Skip to content

build(deps): bump the npm_and_yarn group across 1 directory with 26 updates#63

Merged
Dargon789 merged 1 commit intodevelopfrom
dependabot/npm_and_yarn/npm_and_yarn-1f8f5d6539
Jan 28, 2026
Merged

build(deps): bump the npm_and_yarn group across 1 directory with 26 updates#63
Dargon789 merged 1 commit intodevelopfrom
dependabot/npm_and_yarn/npm_and_yarn-1f8f5d6539

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot bot commented on behalf of github Jan 23, 2026
edited
Loading

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps the npm_and_yarn group with 16 updates in the / directory:

Package From To
@sentry/browser 6.7.2 7.119.1
lodash 4.17.21 4.17.23
nanoid 3.3.6 3.3.8
webpack 5.76.0 5.94.0
webpack-dev-server 4.7.4 5.2.1
@babel/runtime 7.13.10 7.28.6
@solana/web3.js 1.87.6 1.98.4
cipher-base 1.0.4 1.0.7
follow-redirects 1.14.9 1.15.11
form-data 4.0.0 4.0.5
h3 1.11.1 1.15.5
jws 4.0.0 4.0.1
parse-uri 1.0.7 1.0.16
pbkdf2 3.1.2 3.1.5
serialize-javascript 6.0.1 6.0.2
sha.js 2.4.11 2.4.12

Updates @sentry/browser from 6.7.2 to 7.119.1

Changelog

Sourced from @​sentry/browser's changelog.

7.119.1

  • fix(browser/v7): Ensure wrap() only returns functions (#13838 backport)

Work in this release contributed by @​legobeat. Thank you for your contribution!

7.119.0

  • backport(tracing): Report dropped spans for transactions (#13343)

7.118.0

  • fix(v7/bundle): Ensure CDN bundles do not overwrite window.Sentry (#12579)

7.117.0

  • feat(browser/v7): Publish browserprofling CDN bundle (#12224)
  • fix(v7/publish): Add v7 tag to @sentry/replay (#12304)

7.116.0

  • build(craft): Publish lambda layer under its own name for v7 (#12098) (#12099)

This release publishes a new AWS Lambda layer under the name SentryNodeServerlessSDKv7 that users still running v7 can use instead of pinning themselves to SentryNodeServerlessSDK:235.

7.115.0

  • feat(v7): Add support for global onUnhandled Error/Promise for Bun (#11959)
  • fix(replay/v7): Fix user activity not being updated in start() (#12003)
  • ref(api): Remove lastEventId deprecation warnings (#12042)

7.114.0

Important Changes

  • fix(browser/v7): Continuously record CLS (#11935)

This release fixes a bug that caused the cumulative layout shift (CLS) web vital not to be reported in a majority of the cases where it should have been reported. With this change, the CLS web vital should now always be reported for pageloads with layout shift. If a pageload did not have layout shift, no CLS web vital should be reported.

Please note that upgrading the SDK to this version may cause data in your dashboards to drastically change.

Other Changes

  • build(aws-lambda/v7): Turn off lambda layer publishing (#11875)
  • feat(v7): Add tunnel support to multiplexed transport (#11851)
  • fix(opentelemetry-node): support HTTP_REQUEST_METHOD attribute (#11929)
  • fix(react/v7): Fix react router v4/v5 span names (#11940)

... (truncated)

Commits

Updates lodash from 4.17.21 to 4.17.23

Commits

Updates nanoid from 3.3.6 to 3.3.8

Changelog

Sourced from nanoid's changelog.

3.3.8

  • Fixed a way to break Nano ID by passing non-integer size (by @​myndzi).

3.3.7

  • Fixed node16 TypeScript support (by Saadi Myftija).
Commits

Updates webpack from 5.76.0 to 5.94.0

Release notes

Sourced from webpack's releases.

v5.94.0

Bug Fixes

  • Added runtime condition for harmony reexport checked
  • Handle properly data/http/https protocols in source maps
  • Make bigint optimistic when browserslist not found
  • Move @​types/eslint-scope to dev deps
  • Related in asset stats is now always an array when no related found
  • Handle ASI for export declarations
  • Mangle destruction incorrect with export named default properly
  • Fixed unexpected asi generation with sequence expression
  • Fixed a lot of types

New Features

  • Added new external type "module-import"
  • Support webpackIgnore for new URL() construction
  • [CSS] @import pathinfo support

Security

  • Fixed DOM clobbering in auto public path

v5.93.0

Bug Fixes

  • Generate correct relative path to runtime chunks
  • Makes DefinePlugin quieter under default log level
  • Fixed mangle destructuring default in namespace import
  • Fixed consumption of eager shared modules for module federation
  • Strip slash for pretty regexp
  • Calculate correct contenthash for CSS generator options

New Features

  • Added the binary generator option for asset modules to explicitly keep source maps produced by loaders
  • Added the modern-module library value for tree shakable output
  • Added the overrideStrict option to override strict or non-strict mode for javascript modules

v5.92.1

Bug Fixes

  • Doesn't crash with an error when the css experiment is enabled and contenthash is used

v5.92.0

Bug Fixes

  • Correct tidle range's comutation for module federation
  • Consider runtime for pure expression dependency update hash
  • Return value in the subtractRuntime function for runtime logic

... (truncated)

Commits
  • eabf85d chore(release): 5.94.0
  • 955e057 security: fix DOM clobbering in auto public path
  • 9822387 test: fix
  • cbb86ed test: fix
  • 5ac3d7f fix: unexpected asi generation with sequence expression
  • 2411661 security: fix DOM clobbering in auto public path
  • b8c03d4 fix: unexpected asi generation with sequence expression
  • f46a03c revert: do not use heuristic fallback for "module-import"
  • 60f1898 fix: do not use heuristic fallback for "module-import"
  • 66306aa Revert "fix: module-import get fallback from externalsPresets"
  • Additional commits viewable in compare view

Updates webpack-dev-server from 4.7.4 to 5.2.1

Release notes

Sourced from webpack-dev-server's releases.

v5.2.1

5.2.1 (2025-03-26)

Security

  • cross-origin requests are not allowed unless allowed by Access-Control-Allow-Origin header
  • requests with an IP addresses in the Origin header are not allowed to connect to WebSocket server unless configured by allowedHosts or it different from the Host header

The above changes may make the dev server not work if you relied on such behavior, but unfortunately they carry security risks, so they were considered as fixes.

Bug Fixes

  • prevent overlay for errors caught by React error boundaries (#5431) (8c1abc9)
  • take the first network found instead of the last one, this restores the same behavior as 5.0.4 (#5411) (ffd0b86)

v5.2.0

5.2.0 (2024-12-11)

Features

  • added getClientEntry and getClientHotEntry methods to get clients entries (dc642a8)

Bug Fixes

  • speed up initial client bundling (145b5d0)

v5.1.0

5.1.0 (2024-09-03)

Features

  • add visual progress indicators (a8f40b7)
  • added the app option to be Function (by default only with connect compatibility frameworks) (3096148)
  • allow the server option to be Function (#5275) (02a1c6d)
  • http2 support for connect and connect compatibility frameworks which support HTTP2 (#5267) (6509a3f)

Bug Fixes

v5.0.4

5.0.4 (2024-03-19)

... (truncated)

Changelog

Sourced from webpack-dev-server's changelog.

5.2.1 (2025-03-26)

Security

  • cross-origin requests are not allowed unless allowed by Access-Control-Allow-Origin header
  • requests with an IP addresses in the Origin header are not allowed to connect to WebSocket server unless configured by allowedHosts or it different from the Host header

The above changes may make the dev server not work if you relied on such behavior, but unfortunately they carry security risks, so they were considered as fixes.

Bug Fixes

  • prevent overlay for errors caught by React error boundaries (#5431) (8c1abc9)
  • take the first network found instead of the last one, this restores the same behavior as 5.0.4 (#5411) (ffd0b86)

5.2.0 (2024-12-11)

Features

  • added getClientEntry and getClientHotEntry methods to get clients entries (dc642a8)

Bug Fixes

  • speed up initial client bundling (145b5d0)

5.1.0 (2024-09-03)

Features

  • add visual progress indicators (a8f40b7)
  • added the app option to be Function (by default only with connect compatibility frameworks) (3096148)
  • allow the server option to be Function (#5275) (02a1c6d)
  • http2 support for connect and connect compatibility frameworks which support HTTP2 (#5267) (6509a3f)

Bug Fixes

5.0.4 (2024-03-19)

Bug Fixes

... (truncated)

