Skip to content

deps: bump the security-updates group with 29 updates#996

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/security-updates-fdd3095d17
Open

deps: bump the security-updates group with 29 updates#996
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/security-updates-fdd3095d17

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 13, 2026
edited
Loading

Bumps the security-updates group with 29 updates:

Package From To
@babel/traverse 7.28.3 7.29.0
@eslint/js 9.8.0 10.0.1
@nestjs/common 10.4.20 11.1.19
@types/node 22.19.1 25.6.0
@typescript-eslint/eslint-plugin 7.18.0 8.58.2
@typescript-eslint/parser 7.18.0 8.58.2
axios 1.8.2 1.15.0
eslint 9.8.0 10.2.0
eslint-plugin-tsdoc 0.5.0 0.5.2
follow-redirects 1.15.11 1.16.0
globals 16.5.0 17.5.0
husky 8.0.3 9.1.7
inversify 6.0.1 8.1.0
jest 29.7.0 30.3.0
@types/jest 29.5.12 30.0.0
jest-environment-node 29.1.0 30.3.0
lerna 8.2.4 9.0.7
lint-staged 16.2.6 16.4.0
madge 7.0.0 8.0.0
prettier 3.6.2 3.8.2
rimraf 5.0.10 6.1.3
sinon 16.1.3 21.1.2
@types/sinon 10.0.20 21.0.1
tar 6.2.1 7.5.13
ts-jest 29.4.5 29.4.9
typescript 5.2.2 6.0.2
@vitest/coverage-v8 1.6.1 4.1.4
@vitest/spy 1.6.1 4.1.4
vitest 1.6.1 4.1.4

Updates @babel/traverse from 7.28.3 to 7.29.0

Release notes

Sourced from @​babel/traverse's releases.

v7.29.0 (2026-01-31)

Thanks @​simbahax for your first PR!

🚀 New Feature

  • babel-types
  • babel-standalone

🐛 Bug Fix

  • babel-parser
  • babel-traverse
    • #17708 fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (@​simbahax)
  • babel-plugin-transform-block-scoping, babel-traverse
    • #17737 [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (@​magic-akari)

🏃‍♀️ Performance

Committers: 6

v7.28.6 (2026-01-12)

Thanks @​kadhirash and @​kolvian for your first PRs!

🐛 Bug Fix

  • babel-cli, babel-code-frame, babel-core, babel-helper-check-duplicate-nodes, babel-helper-fixtures, babel-helper-plugin-utils, babel-node, babel-plugin-transform-flow-comments, babel-plugin-transform-modules-commonjs, babel-plugin-transform-property-mutators, babel-preset-env, babel-traverse, babel-types
  • babel-plugin-transform-regenerator
  • babel-plugin-transform-react-jsx

💅 Polish

  • babel-core, babel-standalone

🏠 Internal

  • babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-plugin-proposal-decorators, babel-plugin-proposal-import-attributes-to-assertions, babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-async-do-expressions, babel-plugin-syntax-decorators, babel-plugin-syntax-destructuring-private, babel-plugin-syntax-do-expressions, babel-plugin-syntax-explicit-resource-management, babel-plugin-syntax-export-default-from, babel-plugin-syntax-flow, babel-plugin-syntax-function-bind, babel-plugin-syntax-function-sent, babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes, babel-plugin-syntax-import-defer, babel-plugin-syntax-import-source, babel-plugin-syntax-jsx, babel-plugin-syntax-module-blocks, babel-plugin-syntax-optional-chaining-assign, babel-plugin-syntax-partial-application, babel-plugin-syntax-pipeline-operator, babel-plugin-syntax-throw-expressions, babel-plugin-syntax-typescript, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-dotall-regex, babel-plugin-transform-duplicate-named-capturing-groups-regex, babel-plugin-transform-explicit-resource-management, babel-plugin-transform-exponentiation-operator, babel-plugin-transform-json-strings, babel-plugin-transform-logical-assignment-operators, babel-plugin-transform-nullish-coalescing-operator, babel-plugin-transform-numeric-separator, babel-plugin-transform-object-rest-spread, babel-plugin-transform-optional-catch-binding, babel-plugin-transform-optional-chaining, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-regexp-modifiers, babel-plugin-transform-unicode-property-regex, babel-plugin-transform-unicode-sets-regex

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​babel/traverse since your current version.


Updates @eslint/js from 9.8.0 to 10.0.1

Release notes

Sourced from @​eslint/js's releases.

v10.0.1

Bug Fixes

  • c87d5bd fix: update eslint (#20531) (renovate[bot])
  • d841001 fix: update minimatch to 10.2.1 to address security vulnerabilities (#20519) (루밀LuMir)
  • 04c2147 fix: update error message for unused suppressions (#20496) (fnx)
  • 38b089c fix: update dependency @​eslint/config-array to ^0.23.1 (#20484) (renovate[bot])

Documentation

  • 5b3dbce docs: add AI acknowledgement section to templates (#20431) (루밀LuMir)
  • 6f23076 docs: toggle nav in no-JS mode (#20476) (Tanuj Kanti)
  • b69cfb3 docs: Update README (GitHub Actions Bot)

Chores

  • e5c281f chore: updates for v9.39.3 release (Jenkins)
  • 8c3832a chore: update @​typescript-eslint/parser to ^8.56.0 (#20514) (Milos Djermanovic)
  • 8330d23 test: add tests for config-api (#20493) (Milos Djermanovic)
  • 37d6e91 chore: remove eslint v10 prereleases from eslint-config-eslint deps (#20494) (Milos Djermanovic)
  • da7cd0e refactor: cleanup error message templates (#20479) (Francesco Trotta)
  • 84fb885 chore: package.json update for @​eslint/js release (Jenkins)
  • 1f66734 chore: add eslint to peerDependencies of @eslint/js (#20467) (Milos Djermanovic)

v10.0.0

Breaking Changes

  • f9e54f4 feat!: estimate rule-tester failure location (#20420) (ST-DDT)
  • a176319 feat!: replace chalk with styleText and add color to ResultsMeta (#20227) (루밀LuMir)
  • c7046e6 feat!: enable JSX reference tracking (#20152) (Pixel998)
  • fa31a60 feat!: add name to configs (#20015) (Kirk Waiblinger)
  • 3383e7e fix!: remove deprecated SourceCode methods (#20137) (Pixel998)
  • 501abd0 feat!: update dependency minimatch to v10 (#20246) (renovate[bot])
  • ca4d3b4 fix!: stricter rule tester assertions for valid test cases (#20125) (唯然)
  • 96512a6 fix!: Remove deprecated rule context methods (#20086) (Nicholas C. Zakas)
  • c69fdac feat!: remove eslintrc support (#20037) (Francesco Trotta)
  • 208b5cc feat!: Use ScopeManager#addGlobals() (#20132) (Milos Djermanovic)
  • a2ee188 fix!: add uniqueItems: true in no-invalid-regexp option (#20155) (Tanuj Kanti)
  • a89059d feat!: Program range span entire source text (#20133) (Pixel998)
  • 39a6424 fix!: assert 'text' is a string across all RuleFixer methods (#20082) (Pixel998)
  • f28fbf8 fix!: Deprecate "always" and "as-needed" options of the radix rule (#20223) (Milos Djermanovic)
  • aa3fb2b fix!: tighten func-names schema (#20119) (Pixel998)
  • f6c0ed0 feat!: report eslint-env comments as errors (#20128) (Francesco Trotta)
  • 4bf739f fix!: remove deprecated LintMessage#nodeType and TestCaseError#type (#20096) (Pixel998)
  • 523c076 feat!: drop support for jiti < 2.2.0 (#20016) (michael faith)
  • 454a292 feat!: update eslint:recommended configuration (#20210) (Pixel998)
  • 4f880ee feat!: remove v10_* and inactive unstable_* flags (#20225) (sethamus)
  • f18115c feat!: no-shadow-restricted-names report globalThis by default (#20027) (sethamus)
  • c6358c3 feat!: Require Node.js ^20.19.0 || ^22.13.0 || >=24 (#20160) (Milos Djermanovic)

Features

  • bff9091 feat: handle Array.fromAsync in array-callback-return (#20457) (Francesco Trotta)
  • 290c594 feat: add self to no-implied-eval rule (#20468) (sethamus)
  • 43677de feat: fix handling of function and class expression names in no-shadow (#20432) (Milos Djermanovic)

... (truncated)

Commits
  • 84fb885 chore: package.json update for @​eslint/js release
  • 1f66734 chore: add eslint to peerDependencies of @eslint/js (#20467)
  • f3fbc2f chore: set @eslint/js version to 10.0.0 to skip releasing it (#20466)
  • b4b3127 chore: package.json update for @​eslint/js release
  • 0b14059 chore: package.json update for @​eslint/js release
  • fa31a60 feat!: add name to configs (#20015)
  • 1e2cad5 chore: package.json update for @​eslint/js release
  • 454a292 feat!: update eslint:recommended configuration (#20210)
  • c6358c3 feat!: Require Node.js ^20.19.0 || ^22.13.0 || >=24 (#20160)
  • c7ebefc chore: package.json update for @​eslint/js release
  • Additional commits viewable in compare view

Updates @nestjs/common from 10.4.20 to 11.1.19

Release notes

Sourced from @​nestjs/common's releases.

v11.1.19 (2026-04-13)

Bug fixes

Committers: 2

v11.1.18 (2026-04-03)

Bug fixes

Dependencies

Committers: 6

v11.1.17 (2026-03-16)

Enhancements

Bugs

... (truncated)

Commits
  • 6730995 chore(release): publish v11.1.19 release
  • 3c1cc5f chore(release): publish v11.1.18 release
  • a39e345 refactor(common): change console logger helpers to protected
  • 34f0f28 chore(deps): bump file-type from 21.3.3 to 21.3.4
  • 0e96b0a chore(deps): bump file-type from 21.3.2 to 21.3.3
  • 5a05f52 chore: update readme
  • 447a373 chore(release): publish v11.1.17 release
  • 99ed6e6 fix(deps): update dependency file-type to v21.3.2
  • 268a283 fix(deps): update dependency file-type to v21.3.1
  • 315e698 chore(release): publish v11.1.16 release
  • Additional commits viewable in compare view

Updates @types/node from 22.19.1 to 25.6.0

Commits

Updates @typescript-eslint/eslint-plugin from 7.18.0 to 8.58.2

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.58.2

8.58.2 (2026-04-13)

🩹 Fixes

  • remove tsbuildinfo cache file from published packages (#12187)
  • eslint-plugin: [no-unnecessary-condition] use assignability checks in checkTypePredicates (#12147)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.58.1

8.58.1 (2026-04-08)

🩹 Fixes

  • eslint-plugin: [no-unused-vars] fix false negative for type predicate parameter (#12004)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.58.0

8.58.0 (2026-03-30)

🚀 Features

  • support TypeScript 6 (#12124)

🩹 Fixes

  • eslint-plugin: crash in no-unnecessary-type-arguments (#12163)
  • eslint-plugin: [no-extraneous-class] handle index signatures (#12142)
  • eslint-plugin: [prefer-regexp-exec] avoid fixing unknown RegExp flags (#12161)

❤️ Thank You

... (truncated)

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.58.2 (2026-04-13)

🩹 Fixes

  • eslint-plugin: [no-unnecessary-condition] use assignability checks in checkTypePredicates (#12147)
  • remove tsbuildinfo cache file from published packages (#12187)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.58.1 (2026-04-08)

🩹 Fixes

  • eslint-plugin: [no-unused-vars] fix false negative for type predicate parameter (#12004)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.58.0 (2026-03-30)

🚀 Features

  • support TypeScript 6 (#12124)

🩹 Fixes

  • eslint-plugin: [prefer-regexp-exec] avoid fixing unknown RegExp flags (#12161)
  • eslint-plugin: [no-extraneous-class] handle index signatures (#12142)
  • eslint-plugin: crash in no-unnecessary-type-arguments (#12163)

❤️ Thank You

... (truncated)

Commits
  • 90c2803 chore(release): publish 8.58.2
  • 7c9e06f fix(eslint-plugin): [no-unnecessary-condition] use assignability checks in ch...
  • dae1732 chore(eslint-plugin): switch auto-generated test cases to hand-written in unb...
  • be6b49a fix: remove tsbuildinfo cache file from published packages (#12187)
  • 5311ed3 chore(release): publish 8.58.1
  • c3f8ed5 fix(eslint-plugin): [no-unused-vars] fix false negative for type predicate pa...
  • e372a66 Revert: feat(eslint-plugin): [no-unnecessary-type-arguments] report inferred ...
  • 4933417 chore(release): publish 8.58.0
  • 5a9bd36 fix(eslint-plugin): [prefer-regexp-exec] avoid fixing unknown RegExp flags (#...
  • edb90eb fix(eslint-plugin): [no-extraneous-class] handle index signatures (#12142)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​typescript-eslint/eslint-plugin since your current version.


Updates @typescript-eslint/parser from 7.18.0 to 8.58.2

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.58.2

8.58.2 (2026-04-13)

🩹 Fixes

  • remove tsbuildinfo cache file from published packages (#12187)
  • eslint-plugin: [no-unnecessary-condition] use assignability checks in checkTypePredicates (#12147)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.58.1

8.58.1 (2026-04-08)

🩹 Fixes

  • eslint-plugin: [no-unused-vars] fix false negative for type predicate parameter (#12004)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.58.0

8.58.0 (2026-03-30)

🚀 Features

  • support TypeScript 6 (#12124)

🩹 Fixes

  • eslint-plugin: crash in no-unnecessary-type-arguments (#12163)
  • eslint-plugin: [no-extraneous-class] handle index signatures (#12142)
  • eslint-plugin: [prefer-regexp-exec] avoid fixing unknown RegExp flags (#12161)

❤️ Thank You

... (truncated)

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.58.2 (2026-04-13)

🩹 Fixes

  • remove tsbuildinfo cache file from published packages (#12187)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.58.1 (2026-04-08)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.58.0 (2026-03-30)

🚀 Features

  • support TypeScript 6 (#12124)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.57.2 (2026-03-23)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.57.1 (2026-03-16)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​typescript-eslint/parser since your current version.


Updates axios from 1.8.2 to 1.15.0

Release notes

Sourced from axios's releases.

v1.15.0

This release delivers two critical security patches, adds runtime support for Deno and Bun, and includes significant CI hardening, documentation improvements, and routine dependency updates.

⚠️ Important Changes

  • Deprecation: url.parse() usage has been replaced to address Node.js deprecation warnings. If you are on a recent version of Node.js, this resolves console warnings you may have been seeing. (#10625)

🔒 Security Fixes

  • Proxy Handling: Fixed a no_proxy hostname normalisation bypass that could lead to Server-Side Request Forgery (SSRF). (#10661)
  • Header Injection: Fixed an unrestricted cloud metadata exfiltration vulnerability via a header injection chain. (#10660)

🚀 New Features

  • Runtime Support: Added compatibility checks and documentation for Deno and Bun environments. (#10652, #10653)

🔧 Maintenance & Chores

  • CI Security: Hardened workflow permissions to least privilege, added the zizmor security scanner, pinned action versions, and gated npm publishing with OIDC and environment protection. (#10618, #10619, #10627, #10637, #10666)
  • Dependencies: Bumped serialize-javascript, handlebars, picomatch, vite, and denoland/setup-deno to latest versions. Added a 7-day Dependabot cooldown period. (#10574, #10572, #10568, #10663, #10664, #10665, #10669, #10670, #10616)
  • Documentation: Unified docs, improved beforeRedirect credential leakage example, clarified withCredentials/withXSRFToken behaviour, HTTP/2 support notes, async/await timeout error handling, header case preservation, and various typo fixes. (#10649, #10624, #7452, #7471, #10654, #10644, #10589)
  • Housekeeping: Removed stale files, regenerated lockfile, and updated sponsor scripts and blocks. (#10584, #10650, #10582, #10640, #10659, #10668)
  • Tests: Added regression coverage for urlencoded Content-Type casing. (#10573)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve Axios:

v1.14.0

This release focuses on compatibility fixes, adapter stability improvements, and test/tooling modernisation.

⚠️ Important Changes

  • Breaking Changes: None identified in this release.
  • Action Required: If you rely on env-based proxy behaviour or CJS resolution edge-cases, validate your integration after upgrade (notably proxy-from-env v2 alignment and main entry compatibility fix).

🚀 New Features

  • Runtime Features: No new end-user features were introduced in this release.
  • Test Coverage Expansion: Added broader smoke/module test coverage for CJS and ESM package usage. (#7510)

🐛 Bug Fixes

  • Headers: Trim trailing CRLF in normalised header values. (#7456)
  • HTTP/2: Close detached HTTP/2 sessions on timeout to avoid lingering sessions. (#7457)
  • Fetch Adapter: Cancel ReadableStream created during request-stream capability probing to prevent async resource leaks. (#7515)
  • Proxy Handling: Fixed env proxy behavior with proxy-from-env v2 usage. (#7499)

... (truncated)

Changelog

Sourced from axios's changelog.

v1.15.0 — April 7, 2026

This release delivers two critical security patches targeting header injection and SSRF via proxy bypass, adds official runtime support for Deno and Bun, and includes significant CI security hardening.

🔒 Security Fixes

  • Header Injection (CRLF): Rejects any header value containing \r or \n characters to block CRLF injection chains that could be used to exfiltrate cloud metadata (IMDS). Behavior change: headers with CR/LF now throw "Invalid character in header content". (#10660)

  • SSRF via no_proxy Bypass: Introduces a shouldBypassProxy helper that normalises hostnames (strips trailing dots, handles bracketed IPv6) before evaluating no_proxy/NO_PROXY rules, closing a gap that could cause loopback or internal hosts to be inadvertently proxied. (#10661)

🚀 New Features

  • Deno & Bun Runtime Support: Added full smoke test suites for Deno and Bun, with CI workflows that run both runtimes before any release is cut. (#10652)

🐛 Bug Fixes

  • Node.js v22 Compatibility: Replaced deprecated url.parse() calls with the WHATWG URL/URLSearchParams API across examples, sandbox, and tests, eliminating DEP0169 deprecation warnings on Node.js v22+. (#10625)

🔧 Maintenance & Chores

  • CI Security Hardening: Added zizmor GitHub Actions security scanner; switched npm publish to OIDC Trusted Publishing (removing the long-lived NODE_AUTH_TOKEN); pinned all action references to full commit SHAs; narrowed workflow permissions to least privilege; gated the publish step behind a dedicated npm-publish environment; and blocked the sponsor-block workflow from running on forks. (#10618, #10619, #10627, #10637, #10641, #10666)

  • Docs: Clarified HTTP/2 support and the unsupported httpVersion option; added documentation for header case preservation; improved the beforeRedirect example to prevent accidental credential leakage. (#10644, #10654, #10624)

  • Dependencies: Bumped picomatch, handlebars, serialize-javascript, vite (×3), denoland/setup-deno, and 4 additional dev dependencies to latest versions. (#10564, #10565, #10567, #10568, #10572, #10574, #10663, #10664, #10665, #10669, #10670)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

@dependabot
deps: bump the security-updates group with 29 updates
2afd037 
Bumps the security-updates group with 29 updates:

| Package | From | To |
| --- | --- | --- |
| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.28.3` | `7.29.0` |
| [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) | `9.8.0` | `10.0.1` |
| [@nestjs/common](https://github.com/nestjs/nest/tree/HEAD/packages/common) | `10.4.20` | `11.1.19` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.19.1` | `25.6.0` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `7.18.0` | `8.58.2` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `7.18.0` | `8.58.2` |
| [axios](https://github.com/axios/axios) | `1.8.2` | `1.15.0` |
| [eslint](https://github.com/eslint/eslint) | `9.8.0` | `10.2.0` |
| [eslint-plugin-tsdoc](https://github.com/microsoft/tsdoc/tree/HEAD/eslint-plugin) | `0.5.0` | `0.5.2` |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.11` | `1.16.0` |
| [globals](https://github.com/sindresorhus/globals) | `16.5.0` | `17.5.0` |
| [husky](https://github.com/typicode/husky) | `8.0.3` | `9.1.7` |
| [inversify](https://github.com/inversify/monorepo) | `6.0.1` | `8.1.0` |
| [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `29.7.0` | `30.3.0` |
| [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) | `29.5.12` | `30.0.0` |
| [jest-environment-node](https://github.com/jestjs/jest/tree/HEAD/packages/jest-environment-node) | `29.1.0` | `30.3.0` |
| [lerna](https://github.com/lerna/lerna/tree/HEAD/packages/lerna) | `8.2.4` | `9.0.7` |
| [lint-staged](https://github.com/lint-staged/lint-staged) | `16.2.6` | `16.4.0` |
| [madge](https://github.com/pahen/madge) | `7.0.0` | `8.0.0` |
| [prettier](https://github.com/prettier/prettier) | `3.6.2` | `3.8.2` |
| [rimraf](https://github.com/isaacs/rimraf) | `5.0.10` | `6.1.3` |
| [sinon](https://github.com/sinonjs/sinon) | `16.1.3` | `21.1.2` |
| [@types/sinon](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sinon) | `10.0.20` | `21.0.1` |
| [tar](https://github.com/isaacs/node-tar) | `6.2.1` | `7.5.13` |
| [ts-jest](https://github.com/kulshekhar/ts-jest) | `29.4.5` | `29.4.9` |
| [typescript](https://github.com/microsoft/TypeScript) | `5.2.2` | `6.0.2` |
| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `1.6.1` | `4.1.4` |
| [@vitest/spy](https://github.com/vitest-dev/vitest/tree/HEAD/packages/spy) | `1.6.1` | `4.1.4` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `1.6.1` | `4.1.4` |


Updates `@babel/traverse` from 7.28.3 to 7.29.0
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse)

Updates `@eslint/js` from 9.8.0 to 10.0.1
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/commits/v10.0.1/packages/js)

Updates `@nestjs/common` from 10.4.20 to 11.1.19
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.1.19/packages/common)

Updates `@types/node` from 22.19.1 to 25.6.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@typescript-eslint/eslint-plugin` from 7.18.0 to 8.58.2
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.2/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 7.18.0 to 8.58.2
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.2/packages/parser)

Updates `axios` from 1.8.2 to 1.15.0
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.8.2...v1.15.0)

Updates `eslint` from 9.8.0 to 10.2.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v9.8.0...v10.2.0)

Updates `eslint-plugin-tsdoc` from 0.5.0 to 0.5.2
- [Changelog](https://github.com/microsoft/tsdoc/blob/main/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/microsoft/tsdoc/commits/eslint-plugin-tsdoc_v0.5.2/eslint-plugin)

Updates `follow-redirects` from 1.15.11 to 1.16.0
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.11...v1.16.0)

Updates `globals` from 16.5.0 to 17.5.0
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](sindresorhus/globals@v16.5.0...v17.5.0)

Updates `husky` from 8.0.3 to 9.1.7
- [Release notes](https://github.com/typicode/husky/releases)
- [Commits](typicode/husky@v8.0.3...v9.1.7)

Updates `inversify` from 6.0.1 to 8.1.0
- [Release notes](https://github.com/inversify/monorepo/releases)
- [Changelog](https://github.com/inversify/monorepo/blob/main/docs/release.md)
- [Commits](https://github.com/inversify/monorepo/compare/@inversifyjs/core@6.0.1...inversify@8.1.0)

Updates `jest` from 29.7.0 to 30.3.0
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v30.3.0/packages/jest)

Updates `@types/jest` from 29.5.12 to 30.0.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

Updates `jest-environment-node` from 29.1.0 to 30.3.0
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v30.3.0/packages/jest-environment-node)

Updates `lerna` from 8.2.4 to 9.0.7
- [Release notes](https://github.com/lerna/lerna/releases)
- [Changelog](https://github.com/lerna/lerna/blob/main/packages/lerna/CHANGELOG.md)
- [Commits](https://github.com/lerna/lerna/commits/v9.0.7/packages/lerna)

Updates `lint-staged` from 16.2.6 to 16.4.0
- [Release notes](https://github.com/lint-staged/lint-staged/releases)
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md)
- [Commits](lint-staged/lint-staged@v16.2.6...v16.4.0)

Updates `madge` from 7.0.0 to 8.0.0
- [Changelog](https://github.com/pahen/madge/blob/master/CHANGELOG.md)
- [Commits](pahen/madge@v7.0.0...v8.0.0)

Updates `prettier` from 3.6.2 to 3.8.2
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.6.2...3.8.2)

Updates `rimraf` from 5.0.10 to 6.1.3
- [Changelog](https://github.com/isaacs/rimraf/blob/main/CHANGELOG.md)
- [Commits](isaacs/rimraf@v5.0.10...v6.1.3)

Updates `sinon` from 16.1.3 to 21.1.2
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](sinonjs/sinon@v16.1.3...v21.1.2)

Updates `@types/sinon` from 10.0.20 to 21.0.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/sinon)

Updates `tar` from 6.2.1 to 7.5.13
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](isaacs/node-tar@v6.2.1...v7.5.13)

Updates `ts-jest` from 29.4.5 to 29.4.9
- [Release notes](https://github.com/kulshekhar/ts-jest/releases)
- [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md)
- [Commits](kulshekhar/ts-jest@v29.4.5...v29.4.9)

Updates `typescript` from 5.2.2 to 6.0.2
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](microsoft/TypeScript@v5.2.2...v6.0.2)

Updates `@vitest/coverage-v8` from 1.6.1 to 4.1.4
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.4/packages/coverage-v8)

Updates `@vitest/spy` from 1.6.1 to 4.1.4
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.4/packages/spy)

Updates `vitest` from 1.6.1 to 4.1.4
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.4/packages/vitest)

---
updated-dependencies:
- dependency-name: "@babel/traverse"
  dependency-version: 7.29.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: security-updates
- dependency-name: "@eslint/js"
  dependency-version: 10.0.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: "@nestjs/common"
  dependency-version: 11.1.19
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: "@types/node"
  dependency-version: 25.6.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-version: 8.58.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: "@typescript-eslint/parser"
  dependency-version: 8.58.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: axios
  dependency-version: 1.15.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: security-updates
- dependency-name: eslint
  dependency-version: 10.2.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: eslint-plugin-tsdoc
  dependency-version: 0.5.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: security-updates
- dependency-name: follow-redirects
  dependency-version: 1.16.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: security-updates
- dependency-name: globals
  dependency-version: 17.5.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: husky
  dependency-version: 9.1.7
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: inversify
  dependency-version: 8.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: jest
  dependency-version: 30.3.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: "@types/jest"
  dependency-version: 30.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: jest-environment-node
  dependency-version: 30.3.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: lerna
  dependency-version: 9.0.7
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: lint-staged
  dependency-version: 16.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: security-updates
- dependency-name: madge
  dependency-version: 8.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: prettier
  dependency-version: 3.8.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: security-updates
- dependency-name: rimraf
  dependency-version: 6.1.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: sinon
  dependency-version: 21.1.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: "@types/sinon"
  dependency-version: 21.0.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: tar
  dependency-version: 7.5.13
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: ts-jest
  dependency-version: 29.4.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: security-updates
- dependency-name: typescript
  dependency-version: 6.0.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: "@vitest/coverage-v8"
  dependency-version: 4.1.4
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: "@vitest/spy"
  dependency-version: 4.1.4
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
- dependency-name: vitest
  dependency-version: 4.1.4
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: security-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants