Bump the all group across 1 directory with 5 updates

[dependabot]

Bumps the all group with 5 updates in the /backend directory:

Package	From	To
@aws-sdk/client-sns	3.956.0	3.980.0
@isaacs/ttlcache	2.1.3	2.1.4
mongoose	9.0.2	9.1.5
zod	3.25.76	4.3.6
@types/node	25.0.3	25.2.0

Updates @aws-sdk/client-sns from 3.956.0 to 3.980.0

Release notes

Sourced from @​aws-sdk/client-sns's releases.

v3.980.0

3.980.0(2026-01-30)

Chores

• use yarn workspace versioning for monorepo packages (#7693) (b951130e)

New Features

• clients: update client endpoints as of 2026-01-30 (11699137)
• client-quicksight: Improve SessionTag usage guidelines in the GenerateEmbedURLForAnonymousUser API documentation. Update the GetIdentityContext document with the region support context. (cf53c93f)
• client-connect: This release adds Estimated Wait Time support to the GetContactMetrics API for Amazon Connect. (e7dbc0a5)

---

For list of updated packages, view updated-packages.md in assets-3.980.0.zip

v3.979.0

3.979.0(2026-01-29)

New Features

• client-gamelift: Amazon GameLift Servers now supports automatic scaling to and from zero instances based on game session activity. Fleets scale down to zero following a defined period of no game session activity and scale up from zero when game sessions are requested, providing an option for cost optimization. (6b625f59)
• client-ec2: G7e instances feature up to 8 NVIDIA RTX PRO 6000 Blackwell Server Edition GPUs with 768 GB of memory and 5th generation Intel Xeon Scalable processors. Supporting up to 192 vCPUs, 1600 Gbps networking bandwidth with EFA, up to 2 TiB of system memory, and up to 15.2 TB of local NVMe SSD storage. (5678db81)

Bug Fixes

• credential-provider-node: open credential provider lock after failed chain (#7692) (2320c7c0)

---

For list of updated packages, view updated-packages.md in assets-3.979.0.zip

v3.978.0

3.978.0(2026-01-28)

Chores

• codegen:
  • smithy-typescript-aws-codegen release 0.43.0 (#7688) (f597b045)
  • update for aggregated paginators and waiters (#7685) (024c0731)

New Features

• client-s3-control: Adds support for the UpdateObjectEncryption API to change the server-side encryption type of objects in general purpose buckets. (8248439e)
• client-mediaconvert: This release adds a follow source mode for audio output channel count, an AES audio frame wrapping option for MXF outputs, and an option to signal DolbyVision compatibility using the SUPPLEMENTAL-CODECS tag in HLS manifests. (9ee45457)
• client-cognito-identity-provider: This release adds support for a new lambda trigger to transform federated user attributes during the authentication with external identity providers on Cognito Managed Login. (a291daef)
• client-connect: Adds support for filtering search results based on tags assigned to contacts. (c3e7a41b)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-sns's changelog.

3.980.0 (2026-01-30)

Note: Version bump only for package @​aws-sdk/client-sns

3.978.0 (2026-01-28)

Note: Version bump only for package @​aws-sdk/client-sns

3.975.0 (2026-01-23)

Note: Version bump only for package @​aws-sdk/client-sns

3.974.0 (2026-01-22)

Note: Version bump only for package @​aws-sdk/client-sns

3.972.0 (2026-01-20)

Note: Version bump only for package @​aws-sdk/client-sns

3.971.0 (2026-01-16)

Note: Version bump only for package @​aws-sdk/client-sns

3.970.0 (2026-01-15)

... (truncated)

Commits

• 0306270 Publish v3.980.0
• b951130 chore: use yarn workspace versioning for monorepo packages (#7693)
• a1794f7 Publish v3.978.0
• 024c073 chore(codegen): update for aggregated paginators and waiters (#7685)
• 557a738 Publish v3.975.0
• 784b9f3 chore(codegen): upgrade smithy to 1.66.0 (#7678)
• 2f2a874 Publish v3.974.0
• 8536efc chore(codegen): sync for http label validation (#7671)
• c47a847 Publish v3.972.0
• e0b484f chore: replace rimraf with premove (#7669)
• Additional commits viewable in compare view

Updates @isaacs/ttlcache from 2.1.3 to 2.1.4

Commits

• 1476f92 2.1.4
• e101894 stack timers for long TTLs
• fe12fe3 move configs out of package.json to config files
• See full diff in compare view

Updates mongoose from 9.0.2 to 9.1.5

Release notes

Sourced from mongoose's releases.

9.1.5 / 2026-01-20

• fix(map): validate map subdocument when loaded with init #15960 #15957 AbdelrahmanHafez
• fix(discriminator): prevent indexes and callQueue duplication with shared nested schemas #15974 #15966 AbdelrahmanHafez
• fix(subdocuments): do not pass parent path on init #15970 #15969 #15682 AbdelrahmanHafez
• types(inferrawdoctype): correct handling for subdocs and doc arrays #15967 #13772
• docs: improve grammar and clarity in TypeScript schema comments #15971 harshsinghpujari

9.1.4 / 2026-01-15

• fix: attach sessions to docs retrieved by cursor #15953 #15949 mjfwalsh
• fix(model): make hydrate() handle nested schema arrays #15964 #15956
• fix(clone): fix parent doc for map subdocuments and array subdocuments #15958 #15954 AbdelrahmanHafez
• fix: prevent crash when accessing nested paths on prototype #15962 #15961 som14062005

9.1.3 / 2026-01-09

• fix(model): support timestamps option to insertMany() as both boolean and QueryTimestampsConfig #15941 #15938
• fix(query): include preview of current and incoming update in error when merging normal update with pipeline #15939 #15928
• types(model): apply basic type casting to paths underneath subdocuments #15948 #15947
• types(utility): make WithLevel1NestedPaths correctly handle PopulatedDoc and other TypeScript unions with Document members #15942 #15923
• docs(schema): expose "DocumentArrayElement" #15590 hasezoey

9.1.2 / 2025-01-05

• fix(subdocs): pass options to pre-save hooks for subdocs #15921 #15920 AbdelrahmanHafez
• perf(model): select only _id when checking document existence during save() #15919 AbdelrahmanHafez

9.1.1 / 2025-12-30

• fix(document): avoid 'Cannot mix array and object updates' on doc.updateOne() with pipeline #15928
• docs: update default search version to 9.x #15926 #15925

9.1.0 / 2025-12-29

• feat(model): make pathsToSave handle saving just a subpath of a modified path #15896
• feat(document+model): pass options to pre('deleteOne') and update+options to pre('updateOne') hooks #15908 #15870
• feat(versioning): optimistic concurrency exclude option, update docs for optimisticConcurrency options #15917 #15915 #15912 AbdelrahmanHafez
• feat(document): add support for getAtomics() to allow custom container types to utilize atomics #15817
• perf: optimize Object.keys() checks and optional chaining #15865 AbdelrahmanHafez
• fix: add support for typescript style enums #15914 #15913 mjfwebb
• fix(document): when cloning a doc with subdocs, make sure the subdocs parent is the cloned doc #15904 #15901
• types(models): support Mongoose query casting in AnyBulkWriteOperation filter property #15918 #15910
• types: allow calling create() with TRawDocType for better generics support #15903 #15902
• types(document): add id virtual getter by default to HydrateDocument<> if TOverrides is Record<string, never> #15906 #15900
• docs(schema): add lean to list of schema options #15907 #15894 #12081

Changelog

Sourced from mongoose's changelog.

