.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.54.0/packages/eslint-plugin) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.54.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
… 8.54.0 (#2516) Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 8.53.1 to 8.54.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/typescript-eslint/typescript-eslint/releases"><code>@typescript-eslint/eslint-plugin</code>'s releases</a>.</em></p> <blockquote> <h2>v8.54.0</h2> <h2>8.54.0 (2026-01-26)</h2> <h3>🚀 Features</h3> <ul> <li><strong>eslint-plugin-internal:</strong> add prefer-tsutils-methods rule (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11974">#11974</a>, <a href="https://redirect.github.com/typescript-eslint/typescript-eslint/issues/11625">#11625</a>)</li> <li><strong>scope-manager:</strong> support ScopeManager#addGlobals (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11914">#11914</a>)</li> <li><strong>typescript-estree:</strong> add shortcut methods to ParserServicesWithTypeInformation (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11965">#11965</a>, <a href="https://redirect.github.com/typescript-eslint/typescript-eslint/issues/11955">#11955</a>)</li> </ul> <h3>🩹 Fixes</h3> <ul> <li><strong>eslint-plugin:</strong> [no-unused-private-class-members] private destructured class member is defined but used (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11785">#11785</a>)</li> <li><strong>eslint-plugin:</strong> [no-unnecessary-type-assertion] check both base constraint and actual type for non-null assertions (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11967">#11967</a>, <a href="https://redirect.github.com/typescript-eslint/typescript-eslint/issues/11559">#11559</a>)</li> <li><strong>scope-manager:</strong> fix catch clause scopes <code>def.name</code> (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11982">#11982</a>)</li> <li><strong>scope-manager:</strong> prevent misidentification of <code>"use strict"</code> directives (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11995">#11995</a>)</li> <li><strong>utils:</strong> handle missing <code>FlatESLint</code> and <code>LegacyESLint</code> (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11958">#11958</a>)</li> </ul> <h3>❤️ Thank You</h3> <ul> <li>Brad Zacher <a href="https://github.com/bradzacher"><code>@bradzacher</code></a></li> <li>fnx <a href="https://github.com/DMartens"><code>@DMartens</code></a></li> <li>Francesco Trotta</li> <li>Josh Goldberg</li> <li>MinJae <a href="https://github.com/Ju-MINJAE"><code>@Ju-MINJAE</code></a></li> <li>Minyeong Kim <a href="https://github.com/minyeong981"><code>@minyeong981</code></a></li> <li>overlookmotel</li> <li>Yuya Yoshioka <a href="https://github.com/YuyaYoshioka"><code>@YuyaYoshioka</code></a></li> <li>김현수 <a href="https://github.com/Kimsoo0119"><code>@Kimsoo0119</code></a></li> </ul> <p>You can read about our <a href="https://typescript-eslint.io/users/versioning">versioning strategy</a> and <a href="https://typescript-eslint.io/users/releases">releases</a> on our website.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md"><code>@typescript-eslint/eslint-plugin</code>'s changelog</a>.</em></p> <blockquote> <h2>8.54.0 (2026-01-26)</h2> <h3>🚀 Features</h3> <ul> <li><strong>eslint-plugin-internal:</strong> add prefer-tsutils-methods rule (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11974">#11974</a>, <a href="https://redirect.github.com/typescript-eslint/typescript-eslint/issues/11625">#11625</a>)</li> <li><strong>typescript-estree:</strong> add shortcut methods to ParserServicesWithTypeInformation (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11965">#11965</a>, <a href="https://redirect.github.com/typescript-eslint/typescript-eslint/issues/11955">#11955</a>)</li> </ul> <h3>🩹 Fixes</h3> <ul> <li><strong>eslint-plugin:</strong> [no-unnecessary-type-assertion] check both base constraint and actual type for non-null assertions (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11967">#11967</a>, <a href="https://redirect.github.com/typescript-eslint/typescript-eslint/issues/11559">#11559</a>)</li> <li><strong>deps:</strong> update dependency prettier to v3.8.0 (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11991">#11991</a>)</li> <li><strong>scope-manager:</strong> fix catch clause scopes <code>def.name</code> (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11982">#11982</a>)</li> <li><strong>eslint-plugin:</strong> [no-unused-private-class-members] private destructured class member is defined but used (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11785">#11785</a>)</li> </ul> <h3>❤️ Thank You</h3> <ul> <li>Brad Zacher <a href="https://github.com/bradzacher"><code>@bradzacher</code></a></li> <li>Josh Goldberg</li> <li>MinJae <a href="https://github.com/Ju-MINJAE"><code>@Ju-MINJAE</code></a></li> <li>Minyeong Kim <a href="https://github.com/minyeong981"><code>@minyeong981</code></a></li> <li>overlookmotel</li> <li>Yuya Yoshioka <a href="https://github.com/YuyaYoshioka"><code>@YuyaYoshioka</code></a></li> <li>김현수 <a href="https://github.com/Kimsoo0119"><code>@Kimsoo0119</code></a></li> </ul> <p>You can read about our <a href="https://typescript-eslint.io/users/versioning">versioning strategy</a> and <a href="https://typescript-eslint.io/users/releases">releases</a> on our website.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/d423e57622e1c8e789a1b84109d1ab2c15497507"><code>d423e57</code></a> chore(release): publish 8.54.0</li> <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/80e33ff2fd81f88100cda942db5232851adab90e"><code>80e33ff</code></a> feat(eslint-plugin-internal): add prefer-tsutils-methods rule (<a href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin/issues/11974">#11974</a>)</li> <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/ec4f73aaae8ad3344d55e98f710e6acdd482ff19"><code>ec4f73a</code></a> feat(typescript-estree): add shortcut methods to ParserServicesWithTypeInform...</li> <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/d32f90955962cd9c0968ed6f675d52fc80059496"><code>d32f909</code></a> test(eslint-plugin): skip rules tests in windows ci (<a href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin/issues/11988">#11988</a>)</li> <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/17fa993c2de60b9837658360af786a42e51de4ab"><code>17fa993</code></a> test(eslint-plugin): improve vitest performance with isolate: false (<a href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin/issues/11754">#11754</a>)</li> <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/1c66ab44c407cf05462d2344b37c09b507ea8052"><code>1c66ab4</code></a> fix(eslint-plugin): [no-unnecessary-type-assertion] check both base constrain...</li> <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/aaa7ca2d6afd8def8cf9d01d0d9deedd38ae1495"><code>aaa7ca2</code></a> fix(deps): update dependency prettier to v3.8.0 (<a href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin/issues/11991">#11991</a>)</li> <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/d50aa1899ff83254056320c5313a5c041f465afb"><code>d50aa18</code></a> fix(scope-manager): fix catch clause scopes <code>def.name</code> (<a href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin/issues/11982">#11982</a>)</li> <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/4c0b37964eac642cf54a3a76723531c2f468183c"><code>4c0b379</code></a> fix(eslint-plugin): [no-unused-private-class-members] private destructured cl...</li> <li>See full diff in <a href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.54.0/packages/eslint-plugin">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Bumps [nodemailer](https://github.com/nodemailer/nodemailer) and [preview-email](https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript). These dependencies needed to be updated together. Updates `nodemailer` from 6.10.0 to 7.0.11 - [Release notes](https://github.com/nodemailer/nodemailer/releases) - [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md) - [Commits](nodemailer/nodemailer@v6.10.0...v7.0.11) Updates `preview-email` from 3.1.0 to 3.1.1 - [Release notes](https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/releases) - [Commits](forwardemail/preview-email@v3.1.0...v3.1.1) --- updated-dependencies: - dependency-name: nodemailer dependency-version: 7.0.11 dependency-type: indirect - dependency-name: preview-email dependency-version: 3.1.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [nodemailer](https://github.com/nodemailer/nodemailer) and [preview-email](https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript). These dependencies needed to be updated together. Updates `nodemailer` from 6.10.0 to 7.0.11 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nodemailer/nodemailer/releases">nodemailer's releases</a>.</em></p> <blockquote> <h2>v7.0.11</h2> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v7.0.10...v7.0.11">7.0.11</a> (2025-11-26)</h2> <h3>Bug Fixes</h3> <ul> <li>prevent stack overflow DoS in addressparser with deeply nested groups (<a href="https://github.com/nodemailer/nodemailer/commit/b61b9c0cfd682b6f647754ca338373b68336a150">b61b9c0</a>)</li> </ul> <h2>v7.0.10</h2> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v7.0.9...v7.0.10">7.0.10</a> (2025-10-23)</h2> <h3>Bug Fixes</h3> <ul> <li>Increase data URI size limit from 100KB to 50MB and preserve content type (<a href="https://github.com/nodemailer/nodemailer/commit/28dbf3fe129653f5756c150a98dc40593bfb2cfe">28dbf3f</a>)</li> </ul> <h2>v7.0.9</h2> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v7.0.8...v7.0.9">7.0.9</a> (2025-10-07)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>release:</strong> Trying to fix release proecess by upgrading Node version in runner (<a href="https://github.com/nodemailer/nodemailer/commit/579fce4683eb588891613a6c9a00d8092e8c62d1">579fce4</a>)</li> </ul> <h2>v7.0.8</h2> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v7.0.7...v7.0.8">7.0.8</a> (2025-10-07)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>addressparser:</strong> flatten nested groups per RFC 5322 (<a href="https://github.com/nodemailer/nodemailer/commit/8f8a77c67f0ba94ddf4e16c68f604a5920fb5d26">8f8a77c</a>)</li> </ul> <h2>v7.0.7</h2> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v7.0.6...v7.0.7">7.0.7</a> (2025-10-05)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>addressparser:</strong> Fixed addressparser handling of quoted nested email addresses (<a href="https://github.com/nodemailer/nodemailer/commit/1150d99fba77280df2cfb1885c43df23109a8626">1150d99</a>)</li> <li><strong>dns:</strong> add memory leak prevention for DNS cache (<a href="https://github.com/nodemailer/nodemailer/commit/0240d6795ded6d8008d102161a729f120b6d786a">0240d67</a>)</li> <li><strong>linter:</strong> Updated eslint and created prettier formatting task (<a href="https://github.com/nodemailer/nodemailer/commit/df13b7487e368acded35e45d0887d23c89c9177a">df13b74</a>)</li> <li>refresh expired DNS cache on error (<a href="https://redirect.github.com/nodemailer/nodemailer/issues/1759">#1759</a>) (<a href="https://github.com/nodemailer/nodemailer/commit/ea0fc5a6633a3546f4b00fcf2f428e9ca732cdb6">ea0fc5a</a>)</li> <li>resolve linter errors in DNS cache tests (<a href="https://github.com/nodemailer/nodemailer/commit/3b8982c1f24508089a8757b74039000a4498b158">3b8982c</a>)</li> </ul> <h2>v7.0.6</h2> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v7.0.5...v7.0.6">7.0.6</a> (2025-08-27)</h2> <h3>Bug Fixes</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md">nodemailer's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v7.0.10...v7.0.11">7.0.11</a> (2025-11-26)</h2> <h3>Bug Fixes</h3> <ul> <li>prevent stack overflow DoS in addressparser with deeply nested groups (<a href="https://github.com/nodemailer/nodemailer/commit/b61b9c0cfd682b6f647754ca338373b68336a150">b61b9c0</a>)</li> </ul> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v7.0.9...v7.0.10">7.0.10</a> (2025-10-23)</h2> <h3>Bug Fixes</h3> <ul> <li>Increase data URI size limit from 100KB to 50MB and preserve content type (<a href="https://github.com/nodemailer/nodemailer/commit/28dbf3fe129653f5756c150a98dc40593bfb2cfe">28dbf3f</a>)</li> </ul> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v7.0.8...v7.0.9">7.0.9</a> (2025-10-07)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>release:</strong> Trying to fix release proecess by upgrading Node version in runner (<a href="https://github.com/nodemailer/nodemailer/commit/579fce4683eb588891613a6c9a00d8092e8c62d1">579fce4</a>)</li> </ul> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v7.0.7...v7.0.8">7.0.8</a> (2025-10-07)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>addressparser:</strong> flatten nested groups per RFC 5322 (<a href="https://github.com/nodemailer/nodemailer/commit/8f8a77c67f0ba94ddf4e16c68f604a5920fb5d26">8f8a77c</a>)</li> </ul> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v7.0.6...v7.0.7">7.0.7</a> (2025-10-05)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>addressparser:</strong> Fixed addressparser handling of quoted nested email addresses (<a href="https://github.com/nodemailer/nodemailer/commit/1150d99fba77280df2cfb1885c43df23109a8626">1150d99</a>)</li> <li><strong>dns:</strong> add memory leak prevention for DNS cache (<a href="https://github.com/nodemailer/nodemailer/commit/0240d6795ded6d8008d102161a729f120b6d786a">0240d67</a>)</li> <li><strong>linter:</strong> Updated eslint and created prettier formatting task (<a href="https://github.com/nodemailer/nodemailer/commit/df13b7487e368acded35e45d0887d23c89c9177a">df13b74</a>)</li> <li>refresh expired DNS cache on error (<a href="https://redirect.github.com/nodemailer/nodemailer/issues/1759">#1759</a>) (<a href="https://github.com/nodemailer/nodemailer/commit/ea0fc5a6633a3546f4b00fcf2f428e9ca732cdb6">ea0fc5a</a>)</li> <li>resolve linter errors in DNS cache tests (<a href="https://github.com/nodemailer/nodemailer/commit/3b8982c1f24508089a8757b74039000a4498b158">3b8982c</a>)</li> </ul> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v7.0.5...v7.0.6">7.0.6</a> (2025-08-27)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>encoder:</strong> avoid silent data loss by properly flushing trailing base64 (<a href="https://redirect.github.com/nodemailer/nodemailer/issues/1747">#1747</a>) (<a href="https://github.com/nodemailer/nodemailer/commit/01ae76f2cfe991c0c3fe80170f236da60531496b">01ae76f</a>)</li> <li>handle multiple XOAUTH2 token requests correctly (<a href="https://redirect.github.com/nodemailer/nodemailer/issues/1754">#1754</a>) (<a href="https://github.com/nodemailer/nodemailer/commit/dbe00286351cddf012726a41a96ae613d30a34ee">dbe0028</a>)</li> <li>ReDoS vulnerability in parseDataURI and _processDataUrl (<a href="https://redirect.github.com/nodemailer/nodemailer/issues/1755">#1755</a>) (<a href="https://github.com/nodemailer/nodemailer/commit/90b3e24d23929ebf9f4e16261049b40ee4055a39">90b3e24</a>)</li> </ul> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v7.0.4...v7.0.5">7.0.5</a> (2025-07-07)</h2> <h3>Bug Fixes</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nodemailer/nodemailer/commit/3d17dbec49ab3e3f0e13e62871e5534be5b99994"><code>3d17dbe</code></a> chore(master): release 7.0.11 (<a href="https://redirect.github.com/nodemailer/nodemailer/issues/1783">#1783</a>)</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/15879f8bd5a94fe608fd7cf1d3142de14527eadf"><code>15879f8</code></a> Bumped dev dependencies</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/b61b9c0cfd682b6f647754ca338373b68336a150"><code>b61b9c0</code></a> fix: prevent stack overflow DoS in addressparser with deeply nested groups</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/4175e4baf92ffc4e20791a11fc0886025228a2ac"><code>4175e4b</code></a> chore(master): release 7.0.10 (<a href="https://redirect.github.com/nodemailer/nodemailer/issues/1776">#1776</a>)</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/d882ccfe8d37723e7017c1966608dcf8217d8a82"><code>d882ccf</code></a> Merge branch 'master' of github.com:nodemailer/nodemailer</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/1d7e4f786bccdc3e0a1bf0140d07ce5aaf29d82a"><code>1d7e4f7</code></a> Bumped deps</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/10bd871656b331a674feabbcfc1d6363918cb244"><code>10bd871</code></a> chore: correct typo in variable name (<a href="https://redirect.github.com/nodemailer/nodemailer/issues/1773">#1773</a>)</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/28dbf3fe129653f5756c150a98dc40593bfb2cfe"><code>28dbf3f</code></a> fix: Increase data URI size limit from 100KB to 50MB and preserve content type</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/92ae1c49e3a33767996db9ddfd04784a7b9595d7"><code>92ae1c4</code></a> chore(master): release 7.0.9 (<a href="https://redirect.github.com/nodemailer/nodemailer/issues/1769">#1769</a>)</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/c675d9e7e57d0d90bde7d71afb0b2739fc071233"><code>c675d9e</code></a> Merge branch 'master' of github.com:nodemailer/nodemailer</li> <li>Additional commits viewable in <a href="https://github.com/nodemailer/nodemailer/compare/v6.10.0...v7.0.11">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by [GitHub Actions](<a href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a> Actions), a new releaser for nodemailer since your current version.</p> </details> <br /> Updates `preview-email` from 3.1.0 to 3.1.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/releases">preview-email's releases</a>.</em></p> <blockquote> <h2>v3.1.1</h2> <ul> <li>chore: bump deps 3ea02be</li> <li>Merge pull request <a href="https://redirect.github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/issues/48">#48</a> from vineet-gandhi-scaletech/master 04a82ba</li> <li>chore(bump): nodemailer dependency 9adfc0c</li> <li>Merge pull request <a href="https://redirect.github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/issues/45">#45</a> from hamirmahal/fix/usage-of-deprecated-versions-of-nodejs-in-ci b8aa6d1</li> <li>fix: usage of <code>deprecated</code> versions of <code>Node.js</code> 6d5a09f</li> </ul> <hr /> <p><a href="https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/compare/v3.1.0...v3.1.1">https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/compare/v3.1.0...v3.1.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/forwardemail/preview-email/commit/d311f99d9a94fab0ba0ce56b9893e72b35385205"><code>d311f99</code></a> 3.1.1</li> <li><a href="https://github.com/forwardemail/preview-email/commit/3ea02be403fbc70674f4fc03630de88aa85f7fdf"><code>3ea02be</code></a> chore: bump deps</li> <li><a href="https://github.com/forwardemail/preview-email/commit/04a82ba8eff7688a67c729e4ad32a95b5765e989"><code>04a82ba</code></a> Merge pull request <a href="https://redirect.github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/issues/48">#48</a> from vineet-gandhi-scaletech/master</li> <li><a href="https://github.com/forwardemail/preview-email/commit/9adfc0c642d31b12f5b4c20e88a2f98c9eba7a62"><code>9adfc0c</code></a> chore(bump): nodemailer dependency</li> <li><a href="https://github.com/forwardemail/preview-email/commit/b8aa6d12f5f3423ec53951958b8510c0ee67c698"><code>b8aa6d1</code></a> Merge pull request <a href="https://redirect.github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/issues/45">#45</a> from hamirmahal/fix/usage-of-deprecated-versions-of-no...</li> <li><a href="https://github.com/forwardemail/preview-email/commit/6d5a09f76cc94d7fd4778c0718674f614ca42a77"><code>6d5a09f</code></a> fix: usage of <code>deprecated</code> versions of <code>Node.js</code></li> <li>See full diff in <a href="https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/compare/v3.1.0...v3.1.1">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/SciCatProject/scicat-backend-next/network/alerts). </details>
Bumps @isaacs/brace-expansion from 5.0.0 to 5.0.1. --- updated-dependencies: - dependency-name: "@isaacs/brace-expansion" dependency-version: 5.0.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps @isaacs/brace-expansion from 5.0.0 to 5.0.1. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/SciCatProject/scicat-backend-next/network/alerts). </details>
* encoding/decoding for samples metadata keys * eslint fix * updated tests * eslint fix x2 * reverted back the generator-tag for openapitools-generator * reverts the change about openapi-generators * encoding/decoding for samples metadata keys * eslint fix * updated tests * eslint fix x2 * reverted back the generator-tag for openapitools-generator * reverts the change about openapi-generators * using bulkWrite for sample and dataset migration scripts * using serializer instead of plainToInstance * wip: fixing test * fixed test --------- Co-authored-by: Abdi Abdulle <abdi.abdulle@ess.eu>
…2521) fix(legacy-history): pass plain js object instead of mongoose document to convertGenericToObsoleteHistories
…2513) * added documentation for frontend config flags * changed from flags to options * changed proposalDefaultTab to defaultTab and also updated the document
set proposal default tab to details
* First draft of schema and dto for metadata keys * Added template for module, controller and service * fix lint and import url * added controller & dto * some lint fix * added migration script * improve migration script * add casl-ability for metadata-key and add missing fields for dto and schema * fix wrong swagger response type for attachment v4 endpoint * added findAll endpoint with casl ability * remove create, update, delete abilities for metadataKeys * remove corresponding action enum from the above commit * fix ApiResponse type for attachment and metadatakeys controller * update default frontend config for more compact table content * add access logic * integrate metadataKeys service with dataset * unit test fix * fix unit test * updated documentation * cleanup unused import * fix typo * create metadatakeys for dataset, instrument, proposal and samples * fix unit test * add unit tests for metadatakeys v4 * refactor metadatakeys service unit test to make it readable * add api test * fix api test * test1 * test2 * test * fix metadatakey api test --------- Co-authored-by: junjiequan <a331998513@gmail.com>
Bumps [axios](https://github.com/axios/axios) from 1.13.2 to 1.13.5. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.13.2...v1.13.5) --- updated-dependencies: - dependency-name: axios dependency-version: 1.13.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [axios](https://github.com/axios/axios) from 1.13.2 to 1.13.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/axios/axios/releases">axios's releases</a>.</em></p> <blockquote> <h2>v1.13.5</h2> <h2>Release 1.13.5</h2> <h3>Highlights</h3> <ul> <li><strong>Security:</strong> Fixed a potential <strong>Denial of Service</strong> issue involving the <code>__proto__</code> key in <code>mergeConfig</code>. (PR <a href="https://redirect.github.com/axios/axios/pull/7369">#7369</a>)</li> <li><strong>Bug fix:</strong> Resolved an issue where <code>AxiosError</code> could be missing the <code>status</code> field on and after <strong>v1.13.3</strong>. (PR <a href="https://redirect.github.com/axios/axios/pull/7368">#7368</a>)</li> </ul> <h3>Changes</h3> <h4>Security</h4> <ul> <li>Fix Denial of Service via <code>__proto__</code> key in <code>mergeConfig</code>. (PR <a href="https://redirect.github.com/axios/axios/pull/7369">#7369</a>)</li> </ul> <h4>Fixes</h4> <ul> <li>Fix/5657. (PR <a href="https://redirect.github.com/axios/axios/pull/7313">#7313</a>)</li> <li>Ensure <code>status</code> is present in <code>AxiosError</code> on and after v1.13.3. (PR <a href="https://redirect.github.com/axios/axios/pull/7368">#7368</a>)</li> </ul> <h4>Features / Improvements</h4> <ul> <li>Add input validation to <code>isAbsoluteURL</code>. (PR <a href="https://redirect.github.com/axios/axios/pull/7326">#7326</a>)</li> <li>Refactor: bump minor package versions. (PR <a href="https://redirect.github.com/axios/axios/pull/7356">#7356</a>)</li> </ul> <h4>Documentation</h4> <ul> <li>Clarify object-check comment. (PR <a href="https://redirect.github.com/axios/axios/pull/7323">#7323</a>)</li> <li>Fix deprecated <code>Buffer</code> constructor usage and README formatting. (PR <a href="https://redirect.github.com/axios/axios/pull/7371">#7371</a>)</li> </ul> <h4>CI / Maintenance</h4> <ul> <li>Chore: fix issues with YAML. (PR <a href="https://redirect.github.com/axios/axios/pull/7355">#7355</a>)</li> <li>CI: update workflow YAMLs. (PR <a href="https://redirect.github.com/axios/axios/pull/7372">#7372</a>)</li> <li>CI: fix run condition. (PR <a href="https://redirect.github.com/axios/axios/pull/7373">#7373</a>)</li> <li>Dev deps: bump <code>karma-sourcemap-loader</code> from 0.3.8 to 0.4.0. (PR <a href="https://redirect.github.com/axios/axios/pull/7360">#7360</a>)</li> <li>Chore(release): prepare release 1.13.5. (PR <a href="https://redirect.github.com/axios/axios/pull/7379">#7379</a>)</li> </ul> <h3>New Contributors</h3> <ul> <li><a href="https://github.com/sachin11063"><code>@sachin11063</code></a> (first contribution — PR <a href="https://redirect.github.com/axios/axios/pull/7323">#7323</a>)</li> <li><a href="https://github.com/asmitha-16"><code>@asmitha-16</code></a> (first contribution — PR <a href="https://redirect.github.com/axios/axios/pull/7326">#7326</a>)</li> </ul> <p><strong>Full Changelog:</strong> <a href="https://github.com/axios/axios/compare/v1.13.4...v1.13.5">https://github.com/axios/axios/compare/v1.13.4...v1.13.5</a></p> <h2>v1.13.4</h2> <h2>Overview</h2> <p>The release addresses issues discovered in v1.13.3 and includes significant CI/CD improvements.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/axios/axios/compare/v1.13.3...v1.13.4">v1.13.3...v1.13.4</a></p> <h2>What's New in v1.13.4</h2> <h3>Bug Fixes</h3> <ul> <li><strong>fix: issues with version 1.13.3</strong> (<a href="https://redirect.github.com/axios/axios/issues/7352">#7352</a>) (<a href="https://github.com/axios/axios/commit/ee90dfc28abffbb61e24974b2bd3139a4a40ac76">ee90dfc</a>) <ul> <li>Fixed issues discovered in v1.13.3 release</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/axios/axios/blob/v1.x/CHANGELOG.md">axios's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2><a href="https://github.com/axios/axios/compare/v1.13.2...v1.13.3">1.13.3</a> (2026-01-20)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>http2:</strong> Use port 443 for HTTPS connections by default. (<a href="https://redirect.github.com/axios/axios/issues/7256">#7256</a>) (<a href="https://github.com/axios/axios/commit/d7e60653460480ffacecf85383012ca1baa6263e">d7e6065</a>)</li> <li><strong>interceptor:</strong> handle the error in the same interceptor (<a href="https://redirect.github.com/axios/axios/issues/6269">#6269</a>) (<a href="https://github.com/axios/axios/commit/5945e40bb171d4ac4fc195df276cf952244f0f89">5945e40</a>)</li> <li>main field in package.json should correspond to cjs artifacts (<a href="https://redirect.github.com/axios/axios/issues/5756">#5756</a>) (<a href="https://github.com/axios/axios/commit/7373fbff24cd92ce650d99ff6f7fe08c2e2a0a04">7373fbf</a>)</li> <li><strong>package.json:</strong> add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (<a href="https://redirect.github.com/axios/axios/issues/5754">#5754</a>) (<a href="https://github.com/axios/axios/commit/b89217e3e91de17a3d55e2b8f39ceb0e9d8aeda8">b89217e</a>)</li> <li>silentJSONParsing=false should throw on invalid JSON (<a href="https://redirect.github.com/axios/axios/issues/7253">#7253</a>) (<a href="https://redirect.github.com/axios/axios/issues/7257">#7257</a>) (<a href="https://github.com/axios/axios/commit/7d19335e43d6754a1a9a66e424f7f7da259895bf">7d19335</a>)</li> <li>turn AxiosError into a native error (<a href="https://redirect.github.com/axios/axios/issues/5394">#5394</a>) (<a href="https://redirect.github.com/axios/axios/issues/5558">#5558</a>) (<a href="https://github.com/axios/axios/commit/1c6a86dd2c0623ee1af043a8491dbc96d40e883b">1c6a86d</a>)</li> <li><strong>types:</strong> add handlers to AxiosInterceptorManager interface (<a href="https://redirect.github.com/axios/axios/issues/5551">#5551</a>) (<a href="https://github.com/axios/axios/commit/8d1271b49fc226ed7defd07cd577bd69a55bb13a">8d1271b</a>)</li> <li><strong>types:</strong> restore AxiosError.cause type from unknown to Error (<a href="https://redirect.github.com/axios/axios/issues/7327">#7327</a>) (<a href="https://github.com/axios/axios/commit/d8233d9e8e9a64bfba9bbe01d475ba417510b82b">d8233d9</a>)</li> <li>unclear error message is thrown when specifying an empty proxy authorization (<a href="https://redirect.github.com/axios/axios/issues/6314">#6314</a>) (<a href="https://github.com/axios/axios/commit/6ef867e684adf7fb2343e3b29a79078a3c76dc29">6ef867e</a>)</li> </ul> <h3>Features</h3> <ul> <li>add <code>undefined</code> as a value in AxiosRequestConfig (<a href="https://redirect.github.com/axios/axios/issues/5560">#5560</a>) (<a href="https://github.com/axios/axios/commit/095033c626895ecdcda2288050b63dcf948db3bd">095033c</a>)</li> <li>add automatic minor and patch upgrades to dependabot (<a href="https://redirect.github.com/axios/axios/issues/6053">#6053</a>) (<a href="https://github.com/axios/axios/commit/65a7584eda6164980ddb8cf5372f0afa2a04c1ed">65a7584</a>)</li> <li>add Node.js coverage script using c8 (closes <a href="https://redirect.github.com/axios/axios/issues/7289">#7289</a>) (<a href="https://redirect.github.com/axios/axios/issues/7294">#7294</a>) (<a href="https://github.com/axios/axios/commit/ec9d94e9f88da13e9219acadf65061fb38ce080a">ec9d94e</a>)</li> <li>added copilot instructions (<a href="https://github.com/axios/axios/commit/3f83143bfe617eec17f9d7dcf8bafafeeae74c26">3f83143</a>)</li> <li>compatibility with frozen prototypes (<a href="https://redirect.github.com/axios/axios/issues/6265">#6265</a>) (<a href="https://github.com/axios/axios/commit/860e03396a536e9b926dacb6570732489c9d7012">860e033</a>)</li> <li>enhance pipeFileToResponse with error handling (<a href="https://redirect.github.com/axios/axios/issues/7169">#7169</a>) (<a href="https://github.com/axios/axios/commit/88d78842541610692a04282233933d078a8a2552">88d7884</a>)</li> <li><strong>types:</strong> Intellisense for string literals in a widened union (<a href="https://redirect.github.com/axios/axios/issues/6134">#6134</a>) (<a href="https://github.com/axios/axios/commit/f73474d02c5aa957b2daeecee65508557fd3c6e5">f73474d</a>), closes <a href="https://redirect.github.com//redirect.github.com/microsoft/TypeScript/issues/33471/issues/issuecomment-1376364329">microsoft/TypeScript#33471</a></li> </ul> <h3>Reverts</h3> <ul> <li>Revert "fix: silentJSONParsing=false should throw on invalid JSON (<a href="https://redirect.github.com/axios/axios/issues/7253">#7253</a>) (<a href="https://redirect.github.com/axios/axios/issues/7">#7</a>…" (<a href="https://redirect.github.com/axios/axios/issues/7298">#7298</a>) (<a href="https://github.com/axios/axios/commit/a4230f5581b3f58b6ff531b6dbac377a4fd7942a">a4230f5</a>), closes <a href="https://redirect.github.com/axios/axios/issues/7253">#7253</a> <a href="https://redirect.github.com/axios/axios/issues/7">#7</a> <a href="https://redirect.github.com/axios/axios/issues/7298">#7298</a></li> <li><strong>deps:</strong> bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (<a href="https://redirect.github.com/axios/axios/issues/7334">#7334</a>) (<a href="https://github.com/axios/axios/commit/2d6ad5e48bd29b0b2b5e7e95fb473df98301543a">2d6ad5e</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/ashvin2005" title="+1752/-4 ([#7218](axios/axios#7218) [#7218](axios/axios#7218) )">Ashvin Tiwari</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/mochinikunj" title="+940/-12 ([#7294](axios/axios#7294) [#7294](axios/axios#7294) )">Nikunj Mochi</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/imanchalsingh" title="+544/-102 ([#7169](axios/axios#7169) [#7185](axios/axios#7185) )">Anchal Singh</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman" title="+317/-73 ([#7334](axios/axios#7334) [#7298](axios/axios#7298) )">jasonsaayman</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/brodo" title="+99/-120 ([#5558](axios/axios#5558) )">Julian Dax</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/AKASHDHARDUBEY" title="+167/-0 ([#7287](axios/axios#7287) [#7288](axios/axios#7288) )">Akash Dhar Dubey</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/madhumitaaa" title="+20/-68 ([#7198](axios/axios#7198) )">Madhumita</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/Tackoil" title="+80/-2 ([#6269](axios/axios#6269) )">Tackoil</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/justindhillon" title="+41/-41 ([#6324](axios/axios#6324) [#6315](axios/axios#6315) )">Justin Dhillon</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/Rudrxxx" title="+71/-2 ([#7257](axios/axios#7257) )">Rudransh</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/WuMingDao" title="+36/-36 ([#7215](axios/axios#7215) )">WuMingDao</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/codenomnom" title="+70/-0 ([#7201](axios/axios#7201) [#7201](axios/axios#7201) )">codenomnom</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/Nandann018-ux" title="+60/-10 ([#7272](axios/axios#7272) )">Nandan Acharya</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/KernelDeimos" title="+22/-40 ([#7042](axios/axios#7042) )">Eric Dubé</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/tiborpilz" title="+40/-4 ([#5551](axios/axios#5551) )">Tibor Pilz</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/joaoGabriel55" title="+31/-4 ([#6314](axios/axios#6314) )">Gabriel Quaresma</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/turadg" title="+23/-6 ([#6265](axios/axios#6265) )">Turadg Aleahmad</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/axios/axios/commit/29f75425f0c9f73021f5eedc869c176e30e05fe7"><code>29f7542</code></a> chore(release): prepare release 1.13.5 (<a href="https://redirect.github.com/axios/axios/issues/7379">#7379</a>)</li> <li><a href="https://github.com/axios/axios/commit/431c3a361490a2e3d5ac5d9e08d66d4bb5f3cd2a"><code>431c3a3</code></a> ci: fix run condition (<a href="https://redirect.github.com/axios/axios/issues/7373">#7373</a>)</li> <li><a href="https://github.com/axios/axios/commit/9ff3a78ad72ecd665a4b673686f1517d824284bf"><code>9ff3a78</code></a> ci: update ymls (<a href="https://redirect.github.com/axios/axios/issues/7372">#7372</a>)</li> <li><a href="https://github.com/axios/axios/commit/265b71234c20fabbd6d691858c65a7e9c978659f"><code>265b712</code></a> docs: fix deprecated Buffer constructor and formatting issues in README (<a href="https://redirect.github.com/axios/axios/issues/7371">#7371</a>)</li> <li><a href="https://github.com/axios/axios/commit/475e75a260668d227aec9f77735a49748c9041ff"><code>475e75a</code></a> feat: add input validation to isAbsoluteURL (<a href="https://redirect.github.com/axios/axios/issues/7326">#7326</a>)</li> <li><a href="https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57"><code>28c7215</code></a> fix: Denial of Service via <strong>proto</strong> Key in mergeConfig (<a href="https://redirect.github.com/axios/axios/issues/7369">#7369</a>)</li> <li><a href="https://github.com/axios/axios/commit/04cf01969ed58f96920da032f340bfe4614aab90"><code>04cf019</code></a> docs: clarify object check comment (<a href="https://redirect.github.com/axios/axios/issues/7323">#7323</a>)</li> <li><a href="https://github.com/axios/axios/commit/696fa753c5366afbd21859c294c64c9ff2b359ab"><code>696fa75</code></a> fix: status is missing in AxiosError on and after v1.13.3 (<a href="https://redirect.github.com/axios/axios/issues/7368">#7368</a>)</li> <li><a href="https://github.com/axios/axios/commit/569f028a5878faaec8d7d138ba686aac407bda4c"><code>569f028</code></a> fix: added a option to choose between legacy and the new request/response int...</li> <li><a href="https://github.com/axios/axios/commit/44b7c9f0c4900fd8784f18e871199402f07fc69f"><code>44b7c9f</code></a> chore(deps-dev): bump karma-sourcemap-loader (<a href="https://redirect.github.com/axios/axios/issues/7360">#7360</a>)</li> <li>Additional commits viewable in <a href="https://github.com/axios/axios/compare/v1.13.2...v1.13.5">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by [GitHub Actions](<a href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a> Actions), a new releaser for axios since your current version.</p> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/SciCatProject/scicat-backend-next/network/alerts). </details>
…#2652) Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 8.57.2 to 8.58.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/typescript-eslint/typescript-eslint/releases"><code>@typescript-eslint/parser</code>'s releases</a>.</em></p> <blockquote> <h2>v8.58.0</h2> <h2>8.58.0 (2026-03-30)</h2> <h3>🚀 Features</h3> <ul> <li>support TypeScript 6 (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12124">#12124</a>)</li> </ul> <h3>🩹 Fixes</h3> <ul> <li><strong>eslint-plugin:</strong> crash in <code>no-unnecessary-type-arguments</code> (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12163">#12163</a>)</li> <li><strong>eslint-plugin:</strong> [no-extraneous-class] handle index signatures (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12142">#12142</a>)</li> <li><strong>eslint-plugin:</strong> [prefer-regexp-exec] avoid fixing unknown RegExp flags (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12161">#12161</a>)</li> </ul> <h3>❤️ Thank You</h3> <ul> <li>ej shafran <a href="https://github.com/ej-shafran"><code>@ej-shafran</code></a></li> <li>Evyatar Daud <a href="https://github.com/StyleShit"><code>@StyleShit</code></a></li> <li>GG ZIBLAKING</li> <li>milkboy2564 <a href="https://github.com/SeolJaeHyeok"><code>@SeolJaeHyeok</code></a></li> <li>teee32 <a href="https://github.com/teee32"><code>@teee32</code></a></li> </ul> <p>See <a href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.58.0">GitHub Releases</a> for more information.</p> <p>You can read about our <a href="https://typescript-eslint.io/users/versioning">versioning strategy</a> and <a href="https://typescript-eslint.io/users/releases">releases</a> on our website.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md"><code>@typescript-eslint/parser</code>'s changelog</a>.</em></p> <blockquote> <h2>8.58.0 (2026-03-30)</h2> <h3>🚀 Features</h3> <ul> <li>support TypeScript 6 (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12124">#12124</a>)</li> </ul> <h3>❤️ Thank You</h3> <ul> <li>Evyatar Daud <a href="https://github.com/StyleShit"><code>@StyleShit</code></a></li> </ul> <p>See <a href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.58.0">GitHub Releases</a> for more information.</p> <p>You can read about our <a href="https://typescript-eslint.io/users/versioning">versioning strategy</a> and <a href="https://typescript-eslint.io/users/releases">releases</a> on our website.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/493341709fe7d1d6433332b7bd2724e3332c7cdf"><code>4933417</code></a> chore(release): publish 8.58.0</li> <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/8cde2d06fb9bc591a4c93452509ddbd600c76a35"><code>8cde2d0</code></a> feat: support TypeScript 6 (<a href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser/issues/12124">#12124</a>)</li> <li>See full diff in <a href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.0/packages/parser">compare view</a></li> </ul> </details> <br />
Bumps [amqplib](https://github.com/amqp-node/amqplib) from 1.0.2 to 1.0.3. - [Release notes](https://github.com/amqp-node/amqplib/releases) - [Changelog](https://github.com/amqp-node/amqplib/blob/main/CHANGELOG.md) - [Commits](amqp-node/amqplib@v1.0.2...v1.0.3) --- updated-dependencies: - dependency-name: amqplib dependency-version: 1.0.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [amqplib](https://github.com/amqp-node/amqplib) from 1.0.2 to 1.0.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/amqp-node/amqplib/blob/main/CHANGELOG.md">amqplib's changelog</a>.</em></p> <blockquote> <h2>v1.0.3</h2> <ul> <li>Fix AssertionError crash when backpressure occurs while draining newStreams in Mux (fixes <a href="https://redirect.github.com/amqp-node/amqplib/issues/841">#841</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/amqp-node/amqplib/commit/6a1e54feb285449554b4af6422ca1bc00415da9a"><code>6a1e54f</code></a> 1.0.3</li> <li><a href="https://github.com/amqp-node/amqplib/commit/c20957dc0db7de04eda9cf681fc0c6de8c3bea6f"><code>c20957d</code></a> Update changelog in preparation for v1.0.3</li> <li><a href="https://github.com/amqp-node/amqplib/commit/45100f79424cc2ea4651dbdcf60608333aac81fe"><code>45100f7</code></a> Fix AssertionError crash when backpressure empties newStreams in Mux</li> <li>See full diff in <a href="https://github.com/amqp-node/amqplib/compare/v1.0.2...v1.0.3">compare view</a></li> </ul> </details> <br />
Bumps [dotenv](https://github.com/motdotla/dotenv) from 17.3.1 to 17.4.1. - [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md) - [Commits](motdotla/dotenv@v17.3.1...v17.4.1) --- updated-dependencies: - dependency-name: dotenv dependency-version: 17.4.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [dotenv](https://github.com/motdotla/dotenv) from 17.3.1 to 17.4.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md">dotenv's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/motdotla/dotenv/compare/v17.4.0...v17.4.1">17.4.1</a> (2026-04-05)</h2> <h3>Changed</h3> <ul> <li>Change text <code>injecting</code> to <code>injected</code> (<a href="https://redirect.github.com/motdotla/dotenv/pull/1005">#1005</a>)</li> </ul> <h2><a href="https://github.com/motdotla/dotenv/compare/v17.3.1...v17.4.0">17.4.0</a> (2026-04-01)</h2> <h3>Added</h3> <ul> <li>Add <code>skills/</code> folder with focused agent skills: <code>skills/dotenv/SKILL.md</code> (core usage) and <code>skills/dotenvx/SKILL.md</code> (encryption, multiple environments, variable expansion) for AI coding agent discovery via the skills.sh ecosystem (<code>npx skills add motdotla/dotenv</code>)</li> </ul> <h3>Changed</h3> <ul> <li>Tighten up logs: <code>◇ injecting env (14) from .env</code> (<a href="https://redirect.github.com/motdotla/dotenv/pull/1003">#1003</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/motdotla/dotenv/commit/48aa216de16846724e7bc80756fd42745116e4aa"><code>48aa216</code></a> 17.4.1</li> <li><a href="https://github.com/motdotla/dotenv/commit/e4282b0286703784f4c5f7fda6c0e30739aead77"><code>e4282b0</code></a> changelog 🪵</li> <li><a href="https://github.com/motdotla/dotenv/commit/c540e75d3cfde551865be9bdcb0218fbfffc9229"><code>c540e75</code></a> Merge pull request <a href="https://redirect.github.com/motdotla/dotenv/issues/1006">#1006</a> from motdotla/skills-update</li> <li><a href="https://github.com/motdotla/dotenv/commit/5626f9b07e49a353b1fdf35077ea58d1d080cbdc"><code>5626f9b</code></a> dotenvx skill</li> <li><a href="https://github.com/motdotla/dotenv/commit/2411f2a61b0c957b0756942c2d6e4ba572e0fd3d"><code>2411f2a</code></a> update dotenvx skill</li> <li><a href="https://github.com/motdotla/dotenv/commit/1e08a70b6e5a5e55d974a46bca87bd35cf3807e4"><code>1e08a70</code></a> simplify dotenv skill</li> <li><a href="https://github.com/motdotla/dotenv/commit/747f4171feb7364993465915a8cd8929cef0e0cb"><code>747f417</code></a> Merge pull request <a href="https://redirect.github.com/motdotla/dotenv/issues/1005">#1005</a> from motdotla/injected</li> <li><a href="https://github.com/motdotla/dotenv/commit/271df30f90869c04c666d8652895a909c097fea7"><code>271df30</code></a> changelog 🪵</li> <li><a href="https://github.com/motdotla/dotenv/commit/3f01a8b61addc4e6978f2c40b0147f6812e2f64b"><code>3f01a8b</code></a> <code>injecting</code> to <code>injected</code></li> <li><a href="https://github.com/motdotla/dotenv/commit/ccc50d50d9e398a0b20355748e710852e1db5d07"><code>ccc50d5</code></a> update</li> <li>Additional commits viewable in <a href="https://github.com/motdotla/dotenv/compare/v17.3.1...v17.4.1">compare view</a></li> </ul> </details> <br />
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.23 to 4.18.1. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.23...4.18.1) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.18.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.23 to 4.18.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lodash/lodash/releases">lodash's releases</a>.</em></p> <blockquote> <h2>4.18.1</h2> <h2>Bugs</h2> <p>Fixes a <code>ReferenceError</code> issue in <code>lodash</code> <code>lodash-es</code> <code>lodash-amd</code> and <code>lodash.template</code> when using the <code>template</code> and <code>fromPairs</code> functions from the modular builds. See <a href="https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769">lodash/lodash#6167</a></p> <p>These defects were related to how lodash distributions are built from the main branch using <a href="https://github.com/lodash-archive/lodash-cli">https://github.com/lodash-archive/lodash-cli</a>. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.</p> <p>There is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:</p> <ul> <li><code>lodash</code>: <a href="https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm">https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm</a></li> <li><code>lodash-es</code>: <a href="https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es">https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es</a></li> <li><code>lodash-amd</code>: <a href="https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd">https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd</a></li> <li><code>lodash.template</code><a href="https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages">https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages</a></li> </ul> <h2>4.18.0</h2> <h2>v4.18.0</h2> <p><strong>Full Changelog</strong>: <a href="https://github.com/lodash/lodash/compare/4.17.23...4.18.0">https://github.com/lodash/lodash/compare/4.17.23...4.18.0</a></p> <h3>Security</h3> <p><strong><code>_.unset</code> / <code>_.omit</code></strong>: Fixed prototype pollution via <code>constructor</code>/<code>prototype</code> path traversal (<a href="https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh">GHSA-f23m-r3pf-42rh</a>, <a href="https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b">fe8d32e</a>). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now <code>constructor</code> and <code>prototype</code> are blocked unconditionally as non-terminal path keys, matching <code>baseSet</code>. Calls that previously returned <code>true</code> and deleted the property now return <code>false</code> and leave the target untouched.</p> <p><strong><code>_.template</code></strong>: Fixed code injection via <code>imports</code> keys (<a href="https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc">GHSA-r5fr-rjxr-66jc</a>, CVE-2026-4800, <a href="https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6">879aaa9</a>). Fixes an incomplete patch for CVE-2021-23337. The <code>variable</code> option was validated against <code>reForbiddenIdentifierChars</code> but <code>importsKeys</code> was left unguarded, allowing code injection via the same <code>Function()</code> constructor sink. <code>imports</code> keys containing forbidden identifier characters now throw <code>"Invalid imports option passed into _.template"</code>.</p> <h3>Docs</h3> <ul> <li>Add security notice for <code>_.template</code> in threat model and API docs (<a href="https://redirect.github.com/lodash/lodash/pull/6099">#6099</a>)</li> <li>Document <code>lower > upper</code> behavior in <code>_.random</code> (<a href="https://redirect.github.com/lodash/lodash/pull/6115">#6115</a>)</li> <li>Fix quotes in <code>_.compact</code> jsdoc (<a href="https://redirect.github.com/lodash/lodash/pull/6090">#6090</a>)</li> </ul> <h3><code>lodash.*</code> modular packages</h3> <p><a href="https://redirect.github.com/lodash/lodash/pull/6157">Diff</a></p> <p>We have also regenerated and published a select number of the <code>lodash.*</code> modular packages.</p> <p>These modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:</p> <ul> <li><a href="https://www.npmjs.com/package/lodash.orderby">lodash.orderby</a></li> <li><a href="https://www.npmjs.com/package/lodash.tonumber">lodash.tonumber</a></li> <li><a href="https://www.npmjs.com/package/lodash.trim">lodash.trim</a></li> <li><a href="https://www.npmjs.com/package/lodash.trimend">lodash.trimend</a></li> <li><a href="https://www.npmjs.com/package/lodash.sortedindexby">lodash.sortedindexby</a></li> <li><a href="https://www.npmjs.com/package/lodash.zipobjectdeep">lodash.zipobjectdeep</a></li> <li><a href="https://www.npmjs.com/package/lodash.unset">lodash.unset</a></li> <li><a href="https://www.npmjs.com/package/lodash.omit">lodash.omit</a></li> <li><a href="https://www.npmjs.com/package/lodash.template">lodash.template</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e"><code>cb0b9b9</code></a> release(patch): bump main to 4.18.1 (<a href="https://redirect.github.com/lodash/lodash/issues/6177">#6177</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51"><code>75535f5</code></a> chore: prune stale advisory refs (<a href="https://redirect.github.com/lodash/lodash/issues/6170">#6170</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4"><code>62e91bc</code></a> docs: remove n_ Node.js < 6 REPL note from README (<a href="https://redirect.github.com/lodash/lodash/issues/6165">#6165</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4"><code>59be2de</code></a> release(minor): bump to 4.18.0 (<a href="https://redirect.github.com/lodash/lodash/issues/6161">#6161</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d"><code>af63457</code></a> fix: broken tests for _.template 879aaa9</li> <li><a href="https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0"><code>1073a76</code></a> fix: linting issues</li> <li><a href="https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6"><code>879aaa9</code></a> fix: validate imports keys in _.template</li> <li><a href="https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b"><code>fe8d32e</code></a> fix: block prototype pollution in baseUnset via constructor/prototype traversal</li> <li><a href="https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d"><code>18ba0a3</code></a> refactor(fromPairs): use baseAssignValue for consistent assignment (<a href="https://redirect.github.com/lodash/lodash/issues/6153">#6153</a>)</li> <li><a href="https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2"><code>b819080</code></a> ci: add dist sync validation workflow (<a href="https://redirect.github.com/lodash/lodash/issues/6137">#6137</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lodash/lodash/compare/4.17.23...4.18.1">compare view</a></li> </ul> </details> <br />
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.5.0 to 25.5.2. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.5.2 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.5.0 to 25.5.2. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node">compare view</a></li> </ul> </details> <br />
Bumps [eslint](https://github.com/eslint/eslint) from 10.1.0 to 10.2.0. - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v10.1.0...v10.2.0) --- updated-dependencies: - dependency-name: eslint dependency-version: 10.2.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [eslint](https://github.com/eslint/eslint) from 10.1.0 to 10.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/eslint/eslint/releases">eslint's releases</a>.