Skip to content

chore(deps): bump the npm-non-major group across 2 directories with 30 updates#1643

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-non-major-d8240a1d86
Open

chore(deps): bump the npm-non-major group across 2 directories with 30 updates#1643
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-non-major-d8240a1d86

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 12, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm-non-major group with 26 updates in the / directory:

Package From To
@aws-sdk/credential-providers 3.992.0 3.1081.0
@fontsource/roboto 5.2.9 5.2.10
@primer/octicons-react 19.21.2 19.29.1
axios 1.16.1 1.18.1
express-rate-limit 8.5.1 8.5.2
isomorphic-git 1.36.3 1.38.6
openid-client 6.8.1 6.8.4
parse-diff 0.11.1 0.12.0
uuid 14.0.0 14.0.1
validator 13.15.26 13.15.35
@eslint/compat 2.0.2 2.1.0
@eslint/json 2.0.0 2.0.1
@types/express-session 1.18.2 1.19.0
@types/lodash 4.17.23 4.17.24
cypress 15.9.0 15.18.1
fast-check 4.5.3 4.9.0
globals 17.6.0 17.7.0
lint-staged 17.0.5 17.0.8
prettier 3.8.1 3.9.4
quicktype 23.2.6 23.3.23
tsx 4.21.0 4.23.0
typescript-eslint 8.56.0 8.63.0
@esbuild/darwin-arm64 0.27.2 0.28.1
@esbuild/darwin-x64 0.27.2 0.28.1
@esbuild/linux-x64 0.27.2 0.28.1
@esbuild/win32-x64 0.27.2 0.28.1

Bumps the npm-non-major group with 5 updates in the /website directory:

Package From To
axios 1.15.2 1.18.1
react 19.2.5 19.2.7
react-dom 19.2.5 19.2.7
eslint 10.3.0 10.6.0
@mermaid-js/layout-elk 0.1.9 0.2.2

Updates @aws-sdk/credential-providers from 3.992.0 to 3.1081.0

Release notes

Sourced from @​aws-sdk/credential-providers's releases.

v3.1081.0

3.1081.0(2026-07-07)

Chores
Documentation Changes
  • client-marketplace-metering: The usage reporting window for the BatchMeterUsage API has been extended from 6 hours to 24 hours. Sellers can now submit usage records for up to 24 hours after a metered event occurs. The existing 6-hour grace period at the end of a billing cycle still applies. (4a362c9d)
New Features
  • clients: update client endpoints as of 2026-07-07 (fc9fb990)
  • client-ssm: Adding SSM Cloud Connector to support Azure Virtual Machines onboarding to AWS Systems Manager (6efef57f)
  • client-ec2: This launch surfaces the public SSM parameter associated with public AMIs in the AMI metadata. (9e8f9fa8)
  • client-route53globalresolver: Adds ListSharedDNSViews operation to list all DNS Views shared with caller using AWS Resource Access Manager. Also updates ListHostedZoneAssociations operation so that resource ARN param is optional, allowing caller to list all HostedZoneAssociations in account. (0e11517d)
  • client-partnercentral-revenue-measurement: Add support for AWS Partner Central Revenue Measurement API for creating, managing, and tracking revenue attributions and marketplace revenue share allocations. (9f3e80e6)
  • client-marketplace-catalog: This release enhances the ListEntities API to support ResellerRole filter for ResaleAuthorization entity. (d7b7cb79)
  • client-config-service: Added support for connecting AWS Config to third-party cloud service providers. New APIs include PutConnector, GetConnector, DeleteConnector, and ListConnectors for managing connectors, and PutThirdPartyServiceLinkedConfigurationRecorder for creating third-party service-linked recorders. (df52cb13)
  • client-securityhub: release SecurityHub MultiCloud integration with Azure (6f7d08e0)
  • client-inspector2: This release extends vulnerability management to Azure VM, container registries and function apps. Adds support for per-member-account scan configuration settings. (ae9b7bcf)
  • client-connect: Adds support for CreateAuthCode and DeleteSession APIs. (b84bbf6f)
  • client-lambda: AWS Lambda Durable Functions now supports customer managed KMS keys. This allows customers to configure a KMS key in Durable Config to have all their durable execution data encrypted. (796bc54a)
Bug Fixes
  • tests: use ES format for rollup bundle-size benchmark (#8163) (506e3aee)
  • credential-provider-http: fix token and URI path priority resolution (#8159) (e9e857d3)
  • scripts: publish unreleased X.0.0 baseline versions as-is (#8160) (ee9dc953)
Tests

For list of updated packages, view updated-packages.md in assets-3.1081.0.zip

v3.1080.0

3.1080.0(2026-07-06)

Chores
New Features
  • clients: update client endpoints as of 2026-07-06 (fc19f577)

... (truncated)

Changelog

Sourced from @​aws-sdk/credential-providers's changelog.