Commits
  • 0d22a08 chore(release): 5.2.1
  • 6045b1e chore(deps): update (#5444)
  • ffd0b86 fix: take the first network found instead of the last one, this restores the ...
  • 9ea7b08 ci: update dependency-review-action (#5442)
  • 5c9378b Merge commit from fork
  • d2575ad Merge commit from fork
  • 8c1abc9 fix: prevent overlay for errors caught by React error boundaries (#5431)
  • 5a39c70 ci: update codecov/codecov-action to v5 (#5406)
  • 55220a8 chore(deps-dev): bump the dependencies group across 1 directory with 4 update...
  • 09f6f8e chore(deps): bump the dependencies group across 1 directory with 2 updates (#...
  • Additional commits viewable in compare view

Updates @babel/runtime from 7.13.10 to 7.28.6

Release notes

Sourced from @​babel/runtime's releases.

v7.28.6 (2026-01-12)

Thanks @​kadhirash and @​kolvian for your first PRs!

🐛 Bug Fix

  • babel-cli, babel-code-frame, babel-core, babel-helper-check-duplicate-nodes, babel-helper-fixtures, babel-helper-plugin-utils, babel-node, babel-plugin-transform-flow-comments, babel-plugin-transform-modules-commonjs, babel-plugin-transform-property-mutators, babel-preset-env, babel-traverse, babel-types
  • babel-plugin-transform-regenerator
  • babel-plugin-transform-react-jsx

💅 Polish

  • babel-core, babel-standalone

🏠 Internal

  • babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-plugin-proposal-decorators, babel-plugin-proposal-import-attributes-to-assertions, babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-async-do-expressions, babel-plugin-syntax-decorators, babel-plugin-syntax-destructuring-private, babel-plugin-syntax-do-expressions, babel-plugin-syntax-explicit-resource-management, babel-plugin-syntax-export-default-from, babel-plugin-syntax-flow, babel-plugin-syntax-function-bind, babel-plugin-syntax-function-sent, babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes, babel-plugin-syntax-import-defer, babel-plugin-syntax-import-source, babel-plugin-syntax-jsx, babel-plugin-syntax-module-blocks, babel-plugin-syntax-optional-chaining-assign, babel-plugin-syntax-partial-application, babel-plugin-syntax-pipeline-operator, babel-plugin-syntax-throw-expressions, babel-plugin-syntax-typescript, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-dotall-regex, babel-plugin-transform-duplicate-named-capturing-groups-regex, babel-plugin-transform-explicit-resource-management, babel-plugin-transform-exponentiation-operator, babel-plugin-transform-json-strings, babel-plugin-transform-logical-assignment-operators, babel-plugin-transform-nullish-coalescing-operator, babel-plugin-transform-numeric-separator, babel-plugin-transform-object-rest-spread, babel-plugin-transform-optional-catch-binding, babel-plugin-transform-optional-chaining, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-regexp-modifiers, babel-plugin-transform-unicode-property-regex, babel-plugin-transform-unicode-sets-regex

🏃‍♀️ Performance

  • babel-plugin-transform-react-jsx

Committers: 7

v7.28.5 (2025-10-23)

Thank you @​CO0Ki3, @​Olexandr88, and @​youthfulhps for your first PRs!

👓 Spec Compliance

🐛 Bug Fix

  • babel-plugin-proposal-destructuring-private
  • babel-parser
  • babel-plugin-proposal-discard-binding, babel-plugin-transform-destructuring

... (truncated)

Changelog

Sourced from @​babel/runtime's changelog.

Changelog

Tags:

  • 💥 [Breaking Change]
  • 👓 [Spec Compliance]
  • 🚀 [New Feature]
  • 🐛 [Bug Fix]
  • 📝 [Documentation]
  • 🏠 [Internal]
  • 💅 [Polish]

Note: Gaps between patch versions are faulty, broken or test releases.

This file contains the changelog starting from v7.15.0.

v7.28.5 (2025-10-23)

👓 Spec Compliance

🐛 Bug Fix

  • babel-plugin-proposal-destructuring-private
  • babel-parser
  • babel-plugin-proposal-discard-binding, babel-plugin-transform-destructuring
  • babel-helper-create-class-features-plugin, babel-helper-member-expression-to-functions, babel-plugin-transform-block-scoping, babel-plugin-transform-optional-chaining, babel-traverse, babel-types
  • babel-traverse

🏠 Internal

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​babel/runtime since your current version.


Updates @solana/web3.js from 1.87.6 to 1.98.4

Release notes

Sourced from @​solana/web3.js's releases.

v1.98.4

1.98.4 (2025-07-31)

Bug Fixes

v1.98.3

1.98.3 (2025-07-31)

Reverts

v1.98.2

1.98.2 (2025-04-24)

Bug Fixes

v1.98.1

1.98.1 (2025-04-22)

Bug Fixes

v1.98.0

1.98.0 (2024-12-16)

Features

  • Agave v2 RPC: replace getRecentBlockhash with getLatestBlockhash (#3419) (8ea27fc)

v1.97.0

1.97.0 (2024-12-16)

Features

  • agave v2 rpc: replace getConfirmedTransaction with getTransaction (#3418) (a805cb9)

v1.96.0

1.96.0 (2024-12-16)

Features

  • Agave v2 RPC: replace getConfirmedBlock with getBlock (#3417) (60e39a6)

v1.95.8

... (truncated)

Commits
  • c26c13b fix: Add Cost Units (Transaction Cost) (#3750)
  • 3d0e82a Revert "chore: Add costUnits to transaction classes (#3748)" (#3749)
  • 720a428 chore: Add costUnits to transaction classes (#3748)
  • 6f265af fix: update base-x to 3.0.11 in lockfile (#3731)
  • d3dc5d5 fix: patch bigint-buffer (#3727)
  • d0e77cf updated for migrated repo (#3728)
  • 4e9988c chore: readme (#3725)
  • 8ea27fc feat: Agave v2 RPC: replace getRecentBlockhash with getLatestBlockhash (#...
  • a805cb9 feat: agave v2 rpc: replace getConfirmedTransaction with getTransaction (...
  • 60e39a6 feat: Agave v2 RPC: replace getConfirmedBlock with getBlock (#3417)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by solana-devs, a new releaser for @​solana/web3.js since your current version.


Updates body-parser from 1.20.1 to 1.20.4

Release notes

Sourced from body-parser's releases.

1.20.4

What's Changed

Full Changelog: expressjs/body-parser@1.20.3...1.20.4

1.20.3

What's Changed

Important

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

New Contributors

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

1.20.2

  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: raw-body@2.5.2
Changelog

Sourced from body-parser's changelog.

1.20.4 / 2025-12-01

  • deps: qs@~6.14.0
  • deps: use tilde notation for dependencies
  • deps: http-errors@~2.0.1
  • deps: raw-body@~2.5.3

1.20.3 / 2024-09-10

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

1.20.2 / 2023-02-21

  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: raw-body@2.5.2
Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.


Updates cipher-base from 1.0.4 to 1.0.7

Changelog

Sourced from cipher-base's changelog.

v1.0.7 - 2025-09-24

Commits

  • [Refactor] use to-buffer fd1e5ee
  • [Dev Deps] update @ljharb/eslint-config 08ba803

v1.0.6 - 2024-11-26

Commits

  • [Fix] io.js 3.0 - Node.js 5.3 typed array support b7ddd2a

v1.0.5 - 2024-11-17

Commits

  • [Tests] standard -> eslint, make test dir, etc ae02fd6
  • [Tests] migrate from travis to GHA 66387d7
  • [meta] fix package.json indentation 5c02918
  • [Fix] return valid values on multi-byte-wide TypedArray input 8fd1364
  • [meta] add auto-changelog 88dc806
  • [meta] add npmignore and safe-publish-latest 7a137d7
  • Only apps should have lockfiles 42528f2
  • [Deps] update inherits, safe-buffer 0e7a2d9
  • [meta] add missing engines.node f2dc13e
Commits
  • 0056718 v1.0.7
  • fd1e5ee [Refactor] use to-buffer
  • 08ba803 [Dev Deps] update @ljharb/eslint-config
  • f5249f9 v1.0.6
  • b7ddd2a [Fix] io.js 3.0 - Node.js 5.3 typed array support
  • f03cebf v1.0.5
  • 88dc806 [meta] add auto-changelog
  • 7a137d7 [meta] add npmignore and safe-publish-latest
  • 5c02918 [meta] fix package.json indentation
  • 8fd1364 [Fix] return valid values on multi-byte-wide TypedArray input
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for cipher-base since your current version.


Updates cookie from 0.5.0 to 0.7.2

Release notes

Sourced from cookie's releases.

v0.7.2

Fixed

  • Fix object assignment of hasOwnProperty (#177) bc38ffd

jshttp/cookie@v0.7.1...v0.7.2

0.7.1

Fixed

  • Allow leading dot for domain (#174)
    • Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec
  • Add fast path for serialize without options, use obj.hasOwnProperty when parsing (#172)

jshttp/cookie@v0.7.0...v0.7.1

0.7.0

  • perf: parse cookies ~10% faster (#144 by

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jan 23, 2026
@snyk-io
Copy link
Copy Markdown

snyk-io bot commented Jan 23, 2026
edited
Loading

⚠️ Snyk checks are incomplete.

Status Scanner Critical High Medium Low Total (0)
⚠️ Open Source Security 0 0 0 0 See details

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn-1f8f5d6539 branch from e23a348 to 3daf88d Compare January 28, 2026 10:15
@dependabot @Dargon789
build(deps): bump the npm_and_yarn group across 1 directory with 26 u…
3dab740 
…pdates

Bumps the npm_and_yarn group with 16 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@sentry/browser](https://github.com/getsentry/sentry-javascript) | `6.7.2` | `7.119.1` |
| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |
| [nanoid](https://github.com/ai/nanoid) | `3.3.6` | `3.3.8` |
| [webpack](https://github.com/webpack/webpack) | `5.76.0` | `5.94.0` |
| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `4.7.4` | `5.2.1` |
| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.13.10` | `7.28.6` |
| [@solana/web3.js](https://github.com/solana-foundation/solana-web3.js) | `1.87.6` | `1.98.4` |
| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.9` | `1.15.11` |
| [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.5` |
| [h3](https://github.com/h3js/h3) | `1.11.1` | `1.15.5` |
| [jws](https://github.com/brianloveswords/node-jws) | `4.0.0` | `4.0.1` |
| [parse-uri](https://github.com/kikobeats/parse-uri) | `1.0.7` | `1.0.16` |
| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |
| [serialize-javascript](https://github.com/yahoo/serialize-javascript) | `6.0.1` | `6.0.2` |
| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |



Updates `@sentry/browser` from 6.7.2 to 7.119.1
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/7.119.1/CHANGELOG.md)
- [Commits](getsentry/sentry-javascript@6.7.2...7.119.1)

Updates `lodash` from 4.17.21 to 4.17.23
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.21...4.17.23)

Updates `nanoid` from 3.3.6 to 3.3.8
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](ai/nanoid@3.3.6...3.3.8)

Updates `webpack` from 5.76.0 to 5.94.0
- [Release notes](https://github.com/webpack/webpack/releases)
- [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md)
- [Commits](webpack/webpack@v5.76.0...v5.94.0)

Updates `webpack-dev-server` from 4.7.4 to 5.2.1
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/main/CHANGELOG.md)
- [Commits](webpack/webpack-dev-server@v4.7.4...v5.2.1)

Updates `@babel/runtime` from 7.13.10 to 7.28.6
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.28.6/packages/babel-runtime)

Updates `@solana/web3.js` from 1.87.6 to 1.98.4
- [Release notes](https://github.com/solana-foundation/solana-web3.js/releases)
- [Commits](solana-foundation/solana-web3.js@v1.87.6...v1.98.4)

Updates `body-parser` from 1.20.1 to 1.20.4
- [Release notes](https://github.com/expressjs/body-parser/releases)
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)
- [Commits](expressjs/body-parser@1.20.1...1.20.4)

Updates `cipher-base` from 1.0.4 to 1.0.7
- [Changelog](https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md)
- [Commits](browserify/cipher-base@v1.0.4...v1.0.7)

Updates `cookie` from 0.5.0 to 0.7.2
- [Release notes](https://github.com/jshttp/cookie/releases)
- [Commits](jshttp/cookie@v0.5.0...v0.7.2)

Updates `express` from 4.18.2 to 4.22.1
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/v4.22.1/History.md)
- [Commits](expressjs/express@4.18.2...v4.22.1)

Updates `follow-redirects` from 1.14.9 to 1.15.11
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.14.9...v1.15.11)

Updates `form-data` from 4.0.0 to 4.0.5
- [Release notes](https://github.com/form-data/form-data/releases)
- [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md)
- [Commits](form-data/form-data@v4.0.0...v4.0.5)

Updates `h3` from 1.11.1 to 1.15.5
- [Release notes](https://github.com/h3js/h3/releases)
- [Changelog](https://github.com/h3js/h3/blob/v1.15.5/CHANGELOG.md)
- [Commits](h3js/h3@v1.11.1...v1.15.5)

Updates `http-proxy-middleware` from 2.0.3 to 2.0.9
- [Release notes](https://github.com/chimurai/http-proxy-middleware/releases)
- [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.9/CHANGELOG.md)
- [Commits](chimurai/http-proxy-middleware@v2.0.3...v2.0.9)

Updates `jws` from 4.0.0 to 4.0.1
- [Release notes](https://github.com/brianloveswords/node-jws/releases)
- [Changelog](https://github.com/auth0/node-jws/blob/master/CHANGELOG.md)
- [Commits](auth0/node-jws@v4.0.0...v4.0.1)

Updates `node-forge` from 1.3.0 to 1.3.1
- [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md)
- [Commits](digitalbazaar/forge@v1.3.0...v1.3.1)

Updates `parse-uri` from 1.0.7 to 1.0.16
- [Release notes](https://github.com/kikobeats/parse-uri/releases)
- [Changelog](https://github.com/Kikobeats/parse-uri/blob/v1.0.16/CHANGELOG.md)
- [Commits](Kikobeats/parse-uri@v1.0.7...v1.0.16)

Updates `path-to-regexp` from 0.1.7 to 0.1.12
- [Release notes](https://github.com/pillarjs/path-to-regexp/releases)
- [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md)
- [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.12)

Updates `pbkdf2` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md)
- [Commits](browserify/pbkdf2@v3.1.2...v3.1.5)

Updates `qs` from 6.11.0 to 6.11.2
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.11.0...v6.11.2)

Updates `send` from 0.18.0 to 0.19.2
- [Release notes](https://github.com/pillarjs/send/releases)
- [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md)
- [Commits](pillarjs/send@0.18.0...0.19.2)

Updates `serialize-javascript` from 6.0.1 to 6.0.2
- [Release notes](https://github.com/yahoo/serialize-javascript/releases)
- [Commits](yahoo/serialize-javascript@v6.0.1...v6.0.2)

Updates `serve-static` from 1.15.0 to 1.16.3
- [Release notes](https://github.com/expressjs/serve-static/releases)
- [Changelog](https://github.com/expressjs/serve-static/blob/master/HISTORY.md)
- [Commits](expressjs/serve-static@v1.15.0...v1.16.3)

Updates `sha.js` from 2.4.11 to 2.4.12
- [Changelog](https://github.com/browserify/sha.js/blob/master/CHANGELOG.md)
- [Commits](browserify/sha.js@v2.4.11...v2.4.12)

Updates `webpack-dev-middleware` from 5.3.1 to 7.4.5
- [Release notes](https://github.com/webpack/webpack-dev-middleware/releases)
- [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/main/CHANGELOG.md)
- [Commits](webpack/webpack-dev-middleware@v5.3.1...v7.4.5)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-version: 7.119.1
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: lodash
  dependency-version: 4.17.23
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: nanoid
  dependency-version: 3.3.8
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: webpack
  dependency-version: 5.94.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: webpack-dev-server
  dependency-version: 5.2.1
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@babel/runtime"
  dependency-version: 7.28.6
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@solana/web3.js"
  dependency-version: 1.98.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: body-parser
  dependency-version: 1.20.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cipher-base
  dependency-version: 1.0.7
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cookie
  dependency-version: 0.7.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: express
  dependency-version: 4.22.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: follow-redirects
  dependency-version: 1.15.11
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: form-data
  dependency-version: 4.0.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: h3
  dependency-version: 1.15.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: http-proxy-middleware
  dependency-version: 2.0.9
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: jws
  dependency-version: 4.0.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: node-forge
  dependency-version: 1.3.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: parse-uri
  dependency-version: 1.0.16
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: path-to-regexp
  dependency-version: 0.1.12
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: pbkdf2
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: qs
  dependency-version: 6.11.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: send
  dependency-version: 0.19.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: serialize-javascript
  dependency-version: 6.0.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: serve-static
  dependency-version: 1.16.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: sha.js
  dependency-version: 2.4.12
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: webpack-dev-middleware
  dependency-version: 7.4.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@Dargon789 Dargon789 force-pushed the dependabot/npm_and_yarn/npm_and_yarn-1f8f5d6539 branch from 3daf88d to 3dab740 Compare January 28, 2026 10:20
@Dargon789 Dargon789 merged commit 33c2d62 into develop Jan 28, 2026
16 of 20 checks passed
@Dargon789 Dargon789 deleted the dependabot/npm_and_yarn/npm_and_yarn-1f8f5d6539 branch January 28, 2026 10:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Dargon789