9.1.5 / 2026-01-20

• fix(map): validate map subdocument when loaded with init #15960 #15957 AbdelrahmanHafez
• fix(discriminator): prevent indexes and callQueue duplication with shared nested schemas #15974 #15966 AbdelrahmanHafez
• fix(subdocuments): do not pass parent path on init #15970 #15969 #15682 AbdelrahmanHafez
• types(inferrawdoctype): correct handling for subdocs and doc arrays #15967 #13772
• docs: improve grammar and clarity in TypeScript schema comments #15971 harshsinghpujari

9.1.4 / 2026-01-15

• fix: attach sessions to docs retrieved by cursor #15953 #15949 mjfwalsh
• fix(model): make hydrate() handle nested schema arrays #15964 #15956
• fix(clone): fix parent doc for map subdocuments and array subdocuments #15958 #15954 AbdelrahmanHafez
• fix: prevent crash when accessing nested paths on prototype #15962 #15961 som14062005

9.1.3 / 2026-01-09

• fix(model): support timestamps option to insertMany() as both boolean and QueryTimestampsConfig #15941 #15938
• fix(query): include preview of current and incoming update in error when merging normal update with pipeline #15939 #15928
• types(model): apply basic type casting to paths underneath subdocuments #15948 #15947
• types(utility): make WithLevel1NestedPaths correctly handle PopulatedDoc and other TypeScript unions with Document members #15942 #15923
• docs(schema): expose "DocumentArrayElement" #15590 hasezoey

9.1.2 / 2026-01-05

• fix(subdocs): pass options to pre-save hooks for subdocs #15921 #15920 AbdelrahmanHafez
• perf(model): select only _id when checking document existence during save() #15919 AbdelrahmanHafez

9.1.1 / 2025-12-30

• fix(document): avoid 'Cannot mix array and object updates' on doc.updateOne() with pipeline #15928
• docs: update default search version to 9.x #15926 #15925

9.1.0 / 2025-12-29

• feat(model): make pathsToSave handle saving just a subpath of a modified path #15896
• feat(document+model): pass options to pre('deleteOne') and update+options to pre('updateOne') hooks #15908 #15870
• feat(versioning): optimistic concurrency exclude option, update docs for optimisticConcurrency options #15917 #15915 #15912 AbdelrahmanHafez
• feat(document): add support for getAtomics() to allow custom container types to utilize atomics #15817
• perf: optimize Object.keys() checks and optional chaining #15865 AbdelrahmanHafez
• fix: add support for typescript style enums #15914 #15913 mjfwebb
• fix(document): when cloning a doc with subdocs, make sure the subdocs parent is the cloned doc #15904 #15901
• types(models): support Mongoose query casting in AnyBulkWriteOperation filter property #15918 #15910
• types: allow calling create() with TRawDocType for better generics support #15903 #15902
• types(document): add id virtual getter by default to HydrateDocument<> if TOverrides is Record<string, never> #15906 #15900
• docs(schema): add lean to list of schema options #15907 #15894 #12081

8.21.0 / 2025-12-29

• feat(document+model): pass options to pre('deleteOne') and update+options to pre('updateOne') hooks #15908 #15870

... (truncated)

Commits

• 22643d6 chore: release 9.1.5
• 87ffed8 Merge pull request #15967 from Automattic/vkarpov15/correct-raw-doc-type-subdocs
• f9bdfa2 Merge pull request #15974 from Automattic/gh-15966
• 76753bf style: break up ternary
• b9dc767 Merge pull request #15971 from harshsinghpujari/docs-typescript-grammer-fix
• 0cb75cb handling for _id option
• c8e5cb9 fix(discriminator): skip merging parentSchema to prevent duplication in child...
• 853e612 test(discriminator): add tests asserting queues are not duplicated for nested...
• 57bc5c8 test(discriminator): add tests to verify nested discriminator indexes do not ...
• c7549db docs: improve grammar and clarity in TypeScript schema comments
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for mongoose since your current version.

Updates zod from 3.25.76 to 4.3.6

Release notes

Sourced from zod's releases.

v4.3.6

Commits:

• 9977fb0868432461de265a773319e80a90ba3e37 Add brand.dev to sponsors
• f4b7bae3468f6188b8f004e007d722148fc91d77 Update pullfrog.yml (#5634)
• 251d7163a0ac7740fee741428d913e3c55702ace Clean up workflow_call
• edd4132466da0f5065a8e051b599d01fdd1081d8 fix: add missing User-agent to robots.txt and allow all (#5646)
• 85db85e9091d0706910d60c7eb2e9c181edd87bd fix: typo in codec.test.ts file (#5628)
• cbf77bb12bdfda2e054818e79001f5cb3798ce76 Avoid non null assertion (#5638)
• dfbbf1c1ae0c224b8131d80ddf0a264262144086 Avoid re-exported star modules (#5656)
• 762e911e5773f949452fd6dd4e360f2362110e8e Generalize numeric key handling
• ca3c8629c0c2715571f70b44c2433cad3db7fe4e v4.3.6

v4.3.5

Commits:

• 21afffdb42ccab554036312e33fed0ea3cb8f982 [Docs] Update migration guide docs for deprecation of message (#5595)
• e36743e513aadb307b29949a80d6eb0dcc8fc278 Improve mini treeshaking
• 0cdc0b8597999fd9ca99767b912c1e82c1ff2d6c 4.3.5

v4.3.4

Commits:

• 1a8bea3b474eada6f219c163d0d3ad09fadabe72 Add integration tests
• e01cd02b2f23d7e9078d3813830b146f8a2258b4 Support patternProperties for looserecord (#5592)
• 089e5fbb0f58ce96d2c4fb34cd91724c78df4af5 Improve looseRecord docs
• decef9c418d9a598c3f1bada06891ba5d922c5cd Fix lint
• 9443aab00d44d5d5f4a7eada65fc0fc851781042 Drop iso time in fromJSONSchema
• 66bda7491a1b9eab83bdeec0c12f4efc7290bd48 Remove .refine() from ZodMiniType
• b4ab94ca608cd5b581bfc12b20dd8d95b35b3009 4.3.4

v4.3.3

Commits:

• f3b2151959d215d405f54dff3c7ab3bf1fd887ca v4.3.3

v4.3.2

Commits:

• bf96635d243118de6e4f260077aa137453790bf6 Loosen strictObjectinside intersection (#5587)
• f71dc0182ab0f0f9a6be6295b07faca269e10179 Remove Juno (#5590)
• 0f41e5a12a43e6913c9dcb501b2b5136ea86500d 4.3.2

v4.3.1

Commits:

• 0fe88407a4149c907929b757dc6618d8afe998fc allow non-overwriting extends with refinements. 4.3.1

v4.3.0

This is Zod's biggest release since 4.0. It addresses several of Zod's longest-standing feature requests.

... (truncated)

Commits

• ca3c862 v4.3.6
• 762e911 Generalize numeric key handling
• dfbbf1c Avoid re-exported star modules (#5656)
• cbf77bb Avoid non null assertion (#5638)
• 85db85e fix: typo in codec.test.ts file (#5628)
• edd4132 fix: add missing User-agent to robots.txt and allow all (#5646)
• 251d716 Clean up workflow_call
• f4b7bae Update pullfrog.yml (#5634)
• 9977fb0 Add brand.dev to sponsors
• 0cdc0b8 4.3.5
• Additional commits viewable in compare view

Updates @types/node from 25.0.3 to 25.2.0

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
meal-map	Ready	Preview, Comment	Feb 1, 2026 5:30pm

[netlify]

❌ Deploy Preview for mealmap1 failed.

Name	Link
🔨 Latest commit	28b84c3
🔍 Latest deploy log	https://app.netlify.com/projects/mealmap1/deploys/697f8d80a4e83e0008d2bd03