3.1081.0 (2026-07-07)

Note: Version bump only for package @​aws-sdk/credential-providers

3.1080.0 (2026-07-06)

Note: Version bump only for package @​aws-sdk/credential-providers

3.1079.0 (2026-07-02)

Note: Version bump only for package @​aws-sdk/credential-providers

3.1078.0 (2026-07-01)

Note: Version bump only for package @​aws-sdk/credential-providers

3.1077.0 (2026-06-30)

Note: Version bump only for package @​aws-sdk/credential-providers

3.1076.0 (2026-06-29)

Note: Version bump only for package @​aws-sdk/credential-providers

3.1075.0 (2026-06-23)

... (truncated)

Commits
  • 02d5abf Publish v3.1081.0
  • be034d9 Publish v3.1080.0
  • 74dc940 Publish v3.1079.0
  • 661087f Publish v3.1078.0
  • c39b676 chore(codegen): sync for thinner command classes, endpoint parameter type fix...
  • 5c490b6 Publish v3.1077.0
  • c4b42a4 chore(codegen): sync for internal checksum impls and IMDSv2 region fallback (...
  • ea8faa0 chore(checksums): add crc32c and sha1 checksums (#8126)
  • dfd62f6 Publish v3.1076.0
  • aa94fa0 chore(codegen): sync for checksum impls, hostLabel validation (#8127)
  • Additional commits viewable in compare view

Updates @fontsource/roboto from 5.2.9 to 5.2.10

Commits

Updates @primer/octicons-react from 19.21.2 to 19.29.1

Release notes

Sourced from @​primer/octicons-react's releases.

v19.29.1

Patch Changes

v19.29.0

Minor Changes

v19.28.1

Patch Changes

v19.28.0

Minor Changes

v19.27.0

Minor Changes

Patch Changes

v19.26.0

Minor Changes

Patch Changes

v19.25.0

Minor Changes

v19.24.1

... (truncated)

Changelog

Sourced from @​primer/octicons-react's changelog.

19.29.1

Patch Changes

19.29.0

Minor Changes

19.28.1

Patch Changes

19.28.0

Minor Changes

19.27.0

Minor Changes

Patch Changes

19.26.0

Minor Changes

Patch Changes

19.25.0

Minor Changes

... (truncated)

Commits

Updates axios from 1.16.1 to 1.18.1

Release notes

Sourced from axios's releases.

v1.18.1 — June 21, 2026

This release focuses on Node HTTP adapter fixes, safer AxiosError serialisation, runtime/type correctness fixes, documentation updates, and dependency maintenance.

🐛 Bug Fixes

  • AxiosError Serialisation: Made AxiosError#cause non-enumerable to prevent circular JSON serialisation failures when errors include nested causes. (#10913)
  • Node HTTP Adapter: Guarded socket.setKeepAlive for proxy agent streams, accepted path-only URLs when socketPath is configured, deferred environment proxy handling to Node, and explicitly passed maxBodyLength through to follow-redirects. (#10917, #10930, #10942, #10993)
  • Runtime and Type Correctness: Fixed several runtime crashes, type definition mismatches, and incorrect error handling paths. (#10959, #11021)
  • AxiosURLSearchParams: Switched the encoder callback to an arrow function so encoder.call(this) receives the AxiosURLSearchParams instance correctly. (#11019)

🔧 Maintenance & Chores

  • Documentation: Documented sensitive headers and status transition behaviour, prepared cleaned-up docs, added Deno install instructions, and clarified that request data is request-specific (#11007, #11010, #11023, #11025)

  • Dependencies: Bumped vite, rollup, form-data, js-yaml, and multer across the root project, docs, smoke tests, and module test workspaces. (#11011, #11012, #11013, #11014, #11015, #11016, #11017, #11026)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

v1.18.0 — June 13, 2026

This release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.