</em></p> <blockquote> <h2>v10.2.0</h2> <h2>Features</h2> <ul> <li><a href="https://github.com/eslint/eslint/commit/586ec2f43092779acc957866db4abe999112d1e1"><code>586ec2f</code></a> feat: Add <code>meta.languages</code> support to rules (<a href="https://redirect.github.com/eslint/eslint/issues/20571">#20571</a>) (Copilot)</li> <li><a href="https://github.com/eslint/eslint/commit/14207dee3939dc87cfa8b2fcfc271fff2cfd6471"><code>14207de</code></a> feat: add <code>Temporal</code> to <code>no-obj-calls</code> (<a href="https://redirect.github.com/eslint/eslint/issues/20675">#20675</a>) (Pixel998)</li> <li><a href="https://github.com/eslint/eslint/commit/bbb2c93a2b31bd30924f32fe69a9acf41f9dfe35"><code>bbb2c93</code></a> feat: add Temporal to ES2026 globals (<a href="https://redirect.github.com/eslint/eslint/issues/20672">#20672</a>) (Pixel998)</li> </ul> <h2>Bug Fixes</h2> <ul> <li><a href="https://github.com/eslint/eslint/commit/542cb3e6442a4e6ee3457c799e2a0ee23bef0c6a"><code>542cb3e</code></a> fix: update first-party dependencies (<a href="https://redirect.github.com/eslint/eslint/issues/20714">#20714</a>) (Francesco Trotta)</li> </ul> <h2>Documentation</h2> <ul> <li><a href="https://github.com/eslint/eslint/commit/a2af743ea60f683d0e0de9d98267c1e7e4f5e412"><code>a2af743</code></a> docs: add <code>language</code> to configuration objects (<a href="https://redirect.github.com/eslint/eslint/issues/20712">#20712</a>) (Francesco Trotta)</li> <li><a href="https://github.com/eslint/eslint/commit/845f23f1370892bf07d819497ac518c9e65090d6"><code>845f23f</code></a> docs: Update README (GitHub Actions Bot)</li> <li><a href="https://github.com/eslint/eslint/commit/5fbcf5958b897cc4df5d652924d18428db37f7ee"><code>5fbcf59</code></a> docs: remove <code>sourceType</code> from ts playground link (<a href="https://redirect.github.com/eslint/eslint/issues/20477">#20477</a>) (Tanuj Kanti)</li> <li><a href="https://github.com/eslint/eslint/commit/8702a474659be786b6b1392e5e7c0c56355ae4a4"><code>8702a47</code></a> docs: Update README (GitHub Actions Bot)</li> <li><a href="https://github.com/eslint/eslint/commit/ddeaded2ab36951383ff67c60fb64ec68d29a46a"><code>ddeaded</code></a> docs: Update README (GitHub Actions Bot)</li> <li><a href="https://github.com/eslint/eslint/commit/2b4496691266547784a7f7ad1989ce53381bab91"><code>2b44966</code></a> docs: add Major Releases section to Manage Releases (<a href="https://redirect.github.com/eslint/eslint/issues/20269">#20269</a>) (Milos Djermanovic)</li> <li><a href="https://github.com/eslint/eslint/commit/eab65c700ebb16a6e790910c720450c9908961fd"><code>eab65c7</code></a> docs: update <code>eslint</code> versions in examples (<a href="https://redirect.github.com/eslint/eslint/issues/20664">#20664</a>) (루밀LuMir)</li> <li><a href="https://github.com/eslint/eslint/commit/3e4a29903bf31f0998e45ad9128a265bce1edc56"><code>3e4a299</code></a> docs: update ESM Dependencies policies with note for own-usage packages (<a href="https://redirect.github.com/eslint/eslint/issues/20660">#20660</a>) (Milos Djermanovic)</li> </ul> <h2>Chores</h2> <ul> <li><a href="https://github.com/eslint/eslint/commit/8120e30f833474f47acc061d24d164e9f022264f"><code>8120e30</code></a> refactor: extract no unmodified loop condition (<a href="https://redirect.github.com/eslint/eslint/issues/20679">#20679</a>) (kuldeep kumar)</li> <li><a href="https://github.com/eslint/eslint/commit/46e8469786be1b2bbb522100e1d44624d98d3745"><code>46e8469</code></a> chore: update dependency markdownlint-cli2 to ^0.22.0 (<a href="https://redirect.github.com/eslint/eslint/issues/20697">#20697</a>) (renovate[bot])</li> <li><a href="https://github.com/eslint/eslint/commit/01ed3aa68477f81a7188e1498cf4906e02015b7c"><code>01ed3aa</code></a> test: add unit tests for unicode utilities (<a href="https://redirect.github.com/eslint/eslint/issues/20622">#20622</a>) (Manish chaudhary)</li> <li><a href="https://github.com/eslint/eslint/commit/811f4930f82ee2b6ac8eae75cade9bed63de0781"><code>811f493</code></a> ci: remove <code>--legacy-peer-deps</code> from types integration tests (<a href="https://redirect.github.com/eslint/eslint/issues/20667">#20667</a>) (Milos Djermanovic)</li> <li><a href="https://github.com/eslint/eslint/commit/6b86fcfc5c75d6a3b8a2cf7bcdb3ef60635a9a03"><code>6b86fcf</code></a> chore: update dependency npm-run-all2 to v8 (<a href="https://redirect.github.com/eslint/eslint/issues/20663">#20663</a>) (renovate[bot])</li> <li><a href="https://github.com/eslint/eslint/commit/632c4f83bf32b77981c7d395cacddd1bb172ee25"><code>632c4f8</code></a> chore: add <code>prettier</code> update commit to <code>.git-blame-ignore-revs</code> (<a href="https://redirect.github.com/eslint/eslint/issues/20662">#20662</a>) (루밀LuMir)</li> <li><a href="https://github.com/eslint/eslint/commit/b0b0f21927e03ba092400e3c70d7058f537765c8"><code>b0b0f21</code></a> chore: update dependency eslint-plugin-regexp to ^3.1.0 (<a href="https://redirect.github.com/eslint/eslint/issues/20659">#20659</a>) (Milos Djermanovic)</li> <li><a href="https://github.com/eslint/eslint/commit/228a2dd4b272c17f516ee3541f1dd69eca0a8ab0"><code>228a2dd</code></a> chore: update dependency eslint-plugin-eslint-plugin to ^7.3.2 (<a href="https://redirect.github.com/eslint/eslint/issues/20661">#20661</a>) (Milos Djermanovic)</li> <li><a href="https://github.com/eslint/eslint/commit/3ab4d7e244df244102de9d0d250b2ff12456a785"><code>3ab4d7e</code></a> test: Add tests for eslintrc-style keys (<a href="https://redirect.github.com/eslint/eslint/issues/20645">#20645</a>) (kuldeep kumar)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/eslint/eslint/commit/000128c29235c5a8c35c7ef817dbccc4e42130ca"><code>000128c</code></a> 10.2.0</li> <li><a href="https://github.com/eslint/eslint/commit/1988fad70e361fe1c8df7804930a66e6a9bfc698"><code>1988fad</code></a> Build: changelog update for 10.2.0</li> <li><a href="https://github.com/eslint/eslint/commit/542cb3e6442a4e6ee3457c799e2a0ee23bef0c6a"><code>542cb3e</code></a> fix: update first-party dependencies (<a href="https://redirect.github.com/eslint/eslint/issues/20714">#20714</a>)</li> <li><a href="https://github.com/eslint/eslint/commit/a2af743ea60f683d0e0de9d98267c1e7e4f5e412"><code>a2af743</code></a> docs: add <code>language</code> to configuration objects (<a href="https://redirect.github.com/eslint/eslint/issues/20712">#20712</a>)</li> <li><a href="https://github.com/eslint/eslint/commit/845f23f1370892bf07d819497ac518c9e65090d6"><code>845f23f</code></a> docs: Update README</li> <li><a href="https://github.com/eslint/eslint/commit/5fbcf5958b897cc4df5d652924d18428db37f7ee"><code>5fbcf59</code></a> docs: remove <code>sourceType</code> from ts playground link (<a href="https://redirect.github.com/eslint/eslint/issues/20477">#20477</a>)</li> <li><a href="https://github.com/eslint/eslint/commit/8702a474659be786b6b1392e5e7c0c56355ae4a4"><code>8702a47</code></a> docs: Update README</li> <li><a href="https://github.com/eslint/eslint/commit/ddeaded2ab36951383ff67c60fb64ec68d29a46a"><code>ddeaded</code></a> docs: Update README</li> <li><a href="https://github.com/eslint/eslint/commit/8120e30f833474f47acc061d24d164e9f022264f"><code>8120e30</code></a> refactor: extract no unmodified loop condition (<a href="https://redirect.github.com/eslint/eslint/issues/20679">#20679</a>)</li> <li><a href="https://github.com/eslint/eslint/commit/46e8469786be1b2bbb522100e1d44624d98d3745"><code>46e8469</code></a> chore: update dependency markdownlint-cli2 to ^0.22.0 (<a href="https://redirect.github.com/eslint/eslint/issues/20697">#20697</a>)</li> <li>Additional commits viewable in <a href="https://github.com/eslint/eslint/compare/v10.1.0...v10.2.0">compare view</a></li> </ul> </details> <br />
Bumps [ts-loader](https://github.com/TypeStrong/ts-loader) from 9.5.4 to 9.5.7. - [Release notes](https://github.com/TypeStrong/ts-loader/releases) - [Changelog](https://github.com/TypeStrong/ts-loader/blob/main/CHANGELOG.md) - [Commits](TypeStrong/ts-loader@v9.5.4...v9.5.7) --- updated-dependencies: - dependency-name: ts-loader dependency-version: 9.5.7 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [ts-loader](https://github.com/TypeStrong/ts-loader) from 9.5.4 to 9.5.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/TypeStrong/ts-loader/releases">ts-loader's releases</a>.</em></p> <blockquote> <h2>v9.5.7</h2> <ul> <li><a href="https://redirect.github.com/TypeStrong/ts-loader/pull/1679">fix: TS5011 errors with TypeScript 6.0: transpileModule called with rootDir: undefined</a> <a href="https://redirect.github.com/TypeStrong/ts-loader/issues/1678">#1678</a> - thanks <a href="https://github.com/julioz"><code>@julioz</code></a> and <a href="https://github.com/errorx666"><code>@errorx666</code></a></li> <li><a href="https://redirect.github.com/TypeStrong/ts-loader/pull/1680">feat: migrate to trusted publishing</a> - thanks <a href="https://github.com/johnnyreilly"><code>@johnnyreilly</code></a></li> </ul> <p>Skipping 9.5.5-9.5.6 due to publishing issues</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/TypeStrong/ts-loader/blob/main/CHANGELOG.md">ts-loader's changelog</a>.</em></p> <blockquote> <h2>9.5.7</h2> <ul> <li><a href="https://redirect.github.com/TypeStrong/ts-loader/pull/1679">fix: TS5011 errors with TypeScript 6.0: transpileModule called with rootDir: undefined</a> <a href="https://redirect.github.com/TypeStrong/ts-loader/issues/1678">#1678</a> - thanks <a href="https://github.com/julioz"><code>@julioz</code></a> and <a href="https://github.com/errorx666"><code>@errorx666</code></a></li> <li><a href="https://redirect.github.com/TypeStrong/ts-loader/pull/1680">feat: migrate to trusted publishing</a> - thanks <a href="https://github.com/johnnyreilly"><code>@johnnyreilly</code></a></li> </ul> <p>Skipping 9.5.5-9.5.6 due to publishing issues</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/TypeStrong/ts-loader/commit/4a60de489ebf9117b331b323412a12416c5e1ef8"><code>4a60de4</code></a> chore: trusted publishing attempt 3</li> <li><a href="https://github.com/TypeStrong/ts-loader/commit/b03b4aa623b877a8115b345d5c7ee253947acd66"><code>b03b4aa</code></a> chore: version bump</li> <li><a href="https://github.com/TypeStrong/ts-loader/commit/2421dcfe865e4a9e5f9be452f2d7845ba724185e"><code>2421dcf</code></a> fix: trusted publishing by changing respository.url in package.json</li> <li><a href="https://github.com/TypeStrong/ts-loader/commit/f84480fb6f7d2c48d5a42e0e4e9e0914713657b5"><code>f84480f</code></a> fix: TS5011 errors with TypeScript 6.0: transpileModule called with rootDir: ...</li> <li><a href="https://github.com/TypeStrong/ts-loader/commit/0cef777f72dbf82b128ff2e36ed9baf925ea8b29"><code>0cef777</code></a> feat: migrate to trusted publishing (<a href="https://redirect.github.com/TypeStrong/ts-loader/issues/1680">#1680</a>)</li> <li><a href="https://github.com/TypeStrong/ts-loader/commit/a0cfb39a58207576d8f4c4e6a8a64b7eb42de7f1"><code>a0cfb39</code></a> docs: add AGENTS.md / CLAUDE.md</li> <li>See full diff in <a href="https://github.com/TypeStrong/ts-loader/compare/v9.5.4...v9.5.7">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by [GitHub Actions](<a href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a> Actions), a new releaser for ts-loader since your current version.</p> </details> <br />
Bumps [ts-jest](https://github.com/kulshekhar/ts-jest) from 29.4.6 to 29.4.9. - [Release notes](https://github.com/kulshekhar/ts-jest/releases) - [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md) - [Commits](kulshekhar/ts-jest@v29.4.6...v29.4.9) --- updated-dependencies: - dependency-name: ts-jest dependency-version: 29.4.9 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [ts-jest](https://github.com/kulshekhar/ts-jest) from 29.4.6 to 29.4.9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/kulshekhar/ts-jest/releases">ts-jest's releases</a>.</em></p> <blockquote> <h2>v29.4.9</h2> <p>Please refer to <a href="https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v29.4.8</h2> <p>No release notes provided.</p> <h2>v29.4.7</h2> <p>Please refer to <a href="https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md">CHANGELOG.md</a> for details.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md">ts-jest's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/kulshekhar/ts-jest/compare/v29.4.6...v29.4.7">29.4.7</a> (2026-04-01)</h2> <h3>Features</h3> <ul> <li>support TypeScript v6 (<a href="https://github.com/kulshekhar/ts-jest/commit/eda517d226389317d99572887d3c1aa93c81be87">eda517d</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/kulshekhar/ts-jest/commit/bac2e77231418c35cb9b9946d7d871c0ee2322a1"><code>bac2e77</code></a> chore(release): bump version to 29.4.9</li> <li><a href="https://github.com/kulshekhar/ts-jest/commit/f8a9cc98924bd1846aac96d6c544e6626f031f81"><code>f8a9cc9</code></a> fix: use correct registry for npm OIDC trusted publishing</li> <li><a href="https://github.com/kulshekhar/ts-jest/commit/e2eec26aa127e284719b4754937d17bd57b13518"><code>e2eec26</code></a> fix: npm permissions</li> <li><a href="https://github.com/kulshekhar/ts-jest/commit/263f2ac73e4a0c4163f8766c3ba9d0a13ca78812"><code>263f2ac</code></a> chore: remove npm auth token</li> <li><a href="https://github.com/kulshekhar/ts-jest/commit/5df0e45f409994b34cae7d22db60946a8158d975"><code>5df0e45</code></a> OIDC</li> <li><a href="https://github.com/kulshekhar/ts-jest/commit/f82c1444d4af0d9f27883510acc8178c18ee8f8a"><code>f82c144</code></a> Merge pull request <a href="https://redirect.github.com/kulshekhar/ts-jest/issues/5250">#5250</a> from kulshekhar/copilot/bump-patch-version</li> <li><a href="https://github.com/kulshekhar/ts-jest/commit/e6ec5aed410a803c2f972b3287cf233ce4c998f9"><code>e6ec5ae</code></a> Update CHANGELOG.md</li> <li><a href="https://github.com/kulshekhar/ts-jest/commit/62c3199a355d3ba483f0e976c868ddc6f20d53fe"><code>62c3199</code></a> Update CHANGELOG.md</li> <li><a href="https://github.com/kulshekhar/ts-jest/commit/052e751f124d059e1363b827f1709ed7607daded"><code>052e751</code></a> Bump patch version to 29.4.7</li> <li><a href="https://github.com/kulshekhar/ts-jest/commit/f79e77b64f4a807605e277b1ea05f10abe9c94f0"><code>f79e77b</code></a> Merge pull request <a href="https://redirect.github.com/kulshekhar/ts-jest/issues/5249">#5249</a> from ext/feature/ts6-peer</li> <li>Additional commits viewable in <a href="https://github.com/kulshekhar/ts-jest/compare/v29.4.6...v29.4.9">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by [GitHub Actions](<a href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a> Actions), a new releaser for ts-jest since your current version.</p> </details> <br />
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 8.57.2 to 8.58.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.0/packages/eslint-plugin) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.58.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
… 8.58.0 (#2657) Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 8.57.2 to 8.58.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/typescript-eslint/typescript-eslint/releases"><code>@typescript-eslint/eslint-plugin</code>'s releases</a>.</em></p> <blockquote> <h2>v8.58.0</h2> <h2>8.58.0 (2026-03-30)</h2> <h3>🚀 Features</h3> <ul> <li>support TypeScript 6 (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12124">#12124</a>)</li> </ul> <h3>🩹 Fixes</h3> <ul> <li><strong>eslint-plugin:</strong> crash in <code>no-unnecessary-type-arguments</code> (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12163">#12163</a>)</li> <li><strong>eslint-plugin:</strong> [no-extraneous-class] handle index signatures (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12142">#12142</a>)</li> <li><strong>eslint-plugin:</strong> [prefer-regexp-exec] avoid fixing unknown RegExp flags (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12161">#12161</a>)</li> </ul> <h3>❤️ Thank You</h3> <ul> <li>ej shafran <a href="https://github.com/ej-shafran"><code>@ej-shafran</code></a></li> <li>Evyatar Daud <a href="https://github.com/StyleShit"><code>@StyleShit</code></a></li> <li>GG ZIBLAKING</li> <li>milkboy2564 <a href="https://github.com/SeolJaeHyeok"><code>@SeolJaeHyeok</code></a></li> <li>teee32 <a href="https://github.com/teee32"><code>@teee32</code></a></li> </ul> <p>See <a href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.58.0">GitHub Releases</a> for more information.</p> <p>You can read about our <a href="https://typescript-eslint.io/users/versioning">versioning strategy</a> and <a href="https://typescript-eslint.io/users/releases">releases</a> on our website.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md"><code>@typescript-eslint/eslint-plugin</code>'s changelog</a>.</em></p> <blockquote> <h2>8.58.0 (2026-03-30)</h2> <h3>🚀 Features</h3> <ul> <li>support TypeScript 6 (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12124">#12124</a>)</li> </ul> <h3>🩹 Fixes</h3> <ul> <li><strong>eslint-plugin:</strong> [prefer-regexp-exec] avoid fixing unknown RegExp flags (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12161">#12161</a>)</li> <li><strong>eslint-plugin:</strong> [no-extraneous-class] handle index signatures (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12142">#12142</a>)</li> <li><strong>eslint-plugin:</strong> crash in <code>no-unnecessary-type-arguments</code> (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12163">#12163</a>)</li> </ul> <h3>❤️ Thank You</h3> <ul> <li>ej shafran <a href="https://github.com/ej-shafran"><code>@ej-shafran</code></a></li> <li>Evyatar Daud <a href="https://github.com/StyleShit"><code>@StyleShit</code></a></li> <li>GG ZIBLAKING</li> <li>milkboy2564 <a href="https://github.com/SeolJaeHyeok"><code>@SeolJaeHyeok</code></a></li> <li>teee32 <a href="https://github.com/teee32"><code>@teee32</code></a></li> </ul> <p>See <a href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.58.0">GitHub Releases</a> for more information.</p> <p>You can read about our <a href="https://typescript-eslint.io/users/versioning">versioning strategy</a> and <a href="https://typescript-eslint.io/users/releases">releases</a> on our website.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/493341709fe7d1d6433332b7bd2724e3332c7cdf"><code>4933417</code></a> chore(release): publish 8.58.0</li> <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/5a9bd366139c8e306dd78ae906d4389972de42b6"><code>5a9bd36</code></a> fix(eslint-plugin): [prefer-regexp-exec] avoid fixing unknown RegExp flags (#...</li> <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/edb90ebf7c75a71065bed719f3e72d18b830c6a0"><code>edb90eb</code></a> fix(eslint-plugin): [no-extraneous-class] handle index signatures (<a href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin/issues/12142">#12142</a>)</li> <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/8cde2d06fb9bc591a4c93452509ddbd600c76a35"><code>8cde2d0</code></a> feat: support TypeScript 6 (<a href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin/issues/12124">#12124</a>)</li> <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/1bf86c9f5c799916d12079c037c79e10b29cdc9c"><code>1bf86c9</code></a> fix(eslint-plugin): crash in <code>no-unnecessary-type-arguments</code> (<a href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin/issues/12163">#12163</a>)</li> <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/e9cc25a794dbf82a241807f394489a2aad39ffae"><code>e9cc25a</code></a> docs(eslint-plugin): fix typo (<a href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin/issues/12155">#12155</a>)</li> <li>See full diff in <a href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.0/packages/eslint-plugin">compare view</a></li> </ul> </details> <br />
* REST API Provider for Access Groups * Update logs to match the used standard * update the package lock json * typo fixe
Bumps [liquidjs](https://github.com/harttle/liquidjs) from 10.25.1 to 10.25.5. - [Release notes](https://github.com/harttle/liquidjs/releases) - [Changelog](https://github.com/harttle/liquidjs/blob/master/CHANGELOG.md) - [Commits](harttle/liquidjs@v10.25.1...v10.25.5) --- updated-dependencies: - dependency-name: liquidjs dependency-version: 10.25.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [liquidjs](https://github.com/harttle/liquidjs) from 10.25.1 to 10.25.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/harttle/liquidjs/releases">liquidjs's releases</a>.</em></p> <blockquote> <h2>v10.25.5</h2> <h2><a href="https://github.com/harttle/liquidjs/compare/v10.25.4...v10.25.5">10.25.5</a> (2026-04-07)</h2> <h3>Bug Fixes</h3> <ul> <li>enforce root containment for renderFile/parseFile lookups (<a href="https://redirect.github.com/harttle/liquidjs/issues/870">#870</a>) (<a href="https://github.com/harttle/liquidjs/commit/f41c1fc02fe901598f3328118b42b13bc6bc9b04">f41c1fc</a>)</li> <li>null date should return empty (<a href="https://redirect.github.com/harttle/liquidjs/issues/868">#868</a>) (<a href="https://redirect.github.com/harttle/liquidjs/issues/872">#872</a>) (<a href="https://github.com/harttle/liquidjs/commit/4f9a49988a93c156524981e189a4fec238e682b8">4f9a499</a>)</li> <li>rounding negative away from zero when half (<a href="https://redirect.github.com/harttle/liquidjs/issues/873">#873</a>) (<a href="https://github.com/harttle/liquidjs/commit/1cdf10b57d82f0592414efbfca19e204b37aea9f">1cdf10b</a>)</li> </ul> <h2>v10.25.4</h2> <h2><a href="https://github.com/harttle/liquidjs/compare/v10.25.3...v10.25.4">10.25.4</a> (2026-04-07)</h2> <h3>Bug Fixes</h3> <ul> <li>sort and sort_natural filters bypass ownPropertyOnly (<a href="https://redirect.github.com/harttle/liquidjs/issues/869">#869</a>) (<a href="https://github.com/harttle/liquidjs/commit/e743da0020d34e2ee547e1cc1a86b58377ebe1ce">e743da0</a>)</li> </ul> <h2>v10.25.3</h2> <h2><a href="https://github.com/harttle/liquidjs/compare/v10.25.2...v10.25.3">10.25.3</a> (2026-04-06)</h2> <h3>Bug Fixes</h3> <ul> <li>precise memoryLimit for string replace (<a href="https://github.com/harttle/liquidjs/commit/abc058be0f33d6372cd2216f4945183167abeb25">abc058b</a>)</li> <li>use realpath for fs.contains (<a href="https://redirect.github.com/harttle/liquidjs/issues/867">#867</a>) (<a href="https://github.com/harttle/liquidjs/commit/529dd67eeb6b125637623d6a723601f0938d3613">529dd67</a>)</li> </ul> <h2>v10.25.2</h2> <h2><a href="https://github.com/harttle/liquidjs/compare/v10.25.1...v10.25.2">10.25.2</a> (2026-03-25)</h2> <h3>Bug Fixes</h3> <ul> <li>handle undefined replacement argument in replace filter (<a href="https://redirect.github.com/harttle/liquidjs/issues/864">#864</a>) (<a href="https://github.com/harttle/liquidjs/commit/0ad2b11ab15e7da608a9ef936b2a00a6a6517038">0ad2b11</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/harttle/liquidjs/blob/master/CHANGELOG.md">liquidjs's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/harttle/liquidjs/compare/v10.25.4...v10.25.5">10.25.5</a> (2026-04-07)</h2> <h3>Bug Fixes</h3> <ul> <li>enforce root containment for renderFile/parseFile lookups (<a href="https://redirect.github.com/harttle/liquidjs/issues/870">#870</a>) (<a href="https://github.com/harttle/liquidjs/commit/f41c1fc02fe901598f3328118b42b13bc6bc9b04">f41c1fc</a>)</li> <li>null date should return empty (<a href="https://redirect.github.com/harttle/liquidjs/issues/868">#868</a>) (<a href="https://redirect.github.com/harttle/liquidjs/issues/872">#872</a>) (<a href="https://github.com/harttle/liquidjs/commit/4f9a49988a93c156524981e189a4fec238e682b8">4f9a499</a>)</li> <li>rounding negative away from zero when half (<a href="https://redirect.github.com/harttle/liquidjs/issues/873">#873</a>) (<a href="https://github.com/harttle/liquidjs/commit/1cdf10b57d82f0592414efbfca19e204b37aea9f">1cdf10b</a>)</li> </ul> <h2><a href="https://github.com/harttle/liquidjs/compare/v10.25.3...v10.25.4">10.25.4</a> (2026-04-07)</h2> <h3>Bug Fixes</h3> <ul> <li>sort and sort_natural filters bypass ownPropertyOnly (<a href="https://redirect.github.com/harttle/liquidjs/issues/869">#869</a>) (<a href="https://github.com/harttle/liquidjs/commit/e743da0020d34e2ee547e1cc1a86b58377ebe1ce">e743da0</a>)</li> </ul> <h2><a href="https://github.com/harttle/liquidjs/compare/v10.25.2...v10.25.3">10.25.3</a> (2026-04-06)</h2> <h3>Bug Fixes</h3> <ul> <li>precise memoryLimit for string replace (<a href="https://github.com/harttle/liquidjs/commit/abc058be0f33d6372cd2216f4945183167abeb25">abc058b</a>)</li> <li>use realpath for fs.contains (<a href="https://redirect.github.com/harttle/liquidjs/issues/867">#867</a>) (<a href="https://github.com/harttle/liquidjs/commit/529dd67eeb6b125637623d6a723601f0938d3613">529dd67</a>)</li> </ul> <h2><a href="https://github.com/harttle/liquidjs/compare/v10.25.1...v10.25.2">10.25.2</a> (2026-03-25)</h2> <h3>Bug Fixes</h3> <ul> <li>handle undefined replacement argument in replace filter (<a href="https://redirect.github.com/harttle/liquidjs/issues/864">#864</a>) (<a href="https://github.com/harttle/liquidjs/commit/0ad2b11ab15e7da608a9ef936b2a00a6a6517038">0ad2b11</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/harttle/liquidjs/commit/4af7be695cb715bf227113729d36396d45ee922a"><code>4af7be6</code></a> chore(release): 10.25.5 [skip ci]</li> <li><a href="https://github.com/harttle/liquidjs/commit/05c47da46d545478b5c14cf76c46fe55929bf044"><code>05c47da</code></a> refactor: replace shell scripts with JS for cross-platform support (<a href="https://redirect.github.com/harttle/liquidjs/issues/875">#875</a>)</li> <li><a href="https://github.com/harttle/liquidjs/commit/66011d14b06d37c25976fb924e54d359114dd8e1"><code>66011d1</code></a> docs: add timbze as a contributor for code (<a href="https://redirect.github.com/harttle/liquidjs/issues/874">#874</a>)</li> <li><a href="https://github.com/harttle/liquidjs/commit/1cdf10b57d82f0592414efbfca19e204b37aea9f"><code>1cdf10b</code></a> fix: rounding negative away from zero when half (<a href="https://redirect.github.com/harttle/liquidjs/issues/873">#873</a>)</li> <li><a href="https://github.com/harttle/liquidjs/commit/4f9a49988a93c156524981e189a4fec238e682b8"><code>4f9a499</code></a> fix: null date should return empty (<a href="https://redirect.github.com/harttle/liquidjs/issues/868">#868</a>) (<a href="https://redirect.github.com/harttle/liquidjs/issues/872">#872</a>)</li> <li><a href="https://github.com/harttle/liquidjs/commit/f41c1fc02fe901598f3328118b42b13bc6bc9b04"><code>f41c1fc</code></a> fix: enforce root containment for renderFile/parseFile lookups (<a href="https://redirect.github.com/harttle/liquidjs/issues/870">#870</a>)</li> <li><a href="https://github.com/harttle/liquidjs/commit/db4348507e6aa205ab2ba5e3fa273c40767e6764"><code>db43485</code></a> chore(release): 10.25.4 [skip ci]</li> <li><a href="https://github.com/harttle/liquidjs/commit/e743da0020d34e2ee547e1cc1a86b58377ebe1ce"><code>e743da0</code></a> fix: sort and sort_natural filters bypass ownPropertyOnly (<a href="https://redirect.github.com/harttle/liquidjs/issues/869">#869</a>)</li> <li><a href="https://github.com/harttle/liquidjs/commit/8f69a0839903d85c7b5c9097e39ecce6ac3eab05"><code>8f69a08</code></a> chore(release): 10.25.3 [skip ci]</li> <li><a href="https://github.com/harttle/liquidjs/commit/529dd67eeb6b125637623d6a723601f0938d3613"><code>529dd67</code></a> fix: use realpath for fs.contains (<a href="https://redirect.github.com/harttle/liquidjs/issues/867">#867</a>)</li> <li>Additional commits viewable in <a href="https://github.com/harttle/liquidjs/compare/v10.25.1...v10.25.5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/SciCatProject/backend/network/alerts). </details>
Bumps [nodemailer](https://github.com/nodemailer/nodemailer) and [preview-email](https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript). These dependencies needed to be updated together. Updates `nodemailer` from 8.0.3 to 8.0.5 - [Release notes](https://github.com/nodemailer/nodemailer/releases) - [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md) - [Commits](nodemailer/nodemailer@v8.0.3...v8.0.5) Updates `preview-email` from 3.1.1 to 3.1.3 - [Release notes](https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/releases) - [Commits](forwardemail/preview-email@v3.1.1...v3.1.3) --- updated-dependencies: - dependency-name: nodemailer dependency-version: 8.0.5 dependency-type: indirect - dependency-name: preview-email dependency-version: 3.1.3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [nodemailer](https://github.com/nodemailer/nodemailer) and [preview-email](https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript). These dependencies needed to be updated together. Updates `nodemailer` from 8.0.3 to 8.0.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nodemailer/nodemailer/releases">nodemailer's releases</a>.</em></p> <blockquote> <h2>v8.0.5</h2> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v8.0.4...v8.0.5">8.0.5</a> (2026-04-07)</h2> <h3>Bug Fixes</h3> <ul> <li>decode SMTP server responses as UTF-8 at line boundary (<a href="https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac">95876b1</a>)</li> <li>sanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (<a href="https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e">0a43876</a>)</li> </ul> <h2>v8.0.4</h2> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4">8.0.4</a> (2026-03-25)</h2> <h3>Bug Fixes</h3> <ul> <li>sanitize envelope size to prevent SMTP command injection (<a href="https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651">2d7b971</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md">nodemailer's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v8.0.4...v8.0.5">8.0.5</a> (2026-04-07)</h2> <h3>Bug Fixes</h3> <ul> <li>decode SMTP server responses as UTF-8 at line boundary (<a href="https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac">95876b1</a>)</li> <li>sanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (<a href="https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e">0a43876</a>)</li> </ul> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4">8.0.4</a> (2026-03-25)</h2> <h3>Bug Fixes</h3> <ul> <li>sanitize envelope size to prevent SMTP command injection (<a href="https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651">2d7b971</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nodemailer/nodemailer/commit/202cfb3e14010223204e9ba9f7430176be624f0f"><code>202cfb3</code></a> chore(master): release 8.0.5 (<a href="https://redirect.github.com/nodemailer/nodemailer/issues/1809">#1809</a>)</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/b634abf05959edcc7207cdaba2c6541f92994cbb"><code>b634abf</code></a> docs: add CLAUDE.md with project conventions and release process</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac"><code>95876b1</code></a> fix: decode SMTP server responses as UTF-8 at line boundary</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e"><code>0a43876</code></a> fix: sanitize CRLF in transport name option to prevent SMTP command injection...</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/08e59e64d0f8595fa535f07061787e0946372657"><code>08e59e6</code></a> chore: update dev dependencies</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/2d319753c34d2f0ced24d8eb1d7d866d965f59f4"><code>2d31975</code></a> chore(master): release 8.0.4 (<a href="https://redirect.github.com/nodemailer/nodemailer/issues/1806">#1806</a>)</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651"><code>2d7b971</code></a> fix: sanitize envelope size to prevent SMTP command injection</li> <li>See full diff in <a href="https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.5">compare view</a></li> </ul> </details> <br /> Updates `preview-email` from 3.1.1 to 3.1.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/releases">preview-email's releases</a>.</em></p> <blockquote> <h2>v3.1.3</h2> <ul> <li>fix: fixed anti-pattern per <a href="https://redirect.github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/issues/47">#47</a> 65d82ad</li> <li>Merge pull request <a href="https://redirect.github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/issues/47">#47</a> from Progressive-Insurance/update-display-notification 438dc3d</li> <li>chore: update display-notification to v3 e33d795</li> </ul> <hr /> <p><a href="https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/compare/v3.1.2...v3.1.3">https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/compare/v3.1.2...v3.1.3</a></p> <h2>v3.1.2</h2> <ul> <li>fix: bump deps, closes <a href="https://redirect.github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/issues/50">#50</a> 16e9fe2</li> </ul> <hr /> <p><a href="https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/compare/v3.1.1...v3.1.2">https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/compare/v3.1.1...v3.1.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/forwardemail/preview-email/commit/eddb25ad49aff3fe045a31b6d6da211f4521b015"><code>eddb25a</code></a> 3.1.3</li> <li><a href="https://github.com/forwardemail/preview-email/commit/65d82adfac84fad82f86fba18860b6270fd0e8aa"><code>65d82ad</code></a> fix: fixed anti-pattern per <a href="https://redirect.github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/issues/47">#47</a></li> <li><a href="https://github.com/forwardemail/preview-email/commit/438dc3d88e9cb0ab22419e01a6de210c4a916159"><code>438dc3d</code></a> Merge pull request <a href="https://redirect.github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/issues/47">#47</a> from Progressive-Insurance/update-display-notification</li> <li><a href="https://github.com/forwardemail/preview-email/commit/6d5d1a42924c671228b4de06907d7a81b231a265"><code>6d5d1a4</code></a> 3.1.2</li> <li><a href="https://github.com/forwardemail/preview-email/commit/16e9fe238213c7cd0ae48d8878f726cc93860f67"><code>16e9fe2</code></a> fix: bump deps, closes <a href="https://redirect.github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/issues/50">#50</a></li> <li><a href="https://github.com/forwardemail/preview-email/commit/e33d7952a3d7a7a9007c9e1aaabe1e075173177a"><code>e33d795</code></a> chore: update display-notification to v3</li> <li>See full diff in <a href="https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/compare/v3.1.1...v3.1.3">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/SciCatProject/backend/network/alerts). </details>
Bumps [axios](https://github.com/axios/axios) from 1.13.6 to 1.15.0. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.13.6...v1.15.0) --- updated-dependencies: - dependency-name: axios dependency-version: 1.15.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [axios](https://github.com/axios/axios) from 1.13.6 to 1.15.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/axios/axios/releases">axios's releases</a>.</em></p> <blockquote> <h2>v1.15.0</h2> <p>This release delivers two critical security patches, adds runtime support for Deno and Bun, and includes significant CI hardening, documentation improvements, and routine dependency updates.</p> <h2>⚠️ Important Changes</h2> <ul> <li><strong>Deprecation:</strong> <code>url.parse()</code> usage has been replaced to address Node.js deprecation warnings. If you are on a recent version of Node.js, this resolves console warnings you may have been seeing. (<strong><a href="https://redirect.github.com/axios/axios/issues/10625">#10625</a></strong>)</li> </ul> <h2>🔒 Security Fixes</h2> <ul> <li><strong>Proxy Handling:</strong> Fixed a <code>no_proxy</code> hostname normalisation bypass that could lead to Server-Side Request Forgery (SSRF). (<strong><a href="https://redirect.github.com/axios/axios/issues/10661">#10661</a></strong>)</li> <li><strong>Header Injection:</strong> Fixed an unrestricted cloud metadata exfiltration vulnerability via a header injection chain. (<strong><a href="https://redirect.github.com/axios/axios/issues/10660">#10660</a></strong>)</li> </ul> <h2>🚀 New Features</h2> <ul> <li><strong>Runtime Support:</strong> Added compatibility checks and documentation for Deno and Bun environments. (<strong><a href="https://redirect.github.com/axios/axios/issues/10652">#10652</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10653">#10653</a></strong>)</li> </ul> <h2>🔧 Maintenance & Chores</h2> <ul> <li><strong>CI Security:</strong> Hardened workflow permissions to least privilege, added the <code>zizmor</code> security scanner, pinned action versions, and gated npm publishing with OIDC and environment protection. (<strong><a href="https://redirect.github.com/axios/axios/issues/10618">#10618</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10619">#10619</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10627">#10627</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10637">#10637</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10666">#10666</a></strong>)</li> <li><strong>Dependencies:</strong> Bumped <code>serialize-javascript</code>, <code>handlebars</code>, <code>picomatch</code>, <code>vite</code>, and <code>denoland/setup-deno</code> to latest versions. Added a 7-day Dependabot cooldown period. (<strong><a href="https://redirect.github.com/axios/axios/issues/10574">#10574</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10572">#10572</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10568">#10568</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10663">#10663</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10664">#10664</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10665">#10665</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10669">#10669</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10670">#10670</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10616">#10616</a></strong>)</li> <li><strong>Documentation:</strong> Unified docs, improved <code>beforeRedirect</code> credential leakage example, clarified <code>withCredentials</code>/<code>withXSRFToken</code> behaviour, HTTP/2 support notes, async/await timeout error handling, header case preservation, and various typo fixes. (<strong><a href="https://redirect.github.com/axios/axios/issues/10649">#10649</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10624">#10624</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/7452">#7452</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/7471">#7471</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10654">#10654</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10644">#10644</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10589">#10589</a></strong>)</li> <li><strong>Housekeeping:</strong> Removed stale files, regenerated lockfile, and updated sponsor scripts and blocks. (<strong><a href="https://redirect.github.com/axios/axios/issues/10584">#10584</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10650">#10650</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10582">#10582</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10640">#10640</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10659">#10659</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10668">#10668</a></strong>)</li> <li><strong>Tests:</strong> Added regression coverage for urlencoded <code>Content-Type</code> casing. (<strong><a href="https://redirect.github.com/axios/axios/issues/10573">#10573</a></strong>)</li> </ul> <h2>🌟 New Contributors</h2> <p>We are thrilled to welcome our new contributors. Thank you for helping improve Axios:</p> <ul> <li><strong><a href="https://github.com/raashish1601"><code>@raashish1601</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10573">#10573</a></strong>)</li> <li><strong><a href="https://github.com/Kilros0817"><code>@Kilros0817</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10625">#10625</a></strong>)</li> <li><strong><a href="https://github.com/ashstrc"><code>@ashstrc</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10624">#10624</a></strong>)</li> <li><strong><a href="https://github.com/Abhi3975"><code>@Abhi3975</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10589">#10589</a></strong>)</li> <li><strong><a href="https://github.com/theamodhshetty"><code>@theamodhshetty</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/7452">#7452</a></strong>)</li> </ul> <h2>v1.14.0</h2> <p>This release focuses on compatibility fixes, adapter stability improvements, and test/tooling modernisation.</p> <h2>⚠️ Important Changes</h2> <ul> <li><strong>Breaking Changes:</strong> None identified in this release.</li> <li><strong>Action Required:</strong> If you rely on env-based proxy behaviour or CJS resolution edge-cases, validate your integration after upgrade (notably <code>proxy-from-env</code> v2 alignment and <code>main</code> entry compatibility fix).</li> </ul> <h2>🚀 New Features</h2> <ul> <li><strong>Runtime Features:</strong> No new end-user features were introduced in this release.</li> <li><strong>Test Coverage Expansion:</strong> Added broader smoke/module test coverage for CJS and ESM package usage. (<a href="https://redirect.github.com/axios/axios/pull/7510">#7510</a>)</li> </ul> <h2>🐛 Bug Fixes</h2> <ul> <li><strong>Headers:</strong> Trim trailing CRLF in normalised header values. (<a href="https://redirect.github.com/axios/axios/pull/7456">#7456</a>)</li> <li><strong>HTTP/2:</strong> Close detached HTTP/2 sessions on timeout to avoid lingering sessions. (<a href="https://redirect.github.com/axios/axios/pull/7457">#7457</a>)</li> <li><strong>Fetch Adapter:</strong> Cancel <code>ReadableStream</code> created during request-stream capability probing to prevent async resource leaks. (<a href="https://redirect.github.com/axios/axios/pull/7515">#7515</a>)</li> <li><strong>Proxy Handling:</strong> Fixed env proxy behavior with <code>proxy-from-env</code> v2 usage. (<a href="https://redirect.github.com/axios/axios/pull/7499">#7499</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/axios/axios/blob/v1.x/CHANGELOG.md">axios's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2><a href="https://github.com/axios/axios/compare/v1.13.2...v1.13.3">1.13.3</a> (2026-01-20)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>http2:</strong> Use port 443 for HTTPS connections by default. (<a href="https://redirect.github.com/axios/axios/issues/7256">#7256</a>) (<a href="https://github.com/axios/axios/commit/d7e60653460480ffacecf85383012ca1baa6263e">d7e6065</a>)</li> <li><strong>interceptor:</strong> handle the error in the same interceptor (<a href="https://redirect.github.com/axios/axios/issues/6269">#6269</a>) (<a href="https://github.com/axios/axios/commit/5945e40bb171d4ac4fc195df276cf952244f0f89">5945e40</a>)</li> <li>main field in package.json should correspond to cjs artifacts (<a href="https://redirect.github.com/axios/axios/issues/5756">#5756</a>) (<a href="https://github.com/axios/axios/commit/7373fbff24cd92ce650d99ff6f7fe08c2e2a0a04">7373fbf</a>)</li> <li><strong>package.json:</strong> add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (<a href="https://redirect.github.com/axios/axios/issues/5754">#5754</a>) (<a href="https://github.com/axios/axios/commit/b89217e3e91de17a3d55e2b8f39ceb0e9d8aeda8">b89217e</a>)</li> <li>silentJSONParsing=false should throw on invalid JSON (<a href="https://redirect.github.com/axios/axios/issues/7253">#7253</a>) (<a href="https://redirect.github.com/axios/axios/issues/7257">#7257</a>) (<a href="https://github.com/axios/axios/commit/7d19335e43d6754a1a9a66e424f7f7da259895bf">7d19335</a>)</li> <li>turn AxiosError into a native error (<a href="https://redirect.github.com/axios/axios/issues/5394">#5394</a>) (<a href="https://redirect.github.com/axios/axios/issues/5558">#5558</a>) (<a href="https://github.com/axios/axios/commit/1c6a86dd2c0623ee1af043a8491dbc96d40e883b">1c6a86d</a>)</li> <li><strong>types:</strong> add handlers to AxiosInterceptorManager interface (<a href="https://redirect.github.com/axios/axios/issues/5551">#5551</a>) (<a href="https://github.com/axios/axios/commit/8d1271b49fc226ed7defd07cd577bd69a55bb13a">8d1271b</a>)</li> <li><strong>types:</strong> restore AxiosError.cause type from unknown to Error (<a href="https://redirect.github.com/axios/axios/issues/7327">#7327</a>) (<a href="https://github.com/axios/axios/commit/d8233d9e8e9a64bfba9bbe01d475ba417510b82b">d8233d9</a>)</li> <li>unclear error message is thrown when specifying an empty proxy authorization (<a href="https://redirect.github.com/axios/axios/issues/6314">#6314</a>) (<a href="https://github.com/axios/axios/commit/6ef867e684adf7fb2343e3b29a79078a3c76dc29">6ef867e</a>)</li> </ul> <h3>Features</h3> <ul> <li>add <code>undefined</code> as a value in AxiosRequestConfig (<a href="https://redirect.github.com/axios/axios/issues/5560">#5560</a>) (<a href="https://github.com/axios/axios/commit/095033c626895ecdcda2288050b63dcf948db3bd">095033c</a>)</li> <li>add automatic minor and patch upgrades to dependabot (<a href="https://redirect.github.com/axios/axios/issues/6053">#6053</a>) (<a href="https://github.com/axios/axios/commit/65a7584eda6164980ddb8cf5372f0afa2a04c1ed">65a7584</a>)</li> <li>add Node.js coverage script using c8 (closes <a href="https://redirect.github.com/axios/axios/issues/7289">#7289</a>) (<a href="https://redirect.github.com/axios/axios/issues/7294">#7294</a>) (<a href="https://github.com/axios/axios/commit/ec9d94e9f88da13e9219acadf65061fb38ce080a">ec9d94e</a>)</li> <li>added copilot instructions (<a href="https://github.com/axios/axios/commit/3f83143bfe617eec17f9d7dcf8bafafeeae74c26">3f83143</a>)</li> <li>compatibility with frozen prototypes (<a href="https://redirect.github.com/axios/axios/issues/6265">#6265</a>) (<a href="https://github.com/axios/axios/commit/860e03396a536e9b926dacb6570732489c9d7012">860e033</a>)</li> <li>enhance pipeFileToResponse with error handling (<a href="https://redirect.github.com/axios/axios/issues/7169">#7169</a>) (<a href="https://github.com/axios/axios/commit/88d78842541610692a04282233933d078a8a2552">88d7884</a>)</li> <li><strong>types:</strong> Intellisense for string literals in a widened union (<a href="https://redirect.github.com/axios/axios/issues/6134">#6134</a>) (<a href="https://github.com/axios/axios/commit/f73474d02c5aa957b2daeecee65508557fd3c6e5">f73474d</a>), closes <a href="https://redirect.github.com//redirect.github.com/microsoft/TypeScript/issues/33471/issues/issuecomment-1376364329">microsoft/TypeScript#33471</a></li> </ul> <h3>Reverts</h3> <ul> <li>Revert "fix: silentJSONParsing=false should throw on invalid JSON (<a href="https://redirect.github.com/axios/axios/issues/7253">#7253</a>) (<a href="https://redirect.github.com/axios/axios/issues/7">#7</a>…" (<a href="https://redirect.github.com/axios/axios/issues/7298">#7298</a>) (<a href="https://github.com/axios/axios/commit/a4230f5581b3f58b6ff531b6dbac377a4fd7942a">a4230f5</a>), closes <a href="https://redirect.github.com/axios/axios/issues/7253">#7253</a> <a href="https://redirect.github.com/axios/axios/issues/7">#7</a> <a href="https://redirect.github.com/axios/axios/issues/7298">#7298</a></li> <li><strong>deps:</strong> bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (<a href="https://redirect.github.com/axios/axios/issues/7334">#7334</a>) (<a href="https://github.com/axios/axios/commit/2d6ad5e48bd29b0b2b5e7e95fb473df98301543a">2d6ad5e</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/ashvin2005" title="+1752/-4 ([#7218](axios/axios#7218) [#7218](axios/axios#7218) )">Ashvin Tiwari</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/mochinikunj" title="+940/-12 ([#7294](axios/axios#7294) [#7294](axios/axios#7294) )">Nikunj Mochi</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/imanchalsingh" title="+544/-102 ([#7169](axios/axios#7169) [#7185](axios/axios#7185) )">Anchal Singh</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman" title="+317/-73 ([#7334](axios/axios#7334) [#7298](axios/axios#7298) )">jasonsaayman</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/brodo" title="+99/-120 ([#5558](axios/axios#5558) )">Julian Dax</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/AKASHDHARDUBEY" title="+167/-0 ([#7287](axios/axios#7287) [#7288](axios/axios#7288) )">Akash Dhar Dubey</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/madhumitaaa" title="+20/-68 ([#7198](axios/axios#7198) )">Madhumita</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/Tackoil" title="+80/-2 ([#6269](axios/axios#6269) )">Tackoil</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/justindhillon" title="+41/-41 ([#6324](axios/axios#6324) [#6315](axios/axios#6315) )">Justin Dhillon</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/Rudrxxx" title="+71/-2 ([#7257](axios/axios#7257) )">Rudransh</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/WuMingDao" title="+36/-36 ([#7215](axios/axios#7215) )">WuMingDao</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/codenomnom" title="+70/-0 ([#7201](axios/axios#7201) [#7201](axios/axios#7201) )">codenomnom</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/Nandann018-ux" title="+60/-10 ([#7272](axios/axios#7272) )">Nandan Acharya</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/KernelDeimos" title="+22/-40 ([#7042](axios/axios#7042) )">Eric Dubé</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/tiborpilz" title="+40/-4 ([#5551](axios/axios#5551) )">Tibor Pilz</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/joaoGabriel55" title="+31/-4 ([#6314](axios/axios#6314) )">Gabriel Quaresma</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/turadg" title="+23/-6 ([#6265](axios/axios#6265) )">Turadg Aleahmad</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/axios/axios/commit/772a4e54ecc4cc2421e2b746daff0aca10f359d7"><code>772a4e5</code></a> chore(release): prepare release 1.15.0 (<a href="https://redirect.github.com/axios/axios/issues/10671">#10671</a>)</li> <li><a href="https://github.com/axios/axios/commit/4b071371be2f810b4bc7797a13838e0f806ebb22"><code>4b07137</code></a> chore(deps-dev): bump vite from 8.0.0 to 8.0.5 in /tests/smoke/esm (<a href="https://redirect.github.com/axios/axios/issues/10663">#10663</a>)</li> <li><a href="https://github.com/axios/axios/commit/51e57b39db251bfe3d34af5c943dfea18e06c8b6"><code>51e57b3</code></a> chore(deps-dev): bump vite from 8.0.2 to 8.0.5 (<a href="https://redirect.github.com/axios/axios/issues/10664">#10664</a>)</li> <li><a href="https://github.com/axios/axios/commit/fba1a77930f0c459677b729161627234b88c90aa"><code>fba1a77</code></a> chore(deps-dev): bump vite from 8.0.2 to 8.0.5 in /tests/module/esm (<a href="https://redirect.github.com/axios/axios/issues/10665">#10665</a>)</li> <li><a href="https://github.com/axios/axios/commit/0bf6e28eac86e87da2b60bbf5ea4237910e1a08e"><code>0bf6e28</code></a> chore(deps): bump denoland/setup-deno in the github-actions group (<a href="https://redirect.github.com/axios/axios/issues/10669">#10669</a>)</li> <li><a href="https://github.com/axios/axios/commit/8107157c572ee4a54cb28c01ab7f7f3d895ba661"><code>8107157</code></a> chore(deps-dev): bump the development_dependencies group with 4 updates (<a href="https://redirect.github.com/axios/axios/issues/10670">#10670</a>)</li> <li><a href="https://github.com/axios/axios/commit/e66530e3302d56176befd0778155dafea2487542"><code>e66530e</code></a> ci: require npm-publish environment for releases (<a href="https://redirect.github.com/axios/axios/issues/10666">#10666</a>)</li> <li><a href="https://github.com/axios/axios/commit/49f23cbfe4d308a075281c5f798d4c68f648cbe2"><code>49f23cb</code></a> chore(sponsor): update sponsor block (<a href="https://redirect.github.com/axios/axios/issues/10668">#10668</a>)</li> <li><a href="https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1"><code>3631854</code></a> fix: unrestricted cloud metadata exfiltration via header injection chain (<a href="https://redirect.github.com/axios/axios/issues/10">#10</a>...</li> <li><a href="https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df"><code>fb3befb</code></a> fix: no_proxy hostname normalization bypass leads to ssrf (<a href="https://redirect.github.com/axios/axios/issues/10661">#10661</a>)</li> <li>Additional commits viewable in <a href="https://github.com/axios/axios/compare/v1.13.6...v1.15.0">compare view</a></li> </ul> </details> <details> <summary>Install script changes</summary> <p>This version modifies <code>prepare</code> script that runs during installation. Review the package contents before updating.</p> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/SciCatProject/backend/network/alerts). </details>
minottic
approved these changes
Apr 10, 2026
Bumps [mathjs](https://github.com/josdejong/mathjs) from 15.1.1 to 15.2.0. - [Changelog](https://github.com/josdejong/mathjs/blob/develop/HISTORY.md) - [Commits](josdejong/mathjs@v15.1.1...v15.2.0) --- updated-dependencies: - dependency-name: mathjs dependency-version: 15.2.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [mathjs](https://github.com/josdejong/mathjs) from 15.1.1 to 15.2.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/josdejong/mathjs/blob/develop/HISTORY.md">mathjs's changelog</a>.</em></p> <blockquote> <h1>2026-04-07, 15.2.0</h1> <ul> <li>Feat: Add amp-hour charge unit <code>Ah</code> (<a href="https://redirect.github.com/josdejong/mathjs/issues/3617">#3617</a>). Thanks <a href="https://github.com/adrfantini"><code>@adrfantini</code></a>.</li> <li>Feat: <a href="https://redirect.github.com/josdejong/mathjs/issues/3595">#3595</a> implement <code>num</code> and <code>den</code> functions returning the parts of a fraction (<a href="https://redirect.github.com/josdejong/mathjs/issues/3605">#3605</a>). Thanks <a href="https://github.com/AnslemHack"><code>@AnslemHack</code></a>.</li> <li>Fix: Provide TypeScript types for [and/or]TransformDependencies (<a href="https://redirect.github.com/josdejong/mathjs/issues/3639">#3639</a>). Thanks <a href="https://github.com/NilsDietrich"><code>@NilsDietrich</code></a>.</li> <li>Fix: two security vulnerabilities that allowed executing arbitrary JavaScript via the expression parser. Thanks <a href="https://github.com/CykuTW"><code>@CykuTW</code></a> for finding and reporting them.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/josdejong/mathjs/commit/fee4561840043a7473962367bbae6f15bbb3cebb"><code>fee4561</code></a> chore: publish <code>v15.2.0</code></li> <li><a href="https://github.com/josdejong/mathjs/commit/139dcabee5427ec4a225e4902cfdaf9611634fcb"><code>139dcab</code></a> chore: update history</li> <li><a href="https://github.com/josdejong/mathjs/commit/0aee2f61866e35ffa0aef915221cdf6b026ffdd4"><code>0aee2f6</code></a> fix: two security vulnerabilities allowing execution of arbitrary JavaScript ...</li> <li><a href="https://github.com/josdejong/mathjs/commit/f7c10b1bc1324a25d117b668ea9a9c0232e2068e"><code>f7c10b1</code></a> feat: Fraction numerator and denominator helper functions (<a href="https://redirect.github.com/josdejong/mathjs/issues/3605">#3605</a>)</li> <li><a href="https://github.com/josdejong/mathjs/commit/206622021d5b6fb586011eab108dcf4bb5a5bc01"><code>2066220</code></a> feat: Add Ah charge unit (<a href="https://redirect.github.com/josdejong/mathjs/issues/3617">#3617</a>)</li> <li><a href="https://github.com/josdejong/mathjs/commit/685da0f7bf9606cc94628f17baaf8b0dae8606eb"><code>685da0f</code></a> chore: Add andTransformDependencies and orTransformDependencies to index.d.ts...</li> <li><a href="https://github.com/josdejong/mathjs/commit/8fe12e519125dc85f09b1d1b43500c4baa9c4ddc"><code>8fe12e5</code></a> docs: update links to TestMu AI</li> <li>See full diff in <a href="https://github.com/josdejong/mathjs/compare/v15.1.1...v15.2.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/SciCatProject/backend/network/alerts). </details>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Motivation
Fixes
Changes:
Tests included
Documentation
official documentation info