build(deps): bump @nestjs/microservices from 11.1.12 to 11.1.19

[dependabot]

Bumps @nestjs/microservices from 11.1.12 to 11.1.19.

Release notes

Sourced from @​nestjs/microservices's releases.

v11.1.19 (2026-04-13)

Bug fixes

• microservices
  • #16762 fix(microservices): use backing field for consumer CRASH event listener (@​burhanharoon)
  • #16764 fix(microservices): prevent stack overflow in jsonsocket.handledata() (@​kamilmysliwiec)

Committers: 2

• Burhan Haroon⚡ (@​burhanharoon)
• Kamil Mysliwiec (@​kamilmysliwiec)

v11.1.18 (2026-04-03)

Bug fixes

• microservices
  • #16675 fix(microservices): preserve packet headers in nats serializer (@​wwenrr)
• core
  • #16683 fix(core): prevent injector hang when design:paramtypes is missing (@​Youmoo)
  • #16637 fix(core): dependency injection edge case with moduleref.create (@​JakobStaudinger)
  • nestjs/nest#16686 fix(core): sanitize sse message

Dependencies

• core, platform-express, platform-fastify
  • #16679 fix(deps): update dependency path-to-regexp to v8.4.2 (@​renovate[bot])
• platform-fastify
  • #16623 fix(deps): update dependency fastify to v5.8.4 (@​renovate[bot])
• platform-ws
  • #16618 chore(deps): bump ws from 8.19.0 to 8.20.0 (@​dependabot[bot])
• common
  • #16619 chore(deps): bump file-type from 21.3.3 to 21.3.4 (@​dependabot[bot])

Committers: 6

• Ankit San (@​ankitbelal)
• Jakob Staudinger (@​JakobStaudinger)
• Kamil Mysliwiec (@​kamilmysliwiec)
• Krishna Chaitanya (@​Krishnachaitanyakc)
• MK (@​wwenrr)
• youmoo (@​Youmoo)

v11.1.17 (2026-03-16)

Enhancements

• microservices
  • #16218 feat(microservices): add redis driver identification (@​vchomakov)

Bugs

• platform-fastify
  • auto-run middleware for HEAD requests as fastify redirects them to GET handlers (effectively skipping middleware execution) nestjs/nest@cbdf737 (@​kamilmysliwiec)

... (truncated)

Commits

• 6730995 chore(release): publish v11.1.19 release
• bcc036d Merge pull request #16762 from burhanharoon/fix/kafka-consumer-crash-event-li...
• d3deafe chore: remove redundant comments
• 298857e fix(microservices): prevent stack overflow in jsonsocket.handledata()
• 77063fb fix(microservices): use backing field for consumer crash event listener
• 3c1cc5f chore(release): publish v11.1.18 release
• 848a6fb fix(microservices): escape msvc pattern keys
• 9e6774b fix(microservices): preserve packet headers in nats serializer
• 5a05f52 chore: update readme
• 447a373 chore(release): publish v11.1.17 release
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[cla-assistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[cla-assistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[greptile-apps]

Greptile Summary

Automated Dependabot bump of @nestjs/microservices from 11.1.12 to 11.1.19. The new version ships several bug fixes: a stack overflow prevention in JsonSocket.handleData(), a Kafka consumer CRASH event listener fix, and a NATS serializer header-preservation fix. Both package.json and yarn.lock are updated consistently.

Confidence Score: 5/5

Safe to merge — straightforward patch-level bump with only bug fixes and no breaking changes.

Both package.json and yarn.lock are consistently updated. The version range (^11.1.x) means the change is patch-level, the upstream changelog lists only bug fixes, and no other runtime code is modified.

No files require special attention.

Important Files Changed

Filename	Overview
package.json	Bumps @nestjs/microservices from ^11.1.12 to ^11.1.19; all other NestJS peer dependencies remain in sync at 11.1.x.
yarn.lock	Lock file updated to resolve @nestjs/microservices at 11.1.19; registry URL changed from registry.npmjs.org to registry.yarnpkg.com (both are valid Yarn-compatible registries).

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A["@nestjs/microservices@11.1.12"] -->|Dependabot bump| B["@nestjs/microservices@11.1.19"]
    B --> C["Fix: stack overflow in JsonSocket.handleData()"]
    B --> D["Fix: Kafka consumer CRASH event listener"]
    B --> E["Fix: NATS serializer packet header preservation"]

Loading

_{Reviews (1): Last reviewed commit: "build(deps): bump @nestjs/microservices ..." | Re-trigger Greptile}