🔒 Security Fixes

  • Redirect Header Safety: Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (#10892)

  • URL And Request Hardening: Rejects malformed http: and https: URLs that omit // with ERR_INVALID_URL, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local NO_PROXY matching. (#11000)

🐛 Bug Fixes

  • Status Validation: Added transitional.validateStatusUndefinedResolves so applications can opt in to treating validateStatus: undefined like the option was omitted, while validateStatus: null remains the explicit way to accept every status. (#10899)

🔧 Maintenance & Chores

  • Documentation: Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the proxy request config as Node.js-only in the advanced docs. (#10984, #10988, #10992, #10995)

  • Dependencies: Bumped @babel/core, @babel/preset-env, @commitlint/cli, @commitlint/config-conventional, @rollup/plugin-babel, @rollup/plugin-commonjs, @vitest/browser, @vitest/browser-playwright, eslint, lint-staged, rollup, vitest, and actions/checkout. (#10989, #10996, #10997)

  • Release Metadata: Prepared the 1.18.0 release by updating package metadata and the runtime VERSION value. (#11003)

... (truncated)

Changelog

Sourced from axios's changelog.

Changelog

v1.18.0 — June 13, 2026

This release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.

🔒 Security Fixes

  • Redirect Header Safety: Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (#10892)

  • URL And Request Hardening: Rejects malformed http: and https: URLs that omit // with ERR_INVALID_URL, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local NO_PROXY matching. (#11000)

🐛 Bug Fixes

  • Status Validation: Added transitional.validateStatusUndefinedResolves so applications can opt in to treating validateStatus: undefined like the option was omitted, while validateStatus: null remains the explicit way to accept every status. (#10899)

🔧 Maintenance & Chores

  • Documentation: Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the proxy request config as Node.js-only in the advanced docs. (#10984, #10988, #10992, #10995)

  • Dependencies: Bumped @babel/core, @babel/preset-env, @commitlint/cli, @commitlint/config-conventional, @rollup/plugin-babel, @rollup/plugin-commonjs, @vitest/browser, @vitest/browser-playwright, eslint, lint-staged, rollup, vitest, and actions/checkout. (#10989, #10996, #10997)

  • Release Metadata: Prepared the 1.18.0 release by updating package metadata and the runtime VERSION value. (#11003)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

v1.17.0 — June 1, 2026

This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.

🔒 Security Fixes

  • Config Hardening: Guarded socketPath, params, and paramsSerializer reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (#10901, #10922)
  • Release Publishing: Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (#10926)

🚀 New Features

  • HTTP Compression: Added Node HTTP adapter support for zstd response decompression, with transitional.advertiseZstdAcceptEncoding controlling whether zstd is advertised in Accept-Encoding. (#6792, #10920)

🐛 Bug Fixes

  • Authentication Handling: Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (#10929, #10896)

... (truncated)

Commits
  • a209bfb chore(release): prepare release 1.18.1 (#11027)
  • fa6a55e chore(deps-dev): bump multer from 2.1.1 to 2.2.0 (#11026)
  • 40e7be8 docs: clarifies that request data is request-specific in axios (#11025)
  • a446b39 fix(AxiosURLSearchParams): use arrow function so encoder.call(this) receives ...
  • cf1306a docs: add Deno to install instructions (#11023)
  • b32880a fix: incorrect use of error (#11021)
  • 1792eda fix: ensure maxBodyLength is explicitly passed to follow-redirects (#10993)
  • 30499d6 fix: various runtime crashes and type definition mismatches (#10959)
  • 20ce9c4 fix(http): defer env proxy handling to Node (#10942)
  • e64bcf9 chore(deps): merge branch 'v1.x' into tests/module/cjs (#11014)
  • Additional commits viewable in compare view

Updates express-rate-limit from 8.5.1 to 8.5.2

Release notes

Sourced from express-rate-limit's releases.

v8.5.2

You can view the changelog here.

Commits
  • 9774693 8.5.2
  • 0e94cc0 v8.5.2 changelog
  • 9a583c5 feat: simplify IPv6 key generation (#633)
  • 4f4b3fb chore(deps-dev): bump lint-staged from 16.4.0 to 17.0.4 (#632)
  • 3c1d6c5 chore(deps-dev): bump the development-dependencies group with 7 updates (#631)
  • 18884b6 chore(deps): bump basic-ftp from 5.2.0 to 5.3.1 (#630)
  • dacc980 chore(deps): bump handlebars from 4.7.8 to 4.7.9 (#629)
  • 486d0c6 chore(deps): bump follow-redirects from 1.15.11 to 1.16.0 (#627)
  • See full diff in compare view

Updates isomorphic-git from 1.36.3 to 1.38.6

Release notes

Sourced from isomorphic-git's releases.

v1.38.6

1.38.6 (2026-06-30)

Bug Fixes

v1.38.5

1.38.5 (2026-06-16)

Bug Fixes

  • Support windows file paths in utils/join.js (#2302) (1395431)

v1.38.4

1.38.4 (2026-06-02)

Bug Fixes

  • pass credential config username to auth callbacks (#2346) (d9920c5)

v1.38.3

1.38.3 (2026-05-26)

Bug Fixes

  • Improve internal error reporting guidance (#2345) (955acf3)

v1.38.2

1.38.2 (2026-05-25)

Bug Fixes

  • add bot authoring to release commit (#2329) (328b1ba)
  • add Clever Cloud logo to Acknowledgments in README (#2334) (89f441d)

v1.38.1

1.38.1 (2026-05-18)

Bug Fixes

v1.38.0

... (truncated)

Commits

Updates openid-client from 6.8.1 to 6.8.4

Release notes

Sourced from openid-client's releases.

v6.8.4

Fixes

  • apply optional non-repudiation on generic grant ID Tokens (6202888)
  • filter jwe decryption keys by algorithm (34e2ffd)
  • preserve poll abort signals on requests (96a2d17)
  • retry dpop nonce errors for generic grants (498c4d9)

v6.8.3

Documentation

  • note a workaround for redirect_uri with query string or bare origin (e9689de), closes #868

Fixes

  • passport: delete one-time state on callback (1e7dd2e)

v6.8.2

Fixes

  • use duplex: half for fetchProtectedResource with ReadableStream body input (f6f84e2)
Changelog

Sourced from openid-client's changelog.

6.8.4 (2026-04-27)

Fixes

  • apply optional non-repudiation on generic grant ID Tokens (6202888)
  • filter jwe decryption keys by algorithm (34e2ffd)
  • preserve poll abort signals on requests (96a2d17)
  • retry dpop nonce errors for generic grants (498c4d9)

6.8.3 (2026-04-13)

Documentation

  • note a workaround for redirect_uri with query string or bare origin (e9689de), closes #868

Fixes

  • passport: delete one-time state on callback (1e7dd2e)

6.8.2 (2026-02-07)

Fixes

  • use duplex: half for fetchProtectedResource with ReadableStream body input (f6f84e2)
Commits
  • c645695 chore(release): 6.8.4
  • ee60464 chore: update CHANGELOG.md header
  • 96a2d17 fix: preserve poll abort signals on requests
  • 34e2ffd fix: filter jwe decryption keys by algorithm
  • 6202888 fix: apply optional non-repudiation on generic grant ID Tokens
  • 498c4d9 fix: retry dpop nonce errors for generic grants
  • 35042cf chore: cleanup after release
  • 66e4082 chore(release): 6.8.3
  • fa292f2 test: fix typings build issues
  • 0600c91 test: deflake pollBackchannelAuthenticationGrant
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for openid-client since your current version.


Updates parse-diff from 0.11.1 to 0.12.0

Commits

Updates uuid from 14.0.0 to 14.0.1

Release notes

Sourced from uuid's releases.

v14.0.1

14.0.1 (2026-06-20)

Bug Fixes

  • add types condition to node export for moduleResolution bundler (#961) (27ffae5)
Changelog

Sourced from uuid's changelog.

14.0.1 (2026-06-20)

Bug Fixes

  • add types condition to node export for moduleResolution bundler (#961) (27ffae5)
Commits
Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Updates validator from 13.15.26 to 13.15.35

Release notes

Sourced from validator's releases.

13.15.35

Fixes, New Locales and Enhancements

New Contributors

Full Changelog: validatorjs/validator.js@13.15.26...13.15.35

Details Description has been truncated

…0 updates

Bumps the npm-non-major group with 26 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@aws-sdk/credential-providers](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/credential-providers) | `3.992.0` | `3.1081.0` |
| [@fontsource/roboto](https://github.com/fontsource/font-files/tree/HEAD/fonts/google/roboto) | `5.2.9` | `5.2.10` |
| [@primer/octicons-react](https://github.com/primer/octicons) | `19.21.2` | `19.29.1` |
| [axios](https://github.com/axios/axios) | `1.16.1` | `1.18.1` |
| [express-rate-limit](https://github.com/express-rate-limit/express-rate-limit) | `8.5.1` | `8.5.2` |
| [isomorphic-git](https://github.com/isomorphic-git/isomorphic-git) | `1.36.3` | `1.38.6` |
| [openid-client](https://github.com/panva/openid-client) | `6.8.1` | `6.8.4` |
| [parse-diff](https://github.com/sergeyt/parse-diff) | `0.11.1` | `0.12.0` |
| [uuid](https://github.com/uuidjs/uuid) | `14.0.0` | `14.0.1` |
| [validator](https://github.com/validatorjs/validator.js) | `13.15.26` | `13.15.35` |
| [@eslint/compat](https://github.com/eslint/rewrite/tree/HEAD/packages/compat) | `2.0.2` | `2.1.0` |
| [@eslint/json](https://github.com/eslint/json) | `2.0.0` | `2.0.1` |
| [@types/express-session](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/express-session) | `1.18.2` | `1.19.0` |
| [@types/lodash](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/lodash) | `4.17.23` | `4.17.24` |
| [cypress](https://github.com/cypress-io/cypress) | `15.9.0` | `15.18.1` |
| [fast-check](https://github.com/dubzzz/fast-check/tree/HEAD/packages/fast-check) | `4.5.3` | `4.9.0` |
| [globals](https://github.com/sindresorhus/globals) | `17.6.0` | `17.7.0` |
| [lint-staged](https://github.com/lint-staged/lint-staged) | `17.0.5` | `17.0.8` |
| [prettier](https://github.com/prettier/prettier) | `3.8.1` | `3.9.4` |
| [quicktype](https://github.com/glideapps/quicktype) | `23.2.6` | `23.3.23` |
| [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.23.0` |
| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.56.0` | `8.63.0` |
| [@esbuild/darwin-arm64](https://github.com/evanw/esbuild) | `0.27.2` | `0.28.1` |
| [@esbuild/darwin-x64](https://github.com/evanw/esbuild) | `0.27.2` | `0.28.1` |
| [@esbuild/linux-x64](https://github.com/evanw/esbuild) | `0.27.2` | `0.28.1` |
| [@esbuild/win32-x64](https://github.com/evanw/esbuild) | `0.27.2` | `0.28.1` |

Bumps the npm-non-major group with 5 updates in the /website directory:

| Package | From | To |
| --- | --- | --- |
| [axios](https://github.com/axios/axios) | `1.15.2` | `1.18.1` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.5` | `19.2.7` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.5` | `19.2.7` |
| [eslint](https://github.com/eslint/eslint) | `10.3.0` | `10.6.0` |
| [@mermaid-js/layout-elk](https://github.com/mermaid-js/mermaid) | `0.1.9` | `0.2.2` |



Updates `@aws-sdk/credential-providers` from 3.992.0 to 3.1081.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/packages/credential-providers/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1081.0/packages/credential-providers)

Updates `@fontsource/roboto` from 5.2.9 to 5.2.10
- [Changelog](https://github.com/fontsource/font-files/blob/main/CHANGELOG.md)
- [Commits](https://github.com/fontsource/font-files/commits/HEAD/fonts/google/roboto)

Updates `@primer/octicons-react` from 19.21.2 to 19.29.1
- [Release notes](https://github.com/primer/octicons/releases)
- [Changelog](https://github.com/primer/octicons/blob/main/CHANGELOG.md)
- [Commits](primer/octicons@v19.21.2...v19.29.1)

Updates `axios` from 1.16.1 to 1.18.1
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.16.1...v1.18.1)

Updates `express-rate-limit` from 8.5.1 to 8.5.2
- [Release notes](https://github.com/express-rate-limit/express-rate-limit/releases)
- [Commits](express-rate-limit/express-rate-limit@v8.5.1...v8.5.2)

Updates `isomorphic-git` from 1.36.3 to 1.38.6
- [Release notes](https://github.com/isomorphic-git/isomorphic-git/releases)
- [Commits](isomorphic-git/isomorphic-git@v1.36.3...v1.38.6)

Updates `openid-client` from 6.8.1 to 6.8.4
- [Release notes](https://github.com/panva/openid-client/releases)
- [Changelog](https://github.com/panva/openid-client/blob/main/CHANGELOG.md)
- [Commits](panva/openid-client@v6.8.1...v6.8.4)

Updates `parse-diff` from 0.11.1 to 0.12.0
- [Commits](sergeyt/parse-diff@0.11.1...0.12.0)

Updates `uuid` from 14.0.0 to 14.0.1
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v14.0.0...v14.0.1)

Updates `validator` from 13.15.26 to 13.15.35
- [Release notes](https://github.com/validatorjs/validator.js/releases)
- [Changelog](https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md)
- [Commits](validatorjs/validator.js@13.15.26...13.15.35)

Updates `@eslint/compat` from 2.0.2 to 2.1.0
- [Release notes](https://github.com/eslint/rewrite/releases)
- [Changelog](https://github.com/eslint/rewrite/blob/main/packages/compat/CHANGELOG.md)
- [Commits](https://github.com/eslint/rewrite/commits/compat-v2.1.0/packages/compat)

Updates `@eslint/json` from 2.0.0 to 2.0.1
- [Release notes](https://github.com/eslint/json/releases)
- [Changelog](https://github.com/eslint/json/blob/main/CHANGELOG.md)
- [Commits](eslint/json@json-v2.0.0...json-v2.0.1)

Updates `@types/express-session` from 1.18.2 to 1.19.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/express-session)

Updates `@types/lodash` from 4.17.23 to 4.17.24
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/lodash)

Updates `cypress` from 15.9.0 to 15.18.1
- [Release notes](https://github.com/cypress-io/cypress/releases)
- [Changelog](https://github.com/cypress-io/cypress/blob/develop/CHANGELOG.md)
- [Commits](cypress-io/cypress@v15.9.0...v15.18.1)

Updates `fast-check` from 4.5.3 to 4.9.0
- [Release notes](https://github.com/dubzzz/fast-check/releases)
- [Changelog](https://github.com/dubzzz/fast-check/blob/main/packages/fast-check/CHANGELOG.md)
- [Commits](https://github.com/dubzzz/fast-check/commits/v4.9.0/packages/fast-check)

Updates `globals` from 17.6.0 to 17.7.0
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](sindresorhus/globals@v17.6.0...v17.7.0)

Updates `lint-staged` from 17.0.5 to 17.0.8
- [Release notes](https://github.com/lint-staged/lint-staged/releases)
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md)
- [Commits](lint-staged/lint-staged@v17.0.5...v17.0.8)

Updates `prettier` from 3.8.1 to 3.9.4
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.8.1...3.9.4)

Updates `quicktype` from 23.2.6 to 23.3.23
- [Release notes](https://github.com/glideapps/quicktype/releases)
- [Commits](https://github.com/glideapps/quicktype/commits)

Updates `tsx` from 4.21.0 to 4.23.0
- [Release notes](https://github.com/privatenumber/tsx/releases)
- [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs)
- [Commits](privatenumber/tsx@v4.21.0...v4.23.0)

Updates `typescript-eslint` from 8.56.0 to 8.63.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.63.0/packages/typescript-eslint)

Updates `@esbuild/darwin-arm64` from 0.27.2 to 0.28.1
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2025.md)
- [Commits](evanw/esbuild@v0.27.2...v0.28.1)

Updates `@esbuild/darwin-x64` from 0.27.2 to 0.28.1
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2025.md)
- [Commits](evanw/esbuild@v0.27.2...v0.28.1)

Updates `@esbuild/linux-x64` from 0.27.2 to 0.28.1
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2025.md)
- [Commits](evanw/esbuild@v0.27.2...v0.28.1)

Updates `@esbuild/win32-x64` from 0.27.2 to 0.28.1
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2025.md)
- [Commits](evanw/esbuild@v0.27.2...v0.28.1)

Updates `axios` from 1.16.1 to 1.18.1
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.16.1...v1.18.1)

Updates `axios` from 1.15.2 to 1.18.1
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.16.1...v1.18.1)

Updates `react` from 19.2.5 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react)

Updates `react-dom` from 19.2.5 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom)

Updates `eslint` from 10.3.0 to 10.6.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v10.3.0...v10.6.0)

Updates `@mermaid-js/layout-elk` from 0.1.9 to 0.2.2
- [Release notes](https://github.com/mermaid-js/mermaid/releases)
- [Commits](https://github.com/mermaid-js/mermaid/compare/@mermaid-js/layout-elk@0.1.9...@mermaid-js/layout-elk@0.2.2)

Updates `axios` from 1.15.2 to 1.18.1
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.16.1...v1.18.1)

Updates `eslint` from 10.3.0 to 10.6.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v10.3.0...v10.6.0)

Updates `react` from 19.2.5 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react)

Updates `react-dom` from 19.2.5 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom)

---
updated-dependencies:
- dependency-name: "@aws-sdk/credential-providers"
  dependency-version: 3.1081.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: "@fontsource/roboto"
  dependency-version: 5.2.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-non-major
- dependency-name: "@primer/octicons-react"
  dependency-version: 19.29.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: axios
  dependency-version: 1.18.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: express-rate-limit
  dependency-version: 8.5.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-non-major
- dependency-name: isomorphic-git
  dependency-version: 1.38.6
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: openid-client
  dependency-version: 6.8.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-non-major
- dependency-name: parse-diff
  dependency-version: 0.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: uuid
  dependency-version: 14.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-non-major
- dependency-name: validator
  dependency-version: 13.15.35
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-non-major
- dependency-name: "@eslint/compat"
  dependency-version: 2.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: "@eslint/json"
  dependency-version: 2.0.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-non-major
- dependency-name: "@types/express-session"
  dependency-version: 1.19.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: "@types/lodash"
  dependency-version: 4.17.24
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-non-major
- dependency-name: cypress
  dependency-version: 15.18.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: fast-check
  dependency-version: 4.9.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: globals
  dependency-version: 17.7.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: lint-staged
  dependency-version: 17.0.8
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-non-major
- dependency-name: prettier
  dependency-version: 3.9.4
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: quicktype
  dependency-version: 23.3.23
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: tsx
  dependency-version: 4.23.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: typescript-eslint
  dependency-version: 8.63.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: "@esbuild/darwin-arm64"
  dependency-version: 0.28.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: "@esbuild/darwin-x64"
  dependency-version: 0.28.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: "@esbuild/linux-x64"
  dependency-version: 0.28.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: "@esbuild/win32-x64"
  dependency-version: 0.28.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: axios
  dependency-version: 1.18.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: axios
  dependency-version: 1.18.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: react
  dependency-version: 19.2.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-non-major
- dependency-name: react-dom
  dependency-version: 19.2.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-non-major
- dependency-name: eslint
  dependency-version: 10.6.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: "@mermaid-js/layout-elk"
  dependency-version: 0.2.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: axios
  dependency-version: 1.18.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: eslint
  dependency-version: 10.6.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-non-major
- dependency-name: react
  dependency-version: 19.2.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-non-major
- dependency-name: react-dom
  dependency-version: 19.2.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-non-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added automated dependencies Pull requests that update a dependency file labels Jul 12, 2026
@dependabot dependabot Bot requested a review from a team as a code owner July 12, 2026 09:39
@dependabot dependabot Bot added the automated label Jul 12, 2026
@netlify

netlify Bot commented Jul 12, 2026

Copy link
Copy Markdown

Deploy Preview for endearing-brigadeiros-63f9d0 ready!

Name Link
🔨 Latest commit ee6f706
🔍 Latest deploy log https://app.netlify.com/projects/endearing-brigadeiros-63f9d0/deploys/6a5360d83f944100089fa032
😎 Deploy Preview https://deploy-preview-1643.git-proxy.preview.finos.org
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@github-actions

Copy link
Copy Markdown

Dependency Review

The following issues were found:

  • ✅ 0 vulnerable package(s)
  • ❌ 1 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ✅ 0 package(s) with unknown licenses.
  • ⚠️ 2 packages with OpenSSF Scorecard issues.

View full job summary

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

automated dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants