chore(deps): bump the dependencies group across 1 directory with 34 updates by dependabot[bot] · Pull Request #39 · Afzal14786/writespace

dependabot · 2026-06-07T07:07:32Z

Bumps the dependencies group with 34 updates in the / directory:

Package	From	To
@aws-sdk/client-s3	`3.1037.0`	`3.1063.0`
bullmq	`5.76.2`	`5.78.0`
cors	`2.8.5`	`2.8.6`
dotenv	`17.2.3`	`17.4.2`
express-rate-limit	`7.5.1`	`8.5.2`
helmet	`8.1.0`	`8.2.0`
joi	`18.0.2`	`18.2.1`
morgan	`1.10.1`	`1.11.0`
multer	`1.4.5-lts.1`	`2.1.1`
@types/multer	`1.4.13`	`2.1.0`
nodemailer	`8.0.5`	`8.0.10`
@types/nodemailer	`7.0.5`	`8.0.0`
pg	`8.18.0`	`8.21.0`
@types/pg	`8.16.0`	`8.20.0`
rate-limit-redis	`4.3.1`	`5.0.0`
redis	`5.10.0`	`6.0.0`
sanitize-html	`2.17.0`	`2.17.4`
@types/sanitize-html	`2.16.0`	`2.16.1`
slugify	`1.6.6`	`1.6.9`
validator	`13.15.26`	`13.15.35`
zario	`0.7.0`	`0.8.0`
zod	`3.23.8`	`4.4.3`
@eslint/js	`9.39.2`	`10.0.1`
@types/bcryptjs	`2.4.6`	`3.0.0`
@types/node	`25.0.9`	`25.9.2`
drizzle-kit	`0.31.8`	`0.31.10`
globals	`17.0.0`	`17.6.0`
nodemon	`3.1.11`	`3.1.14`
prettier	`3.8.0`	`3.8.3`
supertest	`6.3.4`	`7.2.2`
@types/supertest	`6.0.3`	`7.2.0`
ts-jest	`29.4.6`	`29.4.11`
tsc-alias	`1.8.16`	`1.8.17`
typescript-eslint	`8.53.0`	`8.60.1`

Updates @aws-sdk/client-s3 from 3.1037.0 to 3.1063.0

Release notes

Sourced from @aws-sdk/client-s3's releases.

v3.1063.0

3.1063.0(2026-06-05)

Chores

update author URL in package.json (#8080) (9bd1a86b)

crt-loader: update to latest aws-crt (#8079) (8c2bdabd)

New Features

clients: update client endpoints as of 2026-06-05 (fe9a398f)

client-sagemaker: This release adds support for MLflow experiment tracking in SageMaker inference optimization. CreateAIRecommendationJob and CreateAIBenchmarkJob now accept an optional OutputConfig.MlflowConfig (MLflow App ARN, experiment, run name) to stream benchmark metrics and artifacts to your own MLflow App. (39430442)

client-emr-serverless: Adds support for updating max capacity and custom fields while application is started (6c9cce08)

client-dynamodb: Adding new BDD representation of endpoint ruleset (416005d4)

client-mediaconvert: Adds support for configurable number of Clear Lead segments at the beginning of encrypted output. Adds support for multiple trickplay variants. (40eb4c6b)

client-payment-cryptography: Adds CloudFormation support for resource-based policies on AWS Payment Cryptography keys. (c32019a8)

client-quicksight: Adds support for Knowledge Base APIs and Index Capacity API (8205152f)

Bug Fixes

core/httpAuthSchemes: fix concurrent skew correction (#8078) (83e48928)

Tests

middleware-endpoint-discovery: remove integration tests (#8077) (02363831)

clients: add client error deserialization tests (#8075) (0dfa4ad1)

For list of updated packages, view updated-packages.md in assets-3.1063.0.zip

v3.1062.0

3.1062.0(2026-06-04)

Chores

scripts: include generated packages when validating declared imports 1-1 with used imports (#8072) (291ad366)

Documentation Changes

client-guardduty: Remove unsupported RDS field for filter (5815da7f)

New Features

client-interconnect: Adding new BDD representation of endpoint ruleset (34e23ef2)

client-ec2-instance-connect: Adding new BDD representation of endpoint ruleset (c2a4981e)

client-mq: BDD bulk update change rollout (e058b8fd)

client-workspaces: Adding new BDD representation of endpoint ruleset (6b1e3602)

client-connectparticipant: Adding new BDD representation of endpoint ruleset (22db2a6a)

... (truncated)

Changelog

Sourced from @aws-sdk/client-s3's changelog.

3.1063.0 (2026-06-05)

Note: Version bump only for package @aws-sdk/client-s3

3.1062.0 (2026-06-04)

Note: Version bump only for package @aws-sdk/client-s3

3.1061.0 (2026-06-03)

Note: Version bump only for package @aws-sdk/client-s3

3.1060.0 (2026-06-03)

Note: Version bump only for package @aws-sdk/client-s3

3.1059.0 (2026-06-02)

Note: Version bump only for package @aws-sdk/client-s3

3.1058.0 (2026-06-01)

Note: Version bump only for package @aws-sdk/client-s3

3.1057.0 (2026-05-29)

... (truncated)

Commits

85dabf4 Publish v3.1063.0
9bd1a86 chore: update author URL in package.json (#8080)
f5235bb Publish v3.1062.0
291ad36 chore(scripts): include generated packages when validating declared imports 1...
71df2cc Publish v3.1061.0
1216094 chore(middleware-sdk-s3): consolidate S3 internal packages (#8026)
8aeb92d Publish v3.1060.0
75bb4fc Publish v3.1059.0
6b082a6 chore(codegen): sync for adaptive retry fix, EAI_AGAIN transient error (#8067)
d7602d4 Publish v3.1058.0
Additional commits viewable in compare view

Updates bullmq from 5.76.2 to 5.78.0

Release notes

Sourced from bullmq's releases.

v5.78.0

5.78.0 (2026-06-02)

Features

rust: initial implementation of rust support (#4200) (38798cc)

v5.77.7

5.77.7 (2026-06-01)

Bug Fixes

deps: update dependency msgpackr to v2.0.2 [security] (#4202) (fbe04af)

v5.77.6

5.77.6 (2026-05-27)

Bug Fixes

types: change NodeRedisRawClient to be node-redis compliant (#4195) (81709e4)

v5.77.5

5.77.5 (2026-05-27)

Bug Fixes

connection: handle cluster reconnection with timeouts (#4186) (411690e)

v5.77.4

5.77.4 (2026-05-26)

Bug Fixes

deduplication: preserve custom jobId when requeuing keepLastIfActive proto-jobs (#4190) fixes #4030 (6e4972e)

v5.77.3

5.77.3 (2026-05-25)

Performance Improvements

bun-redis: remove per-command serialization to enable implicit pipelining (#4188) (685b074)

v5.77.2

5.77.2 (2026-05-24)

... (truncated)

Commits

38798cc feat(rust): initial implementation of rust support (#4200)
a45e0d9 chore(release): 5.77.7 (#4203)
fbe04af fix(deps): update dependency msgpackr to v2.0.2 [security] (#4202)
63c4054 chore(deps): update eslint to v8.60.0 [security] (#4192)
d2c9850 chore(release): v5.77.6 (#4199)
1c99570 chore(release): 5.77.5 (#4198)
81709e4 fix(types): change NodeRedisRawClient to be node-redis compliant (#4195)
411690e fix(connection): handle cluster reconnection with timeouts (#4186)
e7d7d87 chore(release): 5.77.4 (#4197)
6e4972e fix(deduplication): preserve custom jobId when requeuing keepLastIfActive pro...
Additional commits viewable in compare view

Updates cors from 2.8.5 to 2.8.6

Release notes

Sourced from cors's releases.

v2.8.6

What's Changed

Build: Node.js@12.16 and Node.js.13.12 by @smondal in expressjs/cors#189

Update README.md for origin function callback parameters by @dstudzinski in expressjs/cors#180

Suggest passing false for disallowed domains, not erroring by @shackpank in expressjs/cors#175

Changed the term whitelist to allowlist in Documentation by @jkasun in expressjs/cors#200

Fix typo in README by @alex-grover in expressjs/cors#207

Added new link & website in the README by @manjunath00 in expressjs/cors#269

Fix functions call with extra parameter by @LuisEGR in expressjs/cors#245

🐛 Fix readme status badge by @homersimpsons in expressjs/cors#306

chore: add support for OSSF scorecard reporting by @inigomarquinez in expressjs/cors#321

ci: fix errors in ci github action for node 8 by @inigomarquinez in expressjs/cors#322

test: improved test robustness by @Alex-GF in expressjs/cors#320

chore: upgrade scorecard workflow pinned action versions by @carpasse in expressjs/cors#341

ci: add CodeQL (SAST) by @bjohansebas in expressjs/cors#340

docs: remove broken link to demo site by @dpopp07 in expressjs/cors#344

OSSF Scorecard recommendations by @UlisesGascon in expressjs/cors#350

build(deps): bump github/codeql-action from 3.24.7 to 3.28.19 by @dependabot[bot] in expressjs/cors#351

build(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 by @dependabot[bot] in expressjs/cors#353

build(deps): bump actions/checkout from 4.1.1 to 4.2.2 by @dependabot[bot] in expressjs/cors#354

build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.2 by @dependabot[bot] in expressjs/cors#355

build(deps-dev): bump express from 4.17.1 to 4.21.2 by @dependabot[bot] in expressjs/cors#356

build(deps): bump actions/upload-artifact from 4.5.0 to 4.6.2 by @dependabot[bot] in expressjs/cors#352

build(deps-dev): bump mocha from 9.1.1 to 9.2.2 by @dependabot[bot] in expressjs/cors#358

update the docs for per request config by @jonchurch in expressjs/cors#338

(fix): readme updated for #271 origin option for * by @dhananjaysa92 in expressjs/cors#289

ci: upgrade Node versions by @UlisesGascon in expressjs/cors#359

chore: add funding to package.json by @bjohansebas in expressjs/cors#363

build(deps): bump github/codeql-action from 3.28.19 to 4.31.2 by @dependabot[bot] in expressjs/cors#371

build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by @dependabot[bot] in expressjs/cors#370

docs: Cleanup README by @efekrskl in expressjs/cors#374

chore: add node v25 by @imangas in expressjs/cors#375

Extend CI test matrix by @imangas in expressjs/cors#376

docs: simplify code examples with header comments by @jonchurch in expressjs/cors#386

docs: tweak intro, add note w/ browser enforcement, FAQ by @jonchurch in expressjs/cors#385

chore: remove HISTORY.md and nonexistent CONTRIBUTING.md from tarball by @Phillip9587 in expressjs/cors#388

Release: 2.8.6 by @UlisesGascon in expressjs/cors#390

New Contributors

@smondal made their first contribution in expressjs/cors#189

@dstudzinski made their first contribution in expressjs/cors#180

@shackpank made their first contribution in expressjs/cors#175

@jkasun made their first contribution in expressjs/cors#200

@alex-grover made their first contribution in expressjs/cors#207

@manjunath00 made their first contribution in expressjs/cors#269

@LuisEGR made their first contribution in expressjs/cors#245

@homersimpsons made their first contribution in expressjs/cors#306

@inigomarquinez made their first contribution in expressjs/cors#321

@Alex-GF made their first contribution in expressjs/cors#320

@carpasse made their first contribution in expressjs/cors#341

... (truncated)

Changelog

Sourced from cors's changelog.

2.8.6 / 2026-01-22

Improve documentation (API, context, examples...)

Remove additional markdown files from tarball

Commits

f00a8c1 2.8.6 (#390)
848e2bd chore: remove HISTORY.md and nonexistent CONTRIBUTING.md from tarball (#388)
cf8947e docs: tweak intro, add note w/ browser enforcement, FAQ (#385)
bbf62a5 docs: simplify code examples with header comments (#386)
f442e77 Extend CI test matrix (#376)
d5cf6cd ci: add support for node@25 (#375)
7e6f7ee docs: revamp content (#374)
b25644c build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 (#370)
f881e91 build(deps): bump github/codeql-action from 3.28.19 to 4.31.2 (#371)
9a9a760 chore: add funding to package.json (#363)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for cors since your current version.

Updates dotenv from 17.2.3 to 17.4.2

Changelog

Sourced from dotenv's changelog.

17.4.2 (2026-04-12)

Changed

Improved skill files - tightened up details (#1009)

17.4.1 (2026-04-05)

Changed

Change text injecting to injected (#1005)

17.4.0 (2026-04-01)

Added

Add skills/ folder with focused agent skills: skills/dotenv/SKILL.md (core usage) and skills/dotenvx/SKILL.md (encryption, multiple environments, variable expansion) for AI coding agent discovery via the skills.sh ecosystem (npx skills add motdotla/dotenv)

Changed

Tighten up logs: ◇ injecting env (14) from .env (#1003)

17.3.1 (2026-02-12)

Changed

Fix as2 example command in README and update spanish README

17.3.0 (2026-02-12)

Added

Add a new README section on dotenv’s approach to the agentic future.

Changed

Rewrite README to get humans started more quickly with less noise while simultaneously making more accessible for llms and agents to go deeper into details.

17.2.4 (2026-02-05)

Changed

Make DotenvPopulateInput accept NodeJS.ProcessEnv type (#915)

Give back to dotenv by checking out my newest project vestauth. It is auth for agents. Thank you for using my software.

Commits

f116f70 17.4.2
3a81612 fix visual order of faq
13f55a8 Merge branch 'skill'
4bbbf73 reorganize faq
c3da64b Merge pull request #1009 from motdotla/skill
6f743b1 update source
fc2c624 update skill
972315b Tighten up skill
2795fce reorganize faq
d5495d4 adjust skill
Additional commits viewable in compare view

Updates express-rate-limit from 7.5.1 to 8.5.2

Release notes

Sourced from express-rate-limit's releases.

v8.5.2

You can view the changelog here.

v8.5.1

You can view the changelog here.

v8.5.0

You can view the changelog here.

v8.4.1

You can view the changelog here.

v8.4.0

You can view the changelog here.

v8.3.2

You can view the changelog here.

v8.3.1

You can view the changelog here.

v8.3.0

You can view the changelog here.

v8.2.1

You can view the changelog here.

v8.2.0

You can view the changelog here.

v8.1.0

You can view the changelog here.

v8.0.1

You can view the changelog here.

v8.0.0

You can view the changelog here.

Commits

9774693 8.5.2
0e94cc0 v8.5.2 changelog
9a583c5 feat: simplify IPv6 key generation (#633)
4f4b3fb chore(deps-dev): bump lint-staged from 16.4.0 to 17.0.4 (#632)
3c1d6c5 chore(deps-dev): bump the development-dependencies group with 7 updates (#631)
18884b6 chore(deps): bump basic-ftp from 5.2.0 to 5.3.1 (#630)
dacc980 chore(deps): bump handlebars from 4.7.8 to 4.7.9 (#629)
486d0c6 chore(deps): bump follow-redirects from 1.15.11 to 1.16.0 (#627)
50cc3f6 8.5.1
92c8e3e chore: bump ip-address library to latest (#626)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for express-rate-limit since your current version.

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.

Updates helmet from 8.1.0 to 8.2.0

Changelog

Sourced from helmet's changelog.

8.2.0 - 2026-05-21

Cross-Origin-Opener-Policy: support noopener-allow-popups. See #522

Improve error message when passing duplicate options

Commits

638e43b 8.2.0
fdf25a8 Update changelog for 8.2.0 release
bd293b7 Update devDependencies to latest versions
81ce5cc Test supported Node versions on CI
807a888 Update to new URL
d4e0128 Add direct link to FAQ
437d2eb Bump actions/setup-node from 6.3.0 to 6.4.0 (#537)
a6bd779 Upgrade actions/setup-node to 6.3.0
1e09f5f Fix changelog typo
d526f5c Bump Picomatch dev sub-dependency
Additional commits viewable in compare view

Updates joi from 18.0.2 to 18.2.1

Commits

048fe05 18.2.1
2392713 Merge pull request #3113 from hapijs/fix/link-max-call-stack
fc146a6 fix: protect link recursion from max call stack
f4e97e0 18.2.0
626893d Merge pull request #3111 from hapijs/feat/link-maxRecursion
9c7a443 feat: add maxRecursion limit to links
7d43b12 18.1.2
d98c802 Merge pull request #3107 from mahmoodhamdi/fix/json-schema-number-rules
7edc591 fix: improve JSON Schema conversion for number.port() and number.sign()
06afeb5 18.1.1
Additional commits viewable in compare view

Updates morgan from 1.10.1 to 1.11.0

Release notes

Sourced from morgan's releases.

1.11.0

What's Changed

feat: add :pid token by @ganesh3367 in expressjs/morgan#329

Security Fix:

Escape control characters in :remote-user token to prevent log injection

Fixes CVE-2026-5078 GHSA-4vj7-5mj6-jm8m

New Contributors

@inigomarquinez made their first contribution in expressjs/morgan#291

@jonchurch made their first contribution in expressjs/morgan#299

@bjohansebas made their first contribution in expressjs/morgan#301

@UlisesGascon made their first contribution in expressjs/morgan#300

@ctcpip made their first contribution in expressjs/morgan#319

@ganesh3367 made their first contribution in expressjs/morgan#329

Full Changelog: expressjs/morgan@1.10.0...1.11.0

Changelog

Sourced from morgan's changelog.

1.11.0 / 2026-06-02

add :pid token

Security Fix:

Escape control characters in :remote-user token to prevent log injection

Fixes CVE-2026-5078 GHSA-4vj7-5mj6-jm8m

Commits

e0e6f17 Release 1.11.0 (#350)
b3f5d9b Merge commit from fork
203c758 build(deps): bump github/codeql-action from 4.32.4 to 4.35.2 (#346)
002bc81 build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#347)
561b0d7 build(deps): bump actions/upload-artifact from 5.0.0 to 7.0.0 (#338)
2db705e build(deps): bump github/codeql-action from 3.29.7 to 4.32.4 (#337)
a373c5f build(deps): bump ossf/scorecard-action from 2.3.1 to 2.4.3 (#327)
c8e72fa build(deps): bump actions/checkout from 4.1.1 to 6.0.1 (#324)
023300e build(deps): bump actions/upload-artifact from 4.3.1 to 4.6.2 (#307)
9d8d6c0 build(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 (#306)
Additional commits viewable in compare view

Updates multer from 1.4.5-lts.1 to 2.1.1

Release notes

Sourced from multer's releases.

v2.1.1

Important

Fix CVE-2026-3520 (GHSA-5528-5vmv-3xc2)

What's Changed

chore: add node version to 25.x in CI by @imangas in expressjs/multer#1372

chore(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.3 by @dependabot[bot] in expressjs/multer#1378

chore(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 by @dependabot[bot] in expressjs/multer#1377

chore(deps): bump github/codeql-action from 3.24.7 to 4.32.4 by @dependabot[bot] in expressjs/multer#1376

chore(deps): bump actions/upload-artifact from 4.5.0 to 7.0.0 by @dependabot[bot] in expressjs/multer#1375

chore(deps): bump actions/checkout from 4.1.1 to 6.0.2 by @dependabot[bot] in expressjs/multer#1374

fix error/abort handling by @ctcpip in expressjs/multer#1373

2.1.1 by @UlisesGascon in expressjs/multer#1380

New Contributors

@imangas made their first contribution in expressjs/multer#1372

@dependabot[bot] made their first contribution in expressjs/multer#1378

Full Changelog: expressjs/multer@v2.1.0...v2.1.1

v2.1.0

Important

Fix CVE-2026-2359 (GHSA-v52c-386h-88mc)

Fix CVE-2026-3304 (GHSA-xf7r-hgr6-v32p)

What's Changed

chore: add funding to package.json by @bjohansebas in expressjs/multer#1346

chore: drop mkdirp dependency by @wojtekmaj in expressjs/multer#1350

chore: drop object-assign dependency by @wojtekmaj in expressjs/multer#1351

chore: drop xtend dependency by @wojtekmaj in expressjs/multer#1352

chore(gitignore): ignore .nyc_output directory by @ShubhamOulkar in expressjs/multer#1332

Fix typo in README-vi.md regarding file upload by @Kunniii in expressjs/multer#1366

Fix typo in README-pt-br.md for array method by @matheushbm192 in expressjs/multer#1367

headers-support-utf8 by @Doc999tor in expressjs/multer#1210

Add Turkish translation (README-tr.md) by @Sabandogan in expressjs/multer#1360

Release: 2.1.0 by @UlisesGascon in expressjs/multer#1371

New Contributors

@wojtekmaj made their first contribution in expressjs/multer#1350

@ShubhamOulkar made their first contribution in expressjs/multer#1332

@Kunniii made their first contribution in expressjs/multer#1366

@matheushbm192 made their first contribution in expressjs/multer#1367

@Doc999tor made their first contribution in expressjs/multer#1210

@Sabandogan made their first contribution in expressjs/multer#1360

Full Changelog: expressjs/multer@v2.0.2...v2.1.0

... (truncated)

Changelog

Sourced from multer's changelog.

2.1.1

Fix CVE-2026-3520 (GHSA-5528-5vmv-3xc2)

fix error/abort handling

2.1.0

Add defParamCharset option for UTF-8 filename support (#1210)

Fix CVE-2026-2359 (GHSA-v52c-386h-88mc)

Fix CVE-2026-3304 (GHSA-xf7r-hgr6-v32p)

2.0.2

Fix CVE-2025-7338 (GHSA-fjgf-rc76-4x9p)

2.0.1

Fix CVE-2025-48997 (GHSA-g5hg-p3ph-g8qg)

2.0.0

Breaking change: The minimum supported Node version is now 10.16.0

Fix CVE-2025-47935 (GHSA-44fp-w29j-9vj5)

Fix CVE-2025-47944 (GHSA-4pg4-qvpc-4q3h)

1.4.5-lts.2

Fix out-of-band error event from busboy (#1177)

Commits

368c8a1 2.1.1 (#1380)
7e66481 🐛 fix recursion issue
643571e ✅ add explicit test for client able to send body without abrupt disconnect
e86fa52 fix error/abort handling
ca37779 chore(deps): bump actions/checkout from 4.1.1 to 6.0.2 (#1374)
13088f4 chore(deps): bump actions/upload-artifact from 4.5.0 to 7.0.0 (#1375)
bc6a1d1 chore(deps): bump github/codeql-action from 3.24.7 to 4.32.4 (#1376)
c496e93 chore(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 (#1377)
fa173d3 chore(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.3 (#1378)
17d7f51 chore: add node version to 25.x in CI
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for multer since your current version.

Updates @types/multer from 1.4.13 to 2.1.0

Commits

See full diff in compare view

Updates nodemailer from 8.0.5 to 8.0.10

Release notes

Sourced from nodemailer's releases.

v8.0.10

8.0.10 (2026-05-29)

Bug Fixes

fall back to lower-severity handler when custom logger lacks a level method (6d849df)

v8.0.9

8.0.9 (2026-05-26)

Bug Fixes

two pending security advisories (jsonTransport access bypass, List-* CRLF injection) (#1820) (5f69497)

v8.0.8

8.0.8 (2026-05-23)

Bug Fixes

enforce strict TLS for OAuth2 and Ethereal credential requests (#1818) (833d6e5)

four listener/stream leaks in SMTP transport, connection, pool (#1817) (850bb91)

v8.0.7

8.0.7 (2026-04-27)

Bug Fixes

keep domain as UTF-8 when local part is non-ASCII (#1814) (66d4ecb)

v8.0.6

8.0.6 (2026-04-24)

Bug Fixes

restore base64 wrap() trim behavior to prevent trailing CRLF (#1810) (#1811) (b1ae6c1)

Changelog

Sourced from

…pdates Bumps the dependencies group with 34 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.1037.0` | `3.1063.0` | | [bullmq](https://github.com/taskforcesh/bullmq) | `5.76.2` | `5.78.0` | | [cors](https://github.com/expressjs/cors) | `2.8.5` | `2.8.6` | | [dotenv](https://github.com/motdotla/dotenv) | `17.2.3` | `17.4.2` | | [express-rate-limit](https://github.com/express-rate-limit/express-rate-limit) | `7.5.1` | `8.5.2` | | [helmet](https://github.com/helmetjs/helmet) | `8.1.0` | `8.2.0` | | [joi](https://github.com/hapijs/joi) | `18.0.2` | `18.2.1` | | [morgan](https://github.com/expressjs/morgan) | `1.10.1` | `1.11.0` | | [multer](https://github.com/expressjs/multer) | `1.4.5-lts.1` | `2.1.1` | | [@types/multer](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/multer) | `1.4.13` | `2.1.0` | | [nodemailer](https://github.com/nodemailer/nodemailer) | `8.0.5` | `8.0.10` | | [@types/nodemailer](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/nodemailer) | `7.0.5` | `8.0.0` | | [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.18.0` | `8.21.0` | | [@types/pg](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/pg) | `8.16.0` | `8.20.0` | | [rate-limit-redis](https://github.com/express-rate-limit/rate-limit-redis) | `4.3.1` | `5.0.0` | | [redis](https://github.com/redis/node-redis) | `5.10.0` | `6.0.0` | | [sanitize-html](https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html) | `2.17.0` | `2.17.4` | | [@types/sanitize-html](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sanitize-html) | `2.16.0` | `2.16.1` | | [slugify](https://github.com/simov/slugify) | `1.6.6` | `1.6.9` | | [validator](https://github.com/validatorjs/validator.js) | `13.15.26` | `13.15.35` | | [zario](https://github.com/Dev-Dami/zario) | `0.7.0` | `0.8.0` | | [zod](https://github.com/colinhacks/zod) | `3.23.8` | `4.4.3` | | [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) | `9.39.2` | `10.0.1` | | [@types/bcryptjs](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/bcryptjs) | `2.4.6` | `3.0.0` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.0.9` | `25.9.2` | | [drizzle-kit](https://github.com/drizzle-team/drizzle-orm) | `0.31.8` | `0.31.10` | | [globals](https://github.com/sindresorhus/globals) | `17.0.0` | `17.6.0` | | [nodemon](https://github.com/remy/nodemon) | `3.1.11` | `3.1.14` | | [prettier](https://github.com/prettier/prettier) | `3.8.0` | `3.8.3` | | [supertest](https://github.com/ladjs/supertest) | `6.3.4` | `7.2.2` | | [@types/supertest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/supertest) | `6.0.3` | `7.2.0` | | [ts-jest](https://github.com/kulshekhar/ts-jest) | `29.4.6` | `29.4.11` | | [tsc-alias](https://github.com/justkey007/tsc-alias) | `1.8.16` | `1.8.17` | | [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.53.0` | `8.60.1` | Updates `@aws-sdk/client-s3` from 3.1037.0 to 3.1063.0 - [Release notes](https://github.com/aws/aws-sdk-js-v3/releases) - [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1063.0/clients/client-s3) Updates `bullmq` from 5.76.2 to 5.78.0 - [Release notes](https://github.com/taskforcesh/bullmq/releases) - [Commits](taskforcesh/bullmq@v5.76.2...v5.78.0) Updates `cors` from 2.8.5 to 2.8.6 - [Release notes](https://github.com/expressjs/cors/releases) - [Changelog](https://github.com/expressjs/cors/blob/master/HISTORY.md) - [Commits](expressjs/cors@v2.8.5...v2.8.6) Updates `dotenv` from 17.2.3 to 17.4.2 - [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md) - [Commits](motdotla/dotenv@v17.2.3...v17.4.2) Updates `express-rate-limit` from 7.5.1 to 8.5.2 - [Release notes](https://github.com/express-rate-limit/express-rate-limit/releases) - [Commits](express-rate-limit/express-rate-limit@v7.5.1...v8.5.2) Updates `helmet` from 8.1.0 to 8.2.0 - [Changelog](https://github.com/helmetjs/helmet/blob/main/CHANGELOG.md) - [Commits](helmetjs/helmet@v8.1.0...v8.2.0) Updates `joi` from 18.0.2 to 18.2.1 - [Commits](hapijs/joi@v18.0.2...v18.2.1) Updates `morgan` from 1.10.1 to 1.11.0 - [Release notes](https://github.com/expressjs/morgan/releases) - [Changelog](https://github.com/expressjs/morgan/blob/master/HISTORY.md) - [Commits](expressjs/morgan@1.10.1...1.11.0) Updates `multer` from 1.4.5-lts.1 to 2.1.1 - [Release notes](https://github.com/expressjs/multer/releases) - [Changelog](https://github.com/expressjs/multer/blob/main/CHANGELOG.md) - [Commits](expressjs/multer@v1.4.5-lts.1...v2.1.1) Updates `@types/multer` from 1.4.13 to 2.1.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/multer) Updates `nodemailer` from 8.0.5 to 8.0.10 - [Release notes](https://github.com/nodemailer/nodemailer/releases) - [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md) - [Commits](nodemailer/nodemailer@v8.0.5...v8.0.10) Updates `@types/nodemailer` from 7.0.5 to 8.0.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/nodemailer) Updates `pg` from 8.18.0 to 8.21.0 - [Changelog](https://github.com/brianc/node-postgres/blob/master/CHANGELOG.md) - [Commits](https://github.com/brianc/node-postgres/commits/pg@8.21.0/packages/pg) Updates `@types/pg` from 8.16.0 to 8.20.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/pg) Updates `rate-limit-redis` from 4.3.1 to 5.0.0 - [Release notes](https://github.com/express-rate-limit/rate-limit-redis/releases) - [Changelog](https://github.com/express-rate-limit/rate-limit-redis/blob/main/changelog.md) - [Commits](express-rate-limit/rate-limit-redis@v4.3.1...v5.0.0) Updates `redis` from 5.10.0 to 6.0.0 - [Release notes](https://github.com/redis/node-redis/releases) - [Changelog](https://github.com/redis/node-redis/blob/master/CHANGELOG.md) - [Commits](https://github.com/redis/node-redis/compare/redis@5.10.0...redis@6.0.0) Updates `sanitize-html` from 2.17.0 to 2.17.4 - [Changelog](https://github.com/apostrophecms/apostrophe/blob/main/packages/sanitize-html/CHANGELOG.md) - [Commits](https://github.com/apostrophecms/apostrophe/commits/HEAD/packages/sanitize-html) Updates `@types/sanitize-html` from 2.16.0 to 2.16.1 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/sanitize-html) Updates `slugify` from 1.6.6 to 1.6.9 - [Changelog](https://github.com/simov/slugify/blob/master/CHANGELOG.md) - [Commits](https://github.com/simov/slugify/commits) Updates `validator` from 13.15.26 to 13.15.35 - [Release notes](https://github.com/validatorjs/validator.js/releases) - [Changelog](https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md) - [Commits](validatorjs/validator.js@13.15.26...13.15.35) Updates `zario` from 0.7.0 to 0.8.0 - [Changelog](https://github.com/dev-dami/zario/blob/main/CHANGELOG.md) - [Commits](https://github.com/Dev-Dami/zario/commits) Updates `zod` from 3.23.8 to 4.4.3 - [Release notes](https://github.com/colinhacks/zod/releases) - [Commits](colinhacks/zod@v3.23.8...v4.4.3) Updates `@eslint/js` from 9.39.2 to 10.0.1 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](https://github.com/eslint/eslint/commits/v10.0.1/packages/js) Updates `@types/bcryptjs` from 2.4.6 to 3.0.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/bcryptjs) Updates `@types/multer` from 1.4.13 to 2.1.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/multer) Updates `@types/node` from 25.0.9 to 25.9.2 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@types/pg` from 8.16.0 to 8.20.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/pg) Updates `@types/sanitize-html` from 2.16.0 to 2.16.1 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/sanitize-html) Updates `drizzle-kit` from 0.31.8 to 0.31.10 - [Release notes](https://github.com/drizzle-team/drizzle-orm/releases) - [Commits](https://github.com/drizzle-team/drizzle-orm/compare/drizzle-kit@0.31.8...drizzle-kit@0.31.10) Updates `globals` from 17.0.0 to 17.6.0 - [Release notes](https://github.com/sindresorhus/globals/releases) - [Commits](sindresorhus/globals@v17.0.0...v17.6.0) Updates `nodemon` from 3.1.11 to 3.1.14 - [Release notes](https://github.com/remy/nodemon/releases) - [Commits](remy/nodemon@v3.1.11...v3.1.14) Updates `prettier` from 3.8.0 to 3.8.3 - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](prettier/prettier@3.8.0...3.8.3) Updates `supertest` from 6.3.4 to 7.2.2 - [Release notes](https://github.com/ladjs/supertest/releases) - [Commits](forwardemail/supertest@v6.3.4...v7.2.2) Updates `@types/supertest` from 6.0.3 to 7.2.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/supertest) Updates `ts-jest` from 29.4.6 to 29.4.11 - [Release notes](https://github.com/kulshekhar/ts-jest/releases) - [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md) - [Commits](kulshekhar/ts-jest@v29.4.6...v29.4.11) Updates `tsc-alias` from 1.8.16 to 1.8.17 - [Release notes](https://github.com/justkey007/tsc-alias/releases) - [Commits](justkey007/tsc-alias@v1.8.16...v1.8.17) Updates `typescript-eslint` from 8.53.0 to 8.60.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.60.1/packages/typescript-eslint) --- updated-dependencies: - dependency-name: "@aws-sdk/client-s3" dependency-version: 3.1063.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: bullmq dependency-version: 5.78.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: cors dependency-version: 2.8.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: dotenv dependency-version: 17.4.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: express-rate-limit dependency-version: 8.5.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: helmet dependency-version: 8.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: joi dependency-version: 18.2.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: morgan dependency-version: 1.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: multer dependency-version: 2.1.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: "@types/multer" dependency-version: 2.1.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: nodemailer dependency-version: 8.0.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: "@types/nodemailer" dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: pg dependency-version: 8.21.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: "@types/pg" dependency-version: 8.20.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: rate-limit-redis dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: redis dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: sanitize-html dependency-version: 2.17.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: "@types/sanitize-html" dependency-version: 2.16.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: slugify dependency-version: 1.6.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: validator dependency-version: 13.15.35 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: zario dependency-version: 0.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: zod dependency-version: 4.4.3 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: "@eslint/js" dependency-version: 10.0.1 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: "@types/bcryptjs" dependency-version: 3.0.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: "@types/multer" dependency-version: 2.1.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: "@types/node" dependency-version: 25.9.2 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: "@types/pg" dependency-version: 8.20.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: "@types/sanitize-html" dependency-version: 2.16.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: drizzle-kit dependency-version: 0.31.10 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: globals dependency-version: 17.6.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: nodemon dependency-version: 3.1.14 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: prettier dependency-version: 3.8.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: supertest dependency-version: 7.2.2 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: "@types/supertest" dependency-version: 7.2.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: ts-jest dependency-version: 29.4.11 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: tsc-alias dependency-version: 1.8.17 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: typescript-eslint dependency-version: 8.60.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-06-07T07:07:33Z

Labels

The following labels could not be found: backend. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 7, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the dependencies group across 1 directory with 34 updates#39

chore(deps): bump the dependencies group across 1 directory with 34 updates#39
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/dependencies-82f468245b

dependabot Bot commented on behalf of github Jun 7, 2026 •

edited

Loading

Uh oh!

dependabot Bot commented on behalf of github Jun 7, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Jun 7, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v3.1063.0

3.1063.0(2026-06-05)

Chores

New Features

Bug Fixes

Tests

v3.1062.0

3.1062.0(2026-06-04)

Chores

Documentation Changes

New Features

3.1063.0 (2026-06-05)

3.1062.0 (2026-06-04)

3.1061.0 (2026-06-03)

3.1060.0 (2026-06-03)

3.1059.0 (2026-06-02)

3.1058.0 (2026-06-01)

3.1057.0 (2026-05-29)

v5.78.0

5.78.0 (2026-06-02)

Features

v5.77.7

5.77.7 (2026-06-01)

Bug Fixes

v5.77.6

5.77.6 (2026-05-27)

Bug Fixes

v5.77.5

5.77.5 (2026-05-27)

Bug Fixes

v5.77.4

5.77.4 (2026-05-26)

Bug Fixes

v5.77.3

5.77.3 (2026-05-25)

Performance Improvements

v5.77.2

5.77.2 (2026-05-24)

v2.8.6

What's Changed

New Contributors

2.8.6 / 2026-01-22

17.4.2 (2026-04-12)

Changed

17.4.1 (2026-04-05)

Changed

17.4.0 (2026-04-01)

Added

Changed

17.3.1 (2026-02-12)

Changed

17.3.0 (2026-02-12)

Added

Changed

17.2.4 (2026-02-05)

Changed

v8.5.2

v8.5.1

v8.5.0

v8.4.1

v8.4.0

v8.3.2

v8.3.1

v8.3.0

v8.2.1

v8.2.0

v8.1.0

v8.0.1

v8.0.0

8.2.0 - 2026-05-21

1.11.0

What's Changed

New Contributors

1.11.0 / 2026-06-02

v2.1.1

Important

What's Changed

dependabot Bot commented on behalf of github Jun 7, 2026 •

edited

Loading