Skip to content

build(deps): bump the npm_and_yarn group across 1 directory with 26 updates#44

Merged
Dargon789 merged 1 commit intodevelopfrom
dependabot/npm_and_yarn/npm_and_yarn-5cd7f622f2
Jan 23, 2026
Merged

build(deps): bump the npm_and_yarn group across 1 directory with 26 updates#44
Dargon789 merged 1 commit intodevelopfrom
dependabot/npm_and_yarn/npm_and_yarn-5cd7f622f2

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot bot commented on behalf of github Jan 23, 2026

Bumps the npm_and_yarn group with 10 updates in the / directory:

Package From To
@sentry/browser 6.7.2 7.119.1
@solana/web3.js 1.87.6 1.98.4
cipher-base 1.0.4 1.0.7
follow-redirects 1.14.9 1.15.11
form-data 4.0.0 4.0.5
jws 4.0.0 4.0.1
parse-uri 1.0.7 1.0.16
pbkdf2 3.1.2 3.1.5
serialize-javascript 6.0.1 6.0.2
sha.js 2.4.11 2.4.12

Updates @sentry/browser from 6.7.2 to 7.119.1

Changelog

Sourced from @​sentry/browser's changelog.

7.119.1

  • fix(browser/v7): Ensure wrap() only returns functions (#13838 backport)

Work in this release contributed by @​legobeat. Thank you for your contribution!

7.119.0

  • backport(tracing): Report dropped spans for transactions (#13343)

7.118.0

  • fix(v7/bundle): Ensure CDN bundles do not overwrite window.Sentry (#12579)

7.117.0

  • feat(browser/v7): Publish browserprofling CDN bundle (#12224)
  • fix(v7/publish): Add v7 tag to @sentry/replay (#12304)

7.116.0

  • build(craft): Publish lambda layer under its own name for v7 (#12098) (#12099)

This release publishes a new AWS Lambda layer under the name SentryNodeServerlessSDKv7 that users still running v7 can use instead of pinning themselves to SentryNodeServerlessSDK:235.

7.115.0

  • feat(v7): Add support for global onUnhandled Error/Promise for Bun (#11959)
  • fix(replay/v7): Fix user activity not being updated in start() (#12003)
  • ref(api): Remove lastEventId deprecation warnings (#12042)

7.114.0

Important Changes

  • fix(browser/v7): Continuously record CLS (#11935)

This release fixes a bug that caused the cumulative layout shift (CLS) web vital not to be reported in a majority of the cases where it should have been reported. With this change, the CLS web vital should now always be reported for pageloads with layout shift. If a pageload did not have layout shift, no CLS web vital should be reported.

Please note that upgrading the SDK to this version may cause data in your dashboards to drastically change.

Other Changes

  • build(aws-lambda/v7): Turn off lambda layer publishing (#11875)
  • feat(v7): Add tunnel support to multiplexed transport (#11851)
  • fix(opentelemetry-node): support HTTP_REQUEST_METHOD attribute (#11929)
  • fix(react/v7): Fix react router v4/v5 span names (#11940)

... (truncated)

Commits

Updates webpack from 5.76.0 to 5.94.0

Release notes

Sourced from webpack's releases.

v5.94.0

Bug Fixes

  • Added runtime condition for harmony reexport checked
  • Handle properly data/http/https protocols in source maps
  • Make bigint optimistic when browserslist not found
  • Move @​types/eslint-scope to dev deps
  • Related in asset stats is now always an array when no related found
  • Handle ASI for export declarations
  • Mangle destruction incorrect with export named default properly
  • Fixed unexpected asi generation with sequence expression
  • Fixed a lot of types

New Features

  • Added new external type "module-import"
  • Support webpackIgnore for new URL() construction
  • [CSS] @import pathinfo support

Security

  • Fixed DOM clobbering in auto public path

v5.93.0

Bug Fixes

  • Generate correct relative path to runtime chunks
  • Makes DefinePlugin quieter under default log level
  • Fixed mangle destructuring default in namespace import
  • Fixed consumption of eager shared modules for module federation
  • Strip slash for pretty regexp
  • Calculate correct contenthash for CSS generator options

New Features

  • Added the binary generator option for asset modules to explicitly keep source maps produced by loaders
  • Added the modern-module library value for tree shakable output
  • Added the overrideStrict option to override strict or non-strict mode for javascript modules

v5.92.1

Bug Fixes

  • Doesn't crash with an error when the css experiment is enabled and contenthash is used

v5.92.0

Bug Fixes

  • Correct tidle range's comutation for module federation
  • Consider runtime for pure expression dependency update hash
  • Return value in the subtractRuntime function for runtime logic

... (truncated)

Commits
  • eabf85d chore(release): 5.94.0
  • 955e057 security: fix DOM clobbering in auto public path
  • 9822387 test: fix
  • cbb86ed test: fix
  • 5ac3d7f fix: unexpected asi generation with sequence expression
  • 2411661 security: fix DOM clobbering in auto public path
  • b8c03d4 fix: unexpected asi generation with sequence expression
  • f46a03c revert: do not use heuristic fallback for "module-import"
  • 60f1898 fix: do not use heuristic fallback for "module-import"
  • 66306aa Revert "fix: module-import get fallback from externalsPresets"
  • Additional commits viewable in compare view

Updates webpack-dev-server from 4.7.4 to 5.2.1

Release notes

Sourced from webpack-dev-server's releases.

v5.2.1

5.2.1 (2025-03-26)

Security

  • cross-origin requests are not allowed unless allowed by Access-Control-Allow-Origin header
  • requests with an IP addresses in the Origin header are not allowed to connect to WebSocket server unless configured by allowedHosts or it different from the Host header

The above changes may make the dev server not work if you relied on such behavior, but unfortunately they carry security risks, so they were considered as fixes.

Bug Fixes

  • prevent overlay for errors caught by React error boundaries (#5431) (8c1abc9)
  • take the first network found instead of the last one, this restores the same behavior as 5.0.4 (#5411) (ffd0b86)

v5.2.0

5.2.0 (2024-12-11)

Features

  • added getClientEntry and getClientHotEntry methods to get clients entries (dc642a8)

Bug Fixes

  • speed up initial client bundling (145b5d0)

v5.1.0

5.1.0 (2024-09-03)

Features

  • add visual progress indicators (a8f40b7)
  • added the app option to be Function (by default only with connect compatibility frameworks) (3096148)
  • allow the server option to be Function (#5275) (02a1c6d)
  • http2 support for connect and connect compatibility frameworks which support HTTP2 (#5267) (6509a3f)

Bug Fixes

v5.0.4

5.0.4 (2024-03-19)

... (truncated)

Changelog

Sourced from webpack-dev-server's changelog.

5.2.1 (2025-03-26)

Security

  • cross-origin requests are not allowed unless allowed by Access-Control-Allow-Origin header
  • requests with an IP addresses in the Origin header are not allowed to connect to WebSocket server unless configured by allowedHosts or it different from the Host header

The above changes may make the dev server not work if you relied on such behavior, but unfortunately they carry security risks, so they were considered as fixes.

Bug Fixes

  • prevent overlay for errors caught by React error boundaries (#5431) (8c1abc9)
  • take the first network found instead of the last one, this restores the same behavior as 5.0.4 (#5411) (ffd0b86)

5.2.0 (2024-12-11)

Features

  • added getClientEntry and getClientHotEntry methods to get clients entries (dc642a8)

Bug Fixes

  • speed up initial client bundling (145b5d0)

5.1.0 (2024-09-03)

Features

  • add visual progress indicators (a8f40b7)
  • added the app option to be Function (by default only with connect compatibility frameworks) (3096148)
  • allow the server option to be Function (#5275) (02a1c6d)
  • http2 support for connect and connect compatibility frameworks which support HTTP2 (#5267) (6509a3f)

Bug Fixes

5.0.4 (2024-03-19)

Bug Fixes

... (truncated)

Commits
  • 0d22a08 chore(release): 5.2.1
  • 6045b1e chore(deps): update (#5444)
  • ffd0b86 fix: take the first network found instead of the last one, this restores the ...
  • 9ea7b08 ci: update dependency-review-action (#5442)
  • 5c9378b Merge commit from fork
  • d2575ad Merge commit from fork
  • 8c1abc9 fix: prevent overlay for errors caught by React error boundaries (#5431)
  • 5a39c70 ci: update codecov/codecov-action to v5 (#5406)
  • 55220a8 chore(deps-dev): bump the dependencies group across 1 directory with 4 update...
  • 09f6f8e chore(deps): bump the dependencies group across 1 directory with 2 updates (#...
  • Additional commits viewable in compare view

Updates @solana/web3.js from 1.87.6 to 1.98.4

Release notes

Sourced from @​solana/web3.js's releases.

v1.98.4

1.98.4 (2025-07-31)

Bug Fixes

v1.98.3

1.98.3 (2025-07-31)

Reverts

v1.98.2

1.98.2 (2025-04-24)

Bug Fixes

v1.98.1

1.98.1 (2025-04-22)

Bug Fixes

v1.98.0

1.98.0 (2024-12-16)

Features

  • Agave v2 RPC: replace getRecentBlockhash with getLatestBlockhash (#3419) (8ea27fc)

v1.97.0

1.97.0 (2024-12-16)

Features

  • agave v2 rpc: replace getConfirmedTransaction with getTransaction (#3418) (a805cb9)

v1.96.0

1.96.0 (2024-12-16)

Features

  • Agave v2 RPC: replace getConfirmedBlock with getBlock (#3417) (60e39a6)

v1.95.8

... (truncated)

Commits
  • c26c13b fix: Add Cost Units (Transaction Cost) (#3750)
  • 3d0e82a Revert "chore: Add costUnits to transaction classes (#3748)" (#3749)
  • 720a428 chore: Add costUnits to transaction classes (#3748)
  • 6f265af fix: update base-x to 3.0.11 in lockfile (#3731)
  • d3dc5d5 fix: patch bigint-buffer (#3727)
  • d0e77cf updated for migrated repo (#3728)
  • 4e9988c chore: readme (#3725)
  • 8ea27fc feat: Agave v2 RPC: replace getRecentBlockhash with getLatestBlockhash (#...
  • a805cb9 feat: agave v2 rpc: replace getConfirmedTransaction with getTransaction (...
  • 60e39a6 feat: Agave v2 RPC: replace getConfirmedBlock with getBlock (#3417)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by solana-devs, a new releaser for @​solana/web3.js since your current version.


Updates base-x from 1.1.0 to 3.0.8

Commits
  • 806ef3f 3.0.8
  • da101fb Merge pull request #64 from cryptocoinjs/fixArrayLike
  • ac81ec5 Fix TS types to reflect runtime code
  • 51a5bca Allow Array and Uint8Array like 3.0.4
  • e1ba49f Merge pull request #61 from cryptocoinjs/base-fill-loop
  • 0865e68 fill base map in loop instead fill
  • 90603b9 Merge pull request #60 from cryptocoinjs/matchDefinitelyTyped
  • 9a81831 Match DefinitelyTyped types interface name
  • f037e38 Merge pull request #58 from cryptocoinjs/addTypescript
  • 14e7573 Support TypeScript
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by junderw, a new releaser for base-x since your current version.


Updates body-parser from 1.20.1 to 1.20.4

Release notes

Sourced from body-parser's releases.

1.20.4

What's Changed

Full Changelog: expressjs/body-parser@1.20.3...1.20.4

1.20.3

What's Changed

Important

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

New Contributors

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

1.20.2

  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: raw-body@2.5.2
Changelog

Sourced from body-parser's changelog.

1.20.4 / 2025-12-01

  • deps: qs@~6.14.0
  • deps: use tilde notation for dependencies
  • deps: http-errors@~2.0.1
  • deps: raw-body@~2.5.3

1.20.3 / 2024-09-10

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

1.20.2 / 2023-02-21

  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: raw-body@2.5.2
Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.


Updates braces from 2.3.2 to 3.0.2

Changelog

Sourced from braces's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

  • Changelogs are for humans, not machines.
  • There should be an entry for every single version.
  • The same types of changes should be grouped.
  • Versions and sections should be linkable.
  • The latest version comes first.
  • The release date of each versions is displayed.
  • Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

  • Added for new features.
  • Changed for changes in existing functionality.
  • Deprecated for soon-to-be removed features.
  • Removed for now removed features.
  • Fixed for any bug fixes.
  • Security in case of vulnerabilities.

[3.0.0] - 2018-04-08

v3.0 is a complete refactor, resulting in a faster, smaller codebase, with fewer deps, and a more accurate parser and compiler.

Breaking Changes

  • The undocumented .makeRe method was removed
  • Require Node.js >= 8.3

Non-breaking changes

  • Caching was removed
Commits

Updates cipher-base from 1.0.4 to 1.0.7

Changelog

Sourced from cipher-base's changelog.

v1.0.7 - 2025-09-24

Commits

  • [Refactor] use to-buffer fd1e5ee
  • [Dev Deps] update @ljharb/eslint-config 08ba803

v1.0.6 - 2024-11-26

Commits

  • [Fix] io.js 3.0 - Node.js 5.3 typed array support b7ddd2a

v1.0.5 - 2024-11-17

Commits

  • [Tests] standard -> eslint, make test dir, etc ae02fd6
  • [Tests] migrate from travis to GHA 66387d7
  • [meta] fix package.json indentation 5c02918
  • [Fix] return valid values on multi-byte-wide TypedArray input 8fd1364
  • [meta] add auto-changelog 88dc806
  • [meta] add npmignore and safe-publish-latest 7a137d7
  • Only apps should have lockfiles 42528f2
  • [Deps] update inherits, safe-buffer 0e7a2d9
  • [meta] add missing engines.node f2dc13e
Commits
  • 0056718 v1.0.7
  • fd1e5ee [Refactor] use to-buffer
  • 08ba803 [Dev Deps] update @ljharb/eslint-config
  • f5249f9 v1.0.6
  • b7ddd2a [Fix] io.js 3.0 - Node.js 5.3 typed array support
  • f03cebf v1.0.5
  • 88dc806 [meta] add auto-changelog
  • 7a137d7 [meta] add npmignore and safe-publish-latest
  • 5c02918 [meta] fix package.json indentation
  • 8fd1364 [Fix] return valid values on multi-byte-wide TypedArray input
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for cipher-base since your current version.


Updates cookie from 0.5.0 to 0.7.2

Release notes

Sourced from cookie's releases.

v0.7.2

Fixed

  • Fix object assignment of hasOwnProperty (#177) bc38ffd

jshttp/cookie@v0.7.1...v0.7.2

0.7.1

Fixed

  • Allow leading dot for domain (#174)
    • Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec
  • Add fast path for serialize without options, use obj.hasOwnProperty when parsing (#172)

jshttp/cookie@v0.7.0...v0.7.1

0.7.0

jshttp/cookie@v0.6.0...v0.7.0

0.6.0

  • Add partitioned option
Commits
Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for cookie since your current version.


Updates cross-spawn from 6.0.5 to 6.0.6

Changelog

Sourced from cross-spawn's changelog.

6.0.6 (2024-11-18)

Bug Fixes

Commits

Updates express from 4.18.2 to 4.22.1

Release notes

Sourced from express's releases.

v4.22.1

What's Changed

[!IMPORTANT]
The prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.

Full Changelog: expressjs/express@4.22.0...v4.22.1

4.22.0

Important: Security

What's Changed

Full Changelog: expressjs/express@4.21.2...4.22.0

4.21.2

What's Changed

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

Full Changelog: expressjs/express@4.21.0...4.21.1

... (truncated)

Changelog

Sourced from express's changelog.

4.22.1 / 2025-12-01

4.22.0 / 2025-12-01

4.21.2 / 2024-11-06

  • deps: path-to-regexp@0.1.12
    • Fix backtracking protection
  • deps: path-to-regexp@0.1.11
    • Throws an error on invalid path values

4.21.1 / 2024-10-08

4.21.0 / 2024-09-11

  • Deprecate res.location("back") and res.redirect("back") magic string
  • deps: serve-static@1.16.2
    • includes send@0.19.0
  • deps: finalhandler@1.3.1
  • deps: qs@6.13.0

4.20.0 / 2024-09-10

  • deps: serve-static@0.16.0
    • Remove link renderization in html while redirecting
  • deps: send@0.19.0
    • Remove link renderization in html while redirecting
  • deps: body-parser@0.6.0
    • add depth option to customize the depth level in the parser
    • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect
  • deps: path-to-regexp@0.1.10
    • Adds support for named matching groups in the routes using a regex
    • Adds backtracking protection to parameters without regexes defined
  • deps: encodeurl@~2.0.0
    • Removes encoding of \, |, and ^ to align better with URL spec
  • Deprecate passing options.maxAge and options.expires to res.clearCookie

... (truncated)

Commits

@dependabot
build(deps): bump the npm_and_yarn group across 1 directory with 26 u…
e8cba48 
…pdates

Bumps the npm_and_yarn group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@sentry/browser](https://github.com/getsentry/sentry-javascript) | `6.7.2` | `7.119.1` |
| [@solana/web3.js](https://github.com/solana-foundation/solana-web3.js) | `1.87.6` | `1.98.4` |
| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.9` | `1.15.11` |
| [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.5` |
| [jws](https://github.com/brianloveswords/node-jws) | `4.0.0` | `4.0.1` |
| [parse-uri](https://github.com/kikobeats/parse-uri) | `1.0.7` | `1.0.16` |
| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |
| [serialize-javascript](https://github.com/yahoo/serialize-javascript) | `6.0.1` | `6.0.2` |
| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |



Updates `@sentry/browser` from 6.7.2 to 7.119.1
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/7.119.1/CHANGELOG.md)
- [Commits](getsentry/sentry-javascript@6.7.2...7.119.1)

Updates `webpack` from 5.76.0 to 5.94.0
- [Release notes](https://github.com/webpack/webpack/releases)
- [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md)
- [Commits](webpack/webpack@v5.76.0...v5.94.0)

Updates `webpack-dev-server` from 4.7.4 to 5.2.1
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/main/CHANGELOG.md)
- [Commits](webpack/webpack-dev-server@v4.7.4...v5.2.1)

Updates `@solana/web3.js` from 1.87.6 to 1.98.4
- [Release notes](https://github.com/solana-foundation/solana-web3.js/releases)
- [Commits](solana-foundation/solana-web3.js@v1.87.6...v1.98.4)

Updates `base-x` from 1.1.0 to 3.0.8
- [Commits](cryptocoinjs/base-x@v1.1.0...v3.0.8)

Updates `body-parser` from 1.20.1 to 1.20.4
- [Release notes](https://github.com/expressjs/body-parser/releases)
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)
- [Commits](expressjs/body-parser@1.20.1...1.20.4)

Updates `braces` from 2.3.2 to 3.0.2
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/braces/commits/3.0.2)

Updates `cipher-base` from 1.0.4 to 1.0.7
- [Changelog](https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md)
- [Commits](browserify/cipher-base@v1.0.4...v1.0.7)

Updates `cookie` from 0.5.0 to 0.7.2
- [Release notes](https://github.com/jshttp/cookie/releases)
- [Commits](jshttp/cookie@v0.5.0...v0.7.2)

Updates `cross-spawn` from 6.0.5 to 6.0.6
- [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/v6.0.6/CHANGELOG.md)
- [Commits](moxystudio/node-cross-spawn@v6.0.5...v6.0.6)

Updates `express` from 4.18.2 to 4.22.1
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/v4.22.1/History.md)
- [Commits](expressjs/express@4.18.2...v4.22.1)

Updates `follow-redirects` from 1.14.9 to 1.15.11
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.14.9...v1.15.11)

Updates `form-data` from 4.0.0 to 4.0.5
- [Release notes](https://github.com/form-data/form-data/releases)
- [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md)
- [Commits](form-data/form-data@v4.0.0...v4.0.5)

Updates `http-proxy-middleware` from 2.0.3 to 2.0.9
- [Release notes](https://github.com/chimurai/http-proxy-middleware/releases)
- [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.9/CHANGELOG.md)
- [Commits](chimurai/http-proxy-middleware@v2.0.3...v2.0.9)

Updates `jws` from 4.0.0 to 4.0.1
- [Release notes](https://github.com/brianloveswords/node-jws/releases)
- [Changelog](https://github.com/auth0/node-jws/blob/master/CHANGELOG.md)
- [Commits](auth0/node-jws@v4.0.0...v4.0.1)

Updates `micromatch` from 3.1.10 to 4.0.4
- [Release notes](https://github.com/micromatch/micromatch/releases)
- [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/micromatch@3.1.10...4.0.4)

Updates `node-forge` from 1.3.0 to 1.3.1
- [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md)
- [Commits](digitalbazaar/forge@v1.3.0...v1.3.1)

Updates `parse-uri` from 1.0.7 to 1.0.16
- [Release notes](https://github.com/kikobeats/parse-uri/releases)
- [Changelog](https://github.com/Kikobeats/parse-uri/blob/v1.0.16/CHANGELOG.md)
- [Commits](Kikobeats/parse-uri@v1.0.7...v1.0.16)

Updates `path-to-regexp` from 0.1.7 to 0.1.12
- [Release notes](https://github.com/pillarjs/path-to-regexp/releases)
- [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md)
- [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.12)

Updates `pbkdf2` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md)
- [Commits](browserify/pbkdf2@v3.1.2...v3.1.5)

Updates `qs` from 6.11.0 to 6.11.2
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.11.0...v6.11.2)

Updates `send` from 0.18.0 to 0.19.2
- [Release notes](https://github.com/pillarjs/send/releases)
- [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md)
- [Commits](pillarjs/send@0.18.0...0.19.2)

Updates `serialize-javascript` from 6.0.1 to 6.0.2
- [Release notes](https://github.com/yahoo/serialize-javascript/releases)
- [Commits](yahoo/serialize-javascript@v6.0.1...v6.0.2)

Updates `serve-static` from 1.15.0 to 1.16.3
- [Release notes](https://github.com/expressjs/serve-static/releases)
- [Changelog](https://github.com/expressjs/serve-static/blob/master/HISTORY.md)
- [Commits](expressjs/serve-static@v1.15.0...v1.16.3)

Updates `sha.js` from 2.4.11 to 2.4.12
- [Changelog](https://github.com/browserify/sha.js/blob/master/CHANGELOG.md)
- [Commits](browserify/sha.js@v2.4.11...v2.4.12)

Updates `webpack-dev-middleware` from 5.3.1 to 7.4.5
- [Release notes](https://github.com/webpack/webpack-dev-middleware/releases)
- [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/main/CHANGELOG.md)
- [Commits](webpack/webpack-dev-middleware@v5.3.1...v7.4.5)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-version: 7.119.1
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: webpack
  dependency-version: 5.94.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: webpack-dev-server
  dependency-version: 5.2.1
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@solana/web3.js"
  dependency-version: 1.98.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: base-x
  dependency-version: 3.0.8
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: body-parser
  dependency-version: 1.20.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: braces
  dependency-version: 3.0.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cipher-base
  dependency-version: 1.0.7
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cookie
  dependency-version: 0.7.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cross-spawn
  dependency-version: 6.0.6
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: express
  dependency-version: 4.22.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: follow-redirects
  dependency-version: 1.15.11
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: form-data
  dependency-version: 4.0.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: http-proxy-middleware
  dependency-version: 2.0.9
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: jws
  dependency-version: 4.0.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: micromatch
  dependency-version: 4.0.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: node-forge
  dependency-version: 1.3.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: parse-uri
  dependency-version: 1.0.16
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: path-to-regexp
  dependency-version: 0.1.12
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: pbkdf2
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: qs
  dependency-version: 6.11.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: send
  dependency-version: 0.19.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: serialize-javascript
  dependency-version: 6.0.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: serve-static
  dependency-version: 1.16.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: sha.js
  dependency-version: 2.4.12
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: webpack-dev-middleware
  dependency-version: 7.4.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jan 23, 2026
@snyk-io
Copy link
Copy Markdown

snyk-io bot commented Jan 23, 2026

⚠️ Snyk checks are incomplete.

Status Scanner Critical High Medium Low Total (0)
⚠️ Open Source Security 0 0 0 0 See details

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@Dargon789 Dargon789 merged commit 1060ce5 into develop Jan 23, 2026
15 of 21 checks passed
@Dargon789 Dargon789 deleted the dependabot/npm_and_yarn/npm_and_yarn-5cd7f622f2 branch January 23, 2026 05:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Dargon789