Bump the npm_and_yarn group across 1 directory with 15 updates

[dependabot]

Bumps the npm_and_yarn group with 11 updates in the / directory:

Package	From	To
@octokit/plugin-paginate-rest	6.0.0	9.2.2
axios	0.25.0	0.31.1
csvtojson	2.0.10	2.0.13
lodash	4.17.21	4.18.1
sharp	0.31.1	0.32.6
@babel/runtime	7.20.7	7.29.2
@octokit/request-error	3.0.3	7.1.0
brace-expansion	1.1.11	1.1.14
cross-spawn	5.1.0	7.0.6
minimatch	3.0.5	3.1.5
tar-fs	2.1.1	2.1.4

Updates @octokit/plugin-paginate-rest from 6.0.0 to 9.2.2

Release notes

Sourced from @​octokit/plugin-paginate-rest's releases.

v9.2.2

9.2.2 (2025-02-15)

Bug Fixes

• ReDos regex vulnerability, reported by @​DayShift (#660) (e1e4489)

v9.2.1

9.2.1 (2024-03-01)

Bug Fixes

• pkg: pin @octokit/core peerDependency to v5 (#599) (5b84386)

v9.2.0

9.2.0 (2024-02-22)

Features

• new /orgs/{org}/organization-roles/{role_id}/teams and /orgs/{org}/organization-roles/{role_id}/users endpoints (#594) (75aeaaf)

v9.1.5

9.1.5 (2023-12-04)

Bug Fixes

• bump octokit/types minor version (#581) (65baec4)

v9.1.4

9.1.4 (2023-11-12)

Bug Fixes

• deps: bump @octokit/types (#575) (27db9ae)

v9.1.3

9.1.3 (2023-11-09)

Bug Fixes

• deps: bump @octokit/types (#574) (0940cb7)

v9.1.2

9.1.2 (2023-10-26)

... (truncated)

Commits

• e1e4489 fix: ReDos regex vulnerability, reported by @​DayShift (#660)
• 5b84386 fix(pkg): pin @octokit/core peerDependency to v5 (#599)
• fa01f94 ci(action): update actions/add-to-project action to v0.6.0 (#598)
• 75aeaaf feat: new /orgs/{org}/organization-roles/{role_id}/teams and `/orgs/{org}/o...
• 54d6bcf chore(deps): update dependency prettier to v3.2.5
• 1bfa2f8 chore(deps): update dependency npm-run-all2 to v6
• eb4a8fe chore(deps): replace dependency npm-run-all with npm-run-all2 ^5.0.0
• 11ef779 chore(deps): update dependency esbuild to ^0.20.0
• 2b6cc98 ci(action): update peter-evans/create-or-update-comment action to v4
• d7c9de5 chore(deps): update dependency prettier to v3.2.4 (#588)
• Additional commits viewable in compare view

Updates axios from 0.25.0 to 0.31.1

Release notes

Sourced from axios's releases.

v0.31.1

This release backports a broad set of security hardenings from the v1 line — covering prototype-pollution defences, stream size enforcement, XSRF handling, URL null-byte encoding, and bounded FormData recursion — and drops committed dist/ artefacts along with Bower support.

⚠️ Breaking Changes & Deprecations

• Bower & Committed dist/ Removed: dist/ bundles are no longer committed to the repo, and bower.json plus the Grunt package2bower task have been removed. CI still builds bundles before publish, so npm/yarn/pnpm consumers are unaffected; installs via Bower or directly from the git tree must migrate to npm or a CDN. (#10747)

🔒 Security Fixes

• Prototype Pollution in Header Merge (GHSA-6chq-wfr3-2hj9): Tightened isFormData to reject plain/null-prototype objects and require append, and guarded the Node HTTP adapter so data.getHeaders() is only merged when it is not inherited from Object.prototype. Blocks injected headers via polluted getHeaders. (#10750)
• Prototype Pollution in Config Merging (GHSA-pf86-5x62-jrwf): mergeConfig, defaults resolution, and the HTTP adapter now uses own-property checks for transport, env, Blob, formSerializer, and transforms arrays, and merged configs are returned as null-prototype objects. Prevents hijacking of the request flow through polluted prototypes. (#10752)
• FormData / Params Recursion DoS: Added a configurable maxDepth (default 100, Infinity disables) to toFormData and params serialisation, throwing AxiosError with code ERR_FORM_DATA_DEPTH_EXCEEDED when exceeded. Circular-reference detection is preserved. (#10728)
• Null-Byte Injection in Query Strings: Removed the unsafe %00 → null-byte substitution from AxiosURLSearchParams.encode so %00 is preserved as-is. Other encoding behaviour (including %20 → +) unchanged. (#10737)
• Consolidated v1 Security Backport: Rolls up remaining v1 hardenings into v0.x: maxContentLength enforcement for responseType: 'stream' via a guarded transform with deferred piping, maxBodyLength enforcement for streamed uploads on native http/https with maxRedirects: 0, and stricter withXSRFToken handling so only own boolean true enables cross-origin XSRF headers. (#10764)

🔧 Maintenance & Chores

• CODEOWNERS: Added .github/CODEOWNERS with * @jasonsaayman to set a default reviewer for all paths. (#10740)

Full Changelog

v0.31.0

This release backports security fixes from v1.x, hardens the CI/CD supply chain with OIDC publishing and zizmor scanning, resolves TypeScript typing issues in AxiosInstance, and fixes a performance regression in isEmptyObject().

🔒 Security Fixes

• Header Injection & Proxy Bypass: Backports v1 security hardening — sanitizes outgoing header values to strip invalid bytes, CRLF sequences, and boundary whitespace (including array values); adds proper NO_PROXY/no_proxy enforcement covering wildcards, explicit ports, loopback aliases (localhost, 127.0.0.1, ::1), bracketed IPv6, and trailing-dot hostnames. Proxy bypass is now checked before the proxy URL is parsed, and parsed.host is used for correct port and IPv6 handling. (#10688)

• CI Security: SHA-pins all actions and disables credential persistence in v0.x CI, introduces zizmor security scanning with SARIF upload to code scanning, adds an OIDC Trusted Publishing workflow with npm provenance attestations, and gates all publishes behind a required npm-publish GitHub Environment with configurable reviewer protections. (#10638, #10639, #10667)

🐛 Bug Fixes

• TypeScript — AxiosInstance Return Types: Fixes return types in AxiosInstance methods to correctly resolve to Promise<R> (matching AxiosPromise<T> semantics), and corrects the generic call signature so TypeScript properly enforces the response data type. TypeScript-only changes; no runtime impact. (#6253, #7328)

• Performance: Fixes a performance regression in isEmptyObject() that caused excessive computation when the argument was a large string. (#6484)

🔧 Maintenance & Chores

• Versioning & CI Workflow: Adds an automated versioning flow for v0.x, renames the CI workflow for consistency with the v1.x naming convention, and corrects the branch name reference in CI config. (#10690, #10691, #10692)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

• @​nakataki17 (#6253)
• @​gmasclet (#6484)
• @​shaanmajid (#10638, #10639, #10667)
• @​ivan-churakov (#7328)

Full Changelog

... (truncated)

Commits

• a589dc5 chore: bump version to v0.31.1 (#10766)
• b0c632f fix: backport security issues (#10764)
• b52187f fix: harden config merging (#10752)
• e3ddeb4 fix: header security issues (#10750)
• f4f2d76 chore: stop committing dist/ and remove bower (#10747)
• 1f2f644 chore: add CODEOWNERS (#10740)
• 44bca90 fix: improve regex in AxiosURLSearchParams (#10737)
• 4c4f07f fix: form data recursion (#10728)
• 5073eca chore: release v0.31.0 (#10697)
• b57eb1a ci: update branch name (#10692)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for axios since your current version.

Updates csvtojson from 2.0.10 to 2.0.13

Release notes

Sourced from csvtojson's releases.

v2.0.11

Release Note - Version 2.0.11

• Optimized the package's internal dependencies and removed unnecessary code, resulting in a significant reduction in bundle size. Keyang/node-csvtojson@75a154d

• Updated critical dependencies to their latest versions, addressing known security vulnerabilities.

• Removed deprecated code and refactored outdated modules, enhancing code quality and maintainability. Keyang/node-csvtojson@99616e4

Commits

• 141402c run build script
• 8e430a2 Fix issue #500 and #501
• 4caeebd fix #498: prototype pollution
• f303866 update package-lock.json
• 75a154d Merge pull request #437 from mothershipper/master
• 89a9a36 Updated package to 2.0.11
• 3e7999d Merge pull request #469 from Keyang/update-library
• e5b60c8 fix: removed unnessesary lines
• 7264211 feat: updated .gitignore
• 99616e4 feat: updated deprecated code
• Additional commits viewable in compare view

Updates form-data from 4.0.0 to 4.0.5

Release notes

Sourced from form-data's releases.

v4.0.4

v4.0.4 - 2025-07-16

Commits

• [meta] add auto-changelog 811f682
• [Tests] handle predict-v8-randomness failures in node < 17 and node > 23 1d11a76
• [Fix] Switch to using crypto random for boundary values 3d17230
• [Tests] fix linting errors 5e34080
• [meta] actually ensure the readme backup isn’t published 316c82b
• [Dev Deps] update @ljharb/eslint-config 58c25d7
• [meta] fix readme capitalization 2300ca1

v4.0.3

v4.0.3 - 2025-06-05

Fixed

• [Fix] append: avoid a crash on nullish values [#577](https://github.com/form-data/form-data/issues/577)

Commits

• [eslint] use a shared config 426ba9a
• [eslint] fix some spacing issues 2094191
• [Refactor] use hasown 81ab41b
• [Fix] validate boundary type in setBoundary() method 8d8e469
• [Tests] add tests to check the behavior of getBoundary with non-strings 837b8a1
• [Dev Deps] remove unused deps 870e4e6
• [meta] remove local commit hooks e6e83cc
• [Dev Deps] update eslint 4066fd6
• [meta] fix scripts to use prepublishOnly c4bbb13

v4.0.2

v4.0.2 - 2025-02-14

Merged

• [Fix] set Symbol.toStringTag when available [#573](https://github.com/form-data/form-data/issues/573)
• [Fix] set Symbol.toStringTag when available [#573](https://github.com/form-data/form-data/issues/573)
• fix (npmignore): ignore temporary build files [#532](https://github.com/form-data/form-data/issues/532)
• fix (npmignore): ignore temporary build files [#532](https://github.com/form-data/form-data/issues/532)

Fixed

• [Fix] set Symbol.toStringTag when available (#573) [#396](https://github.com/form-data/form-data/issues/396)
• [Fix] set Symbol.toStringTag when available (#573) [#396](https://github.com/form-data/form-data/issues/396)
• [Fix] set Symbol.toStringTag when available [#396](https://github.com/form-data/form-data/issues/396)

Commits

... (truncated)

Changelog

Sourced from form-data's changelog.

v4.0.5 - 2025-11-17

Commits

• [Tests] Switch to newer v8 prediction library; enable node 24 testing 16e0076
• [Dev Deps] update @ljharb/eslint-config, eslint 5822467
• [Fix] set Symbol.toStringTag in the proper place 76d0dee

v4.0.4 - 2025-07-16

Commits

• [meta] add auto-changelog 811f682
• [Tests] handle predict-v8-randomness failures in node < 17 and node > 23 1d11a76
• [Fix] Switch to using crypto random for boundary values 3d17230
• [Tests] fix linting errors 5e34080
• [meta] actually ensure the readme backup isn’t published 316c82b
• [Dev Deps] update @ljharb/eslint-config 58c25d7
• [meta] fix readme capitalization 2300ca1

v4.0.3 - 2025-06-05

Fixed

• [Fix] append: avoid a crash on nullish values [#577](https://github.com/form-data/form-data/issues/577)

Commits

• [eslint] use a shared config 426ba9a
• [eslint] fix some spacing issues 2094191
• [Refactor] use hasown 81ab41b
• [Fix] validate boundary type in setBoundary() method 8d8e469
• [Tests] add tests to check the behavior of getBoundary with non-strings 837b8a1
• [Dev Deps] remove unused deps 870e4e6
• [meta] remove local commit hooks e6e83cc
• [Dev Deps] update eslint 4066fd6
• [meta] fix scripts to use prepublishOnly c4bbb13

v4.0.2 - 2025-02-14

Merged

• [Fix] set Symbol.toStringTag when available [#573](https://github.com/form-data/form-data/issues/573)
• [Fix] set Symbol.toStringTag when available [#573](https://github.com/form-data/form-data/issues/573)
• fix (npmignore): ignore temporary build files [#532](https://github.com/form-data/form-data/issues/532)
• fix (npmignore): ignore temporary build files [#532](https://github.com/form-data/form-data/issues/532)

Fixed

• [Fix] set Symbol.toStringTag when available (#573) [#396](https://github.com/form-data/form-data/issues/396)

... (truncated)

Commits

• 68ff7dd v4.0.5
• 5822467 [Dev Deps] update @ljharb/eslint-config, eslint
• 76d0dee [Fix] set Symbol.toStringTag in the proper place
• 16e0076 [Tests] Switch to newer v8 prediction library; enable node 24 testing
• 41996f5 v4.0.4
• 316c82b [meta] actually ensure the readme backup isn’t published
• 2300ca1 [meta] fix readme capitalization
• 811f682 [meta] add auto-changelog
• 5e34080 [Tests] fix linting errors
• 1d11a76 [Tests] handle predict-v8-randomness failures in node < 17 and node > 23
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for form-data since your current version.

Install script changes

This version modifies prepublish script that runs during installation. Review the package contents before updating.

Updates lodash from 4.17.21 to 4.18.1

Release notes

Sourced from lodash's releases.

4.18.1

Bugs

Fixes a ReferenceError issue in lodash lodash-es lodash-amd and lodash.template when using the template and fromPairs functions from the modular builds. See lodash/lodash#6167

These defects were related to how lodash distributions are built from the main branch using https://github.com/lodash-archive/lodash-cli. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.

There is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:

• lodash: lodash/lodash@4.18.0-npm...4.18.1-npm
• lodash-es: lodash/lodash@4.18.0-es...4.18.1-es
• lodash-amd: lodash/lodash@4.18.0-amd...4.18.1-amd
• lodash.templatelodash/lodash@4.18.0-npm-packages...4.18.1-npm-packages

4.18.0

v4.18.0

Full Changelog: lodash/lodash@4.17.23...4.18.0

Security

_.unset / _.omit: Fixed prototype pollution via constructor/prototype path traversal (GHSA-f23m-r3pf-42rh, fe8d32e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now constructor and prototype are blocked unconditionally as non-terminal path keys, matching baseSet. Calls that previously returned true and deleted the property now return false and leave the target untouched.

_.template: Fixed code injection via imports keys (GHSA-r5fr-rjxr-66jc, CVE-2026-4800, 879aaa9). Fixes an incomplete patch for CVE-2021-23337. The variable option was validated against reForbiddenIdentifierChars but importsKeys was left unguarded, allowing code injection via the same Function() constructor sink. imports keys containing forbidden identifier characters now throw "Invalid imports option passed into _.template".

Docs

• Add security notice for _.template in threat model and API docs (#6099)
• Document lower > upper behavior in _.random (#6115)
• Fix quotes in _.compact jsdoc (#6090)

lodash.* modular packages

Diff

We have also regenerated and published a select number of the lodash.* modular packages.

These modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:

• lodash.orderby
• lodash.tonumber
• lodash.trim
• lodash.trimend
• lodash.sortedindexby
• lodash.zipobjectdeep
• lodash.unset
• lodash.omit
• lodash.template

Commits

• cb0b9b9 release(patch): bump main to 4.18.1 (#6177)
• 75535f5 chore: prune stale advisory refs (#6170)
• 62e91bc docs: remove n_ Node.js < 6 REPL note from README (#6165)
• 59be2de release(minor): bump to 4.18.0 (#6161)
• af63457 fix: broken tests for _.template 879aaa9
• 1073a76 fix: linting issues
• 879aaa9 fix: validate imports keys in _.template
• fe8d32e fix: block prototype pollution in baseUnset via constructor/prototype traversal
• 18ba0a3 refactor(fromPairs): use baseAssignValue for consistent assignment (#6153)
• b819080 ci: add dist sync validation workflow (#6137)
• Additional commits viewable in compare view

Updates sharp from 0.31.1 to 0.32.6

Changelog

Sourced from sharp's changelog.

v0.32.6 - 18th September 2023

• Upgrade to libvips v8.14.5 for upstream bug fixes.

• Ensure composite tile images are fully decoded (regression in 0.32.0). #3767

• Ensure withMetadata can add ICC profiles to RGB16 output. #3773

• Ensure withMetadata does not reduce 16-bit images to 8-bit (regression in 0.32.5). #3773

• TypeScript: Add definitions for block and unblock. #3799 @​ldrick

v0.32.5 - 15th August 2023

• Upgrade to libvips v8.14.4 for upstream bug fixes.

• TypeScript: Add missing WebpPresetEnum to definitions. #3748 @​pilotso11

• Ensure compilation using musl v1.2.4. #3755 @​kleisauke

• Ensure resize with a fit of inside respects 90/270 degree rotation. #3756

• TypeScript: Ensure minSize property of WebpOptions is boolean. #3758 @​sho-xizz

• Ensure withMetadata adds default sRGB profile. #3761

v0.32.4 - 21st July 2023

• Upgrade to libvips v8.14.3 for upstream bug fixes.

• Expose ability to (un)block low-level libvips operations by name.

• Prebuilt binaries: restore support for tile-based output. #3581

v0.32.3 - 14th July 2023

... (truncated)

Commits

• eefaa99 Release v0.32.6
• dbce6fa Upgrade to libvips v8.14.5
• af0fcb3 Docs: changelog for #3799
• c6f54e5 Bump devDeps
• 846563e TypeScript: add definitions for block and unblock (#3799)
• 9c217ab Ensure withMetadata can add RGB16 profiles #3773
• e7381e5 Alternative fix for 4340d60, uses existing StaySequential
• 4340d60 Ensure composite tile images fully decoded #3767
• 7f64d46 Docs: add missing returns property to raw
• 67e927b Docs: ensure all functions include method signature #3777
• Additional commits viewable in compare view

Updates @babel/runtime from 7.20.7 to 7.29.2

Release notes

Sourced from @​babel/runtime's releases.

v7.29.2 (2026-03-16)

👓 Spec Compliance

• babel-parser
  • #17840 [7.x backport] async x => {} must be in leading pos (@​JLHwung)

🐛 Bug Fix

• babel-helpers, babel-plugin-transform-async-generator-functions, babel-preset-env, babel-runtime-corejs3
  • #17805 [7.x backport] fix: Properly handle await in finally (@​liuxingbaoyu)
• babel-preset-env
  • #17789 [7.x backport] preset-env include/exclude should accept bugfix plugins (@​JLHwung)

🏠 Internal

• #17813 chore: update eslint peer deps (@​JLHwung)

Committers: 2

• Huáng Jùnliàng (@​JLHwung)
• @​liuxingbaoyu

v7.29.1 (2026-02-04)

🐛 Bug Fix

• babel-standalone
  • #17771 [7.x backport] fix: ensure targets.esmodules is validated (@​JLHwung)
• babel-generator
  • #17776 [7.x backport] Fix undefined when 64 indents (@​liuxingbaoyu)

Committers: 2

• Huáng Jùnliàng (@​JLHwung)
• @​liuxingbaoyu

v7.29.0 (2026-01-31)

Thanks @​simbahax for your first PR!

🚀 New Feature

• babel-types
  • #17750 [7.x backport] Add attributes import declaration builder (@​JLHwung)
• babel-standalone
  • #17663 [7.x backport] feat(standalone): export async transform (@​JLHwung)
  • #17725 [7.x backport] feat: read standalone targets from data-targets (@​JLHwung)

🐛 Bug Fix

• babel-parser
  • #17765 fix(parser): correctly parse type assertions in extends clause (@​nicolo-ribaudo)
  • #17723 [7.x backport] fix(parser): improve super type argument parsing (@​JLHwung)
• babel-traverse
  • #17708 fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (@​simbahax)
• babel-plugin-transform-block-scoping, babel-traverse
  • #17737 [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (@​magic-akari)

... (truncated)

Commits

• 37d5595 v7.29.2
• d7f4008 v7.28.6
• 35055e3 v7.28.4
• ef155f5 v7.28.3
• cac0ff4 v7.28.2
• f68ac51 chore: Avoid CITGM errors (#17382)
• baa4cb8 v7.27.6
• 7d06930 v7.27.4
• 5b9468d Reduce regenerator size more (#17287)
• cb78b5b [babel 8] Do not replace global regeneratorRuntime references in regenerato...
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​babel/runtime since your current version.

Updates @octokit/request-error from 3.0.3 to 7.1.0

Release notes

Sourced from @​octokit/request-error's releases.

v7.1.0

7.1.0 (2025-11-13)

Features

• inherit options from base Error class to add support for the cause property (#535/#536) (2ea2780)

v7.0.2

7.0.2 (2025-10-30)

Bug Fixes

• deps: update dependency @​octokit/types to v16 (#533) (e5a75ef)

v7.0.1

7.0.1 (2025-09-29)

Bug Fixes

• deps: update dependency @​octokit/types to v15 (#522) (4a453f2)

v7.0.0

7.0.0 (2025-05-20)

Continuous Integration

• stop testing against NodeJS v18 (#512) (8eee0c1)

BREAKING CHANGES

• Drop support for NodeJS v18

• build: set minimal node version in build script to v20

• ci: stop testing against NodeJS v18

v6.1.8

6.1.8 (2025-04-10)

Bug Fixes

• deps: update dependency @​octokit/types to v14 (#505) (ab4ea7b)

v6.1.7

... (truncated)

Commits

• 2ea2780 feat: inherit options from base Error class to add support for the cause ...
• ac7b309 chore(deps): update vitest monorepo to v4 (major) (#531)
• dadc76d ci(action): update peter-evans/create-or-update-comment action to v5 (#525)
• f57f2e6 build(deps): lock file maintenance (#534)
• e5a75ef fix(deps): update dependency @​octokit/types to v16 (#533)
• e5d5de2 chore(deps): update dependency @​types/node to v24 (#532)
• 8cc127b ci(action): update actions/setup-node action to v6 (#529)
• b3a876b build(deps): lock file maintenance (#527)
• cf1817b ci(action): update github/codeql-action action to v4 (#528)
• 61f1e87 chore(deps): update dependency tinybench to v5 (#519)
• Additional commits viewable in compare view

Updates @octokit/request from 6.2.3 to 10.0.9

Release notes

Sourced from @​octokit/request's releases.

v10.0.9

10.0.9 (2026-05-12)

Bug Fixes

• deps: switch to using the "content-type" package for content type parsing (#807) (a9f64a0)

v10.0.8

10.0.8 (2026-02-20)

Bug Fixes

• use json-with-bigint instead of built-in JSON methods in order to properly support int64's (#798) (f13f5d9)

v10.0.7

10.0.7 (2025-11-13)

Bug Fixes

• readme: properly structure the options for custom agent (#786) (f17c1c1), closes #785

v10.0.6

10.0.6 (2025-10-30)

Bug Fixes

• deps: update dependency @​octokit/types to v16 (#783) (1aeac56)

v10.0.5

10.0.5 (2025-09-29)

Bug Fixes

• deps: update octokit deps (#772) (30f83b6)

v10.0.4

10.0.4 (2025-09-29)

Bug Fixes

• deps: update dependency @​octokit/types to v15 (#775) (ad78b4c)

v10.0.3

10.0.3 (2025-06-20)

... (truncated)

Commits

• a9f64a0 fix(deps): switch to using the "content-type" package for content type parsin...
• 4abc280 chore(deps): update dependency undici to v7.24.0 [security] (#800)
• f13f5d9 fix: use json-with-bigint instead of built-in JSON methods in order to prop...
• 9ba6ae0 Document that unsuccessful HTTP status code result in an exception (#795)
• 7160b82 chore(deps): replace glob with tinyglobby (#791)
• ab8018b ci(action): update peter-evans/create-or-update-comment action to v5 (#776)
• fb916e4 build(deps): bump vite from 6.3.4 to 6.4.1 (#780)
• e1eb769 chore(deps): update dependency esbuild to ^0.27.0 (#784)
• f17c1c1 fix(readme): properly structure the options for custom agent (#786)
• ea46fa9 ci(action): update github/codeql-action action to v4 (#778)
• Additional commits viewable in compare view
Description has been truncated