chore(deps): update all non-major dependencies #114
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
![renovate-approve[bot]](https://avatars.githubusercontent.com/in/7394?s=60&v=4){kind=small}
renovate
bot
force-pushed
the
renovate/all-minor-patch
branch
2 times, most recently
from
05c8cc0 to
42146e9
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch
branch
from
42146e9 to
4b88877
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch
branch
2 times, most recently
from
2dbf793 to
b81c205
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch
branch
2 times, most recently
from
a40fbd9 to
f648aaf
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch
branch
from
f648aaf to
a44f069
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch
branch
4 times, most recently
from
777c480 to
75e5800
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch
branch
from
75e5800 to
e14f2be
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch
branch
3 times, most recently
from
ee7e15f to
21bb329
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch
branch
2 times, most recently
from
ee3bf4e to
d2129b4
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch
branch
from
d2129b4 to
ea820d4
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch
branch
2 times, most recently
from
dc1f6da to
dcd405e
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch
branch
3 times, most recently
from
d5d9abd to
22d7d98
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch
branch
from
22d7d98 to
1bd4f02
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch
branch
from
1bd4f02 to
8dad0d5
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
4.11.2->4.12.04.11.2->4.12.03.4.2->3.5.116.18.119->16.18.12620.18.1->20.19.110.9.1->10.9.23.3.3->3.5.329.2.5->29.3.25.7.2->5.8.3Release Notes
apollographql/apollo-server (@apollo/server)
v4.12.0Compare Source
Minor Changes
89e3f84Thanks @clenfest! - Adds a new graphql-js validation rule to reject operations that recursively request selections above a specified maximum, which is disabled by default. Use configuration optionmaxRecursiveSelections=trueto enable with a maximum of 10,000,000, ormaxRecursiveSelections=<number>for a custom maximum. Enabling this validation can help avoid performance issues with configured validation rules or plugins.Patch Changes
2550d9fThanks @slagiewka! - Add return after sending 400 response in doubly escaped JSON parser middlewarev4.11.3Compare Source
Patch Changes
f4228e8Thanks @glasser! - Compatibility with Next.js Turbopack. Fixes #8004.apollographql/apollo-server (@apollo/server-integration-testsuite)
v4.12.0Compare Source
Patch Changes
89e3f84,2550d9f]:v4.11.3Compare Source
Patch Changes
#8010
f4228e8Thanks @glasser! - Compatibility with Next.js Turbopack. Fixes #8004.Updated dependencies [
f4228e8,70eecce]:GoogleCloudPlatform/functions-framework-nodejs (@google-cloud/functions-framework)
v3.5.1Compare Source
Bug Fixes
v3.5.0Compare Source
Features
Bug Fixes
v3.4.6Compare Source
Bug Fixes
v3.4.5Compare Source
Bug Fixes
v3.4.4Compare Source
Bug Fixes
v3.4.3Compare Source
Bug Fixes
nodejs/node (node)
v20.19.1Compare Source
v20.19.0: 2025-03-13, Version 20.19.0 'Iron' (LTS), @marco-ippolitoCompare Source
Notable Changes
require(esm) is now enabled by default
Support for loading native ES modules using require() had been available on v20.x under the command line flag --experimental-require-module, and available by default on v22.x and v23.x. In this release, it is now no longer behind a flag on v20.x.
This feature has been tested on v23.x and v22.x, and we are looking for user feedback from v20.x to make more final tweaks before fully stabilizing it. When the Node.js instance encounters a native ES module in require() somewhere outside
node_modulesfor the first time, it will emit an experimental warning unlessrequire()comes from a path that containsnode_modules. If there happens to be any regressions caused by this feature, users can report it to the Node.js issue tracker. Meanwhile this feature can also be disabled using--no-experimental-require-moduleas a workaround.With this feature enabled, Node.js will no longer throw
ERR_REQUIRE_ESMifrequire()is used to load a ES module. It can, however, throwERR_REQUIRE_ASYNC_MODULEif the ES module being loaded or its dependencies contain top-levelawait. When the ES module is loaded successfully byrequire(), the returned object will either be a ES module namespace object similar to what's returned byimport(), or what gets exported as"module.exports"in the ES module.Users can check
process.features.require_moduleto see whetherrequire(esm)is enabled in the current Node.js instance. For packages, the"module-sync"exports condition can be used as a way to detectrequire(esm)support in the current Node.js instance and allow bothrequire()andimportto load the same native ES module. See the documentation for more details about this feature.Contributed by Joyee Cheung in #55085
Module syntax detection is now enabled by default
Module syntax detection (the
--experimental-detect-moduleflag) is nowenabled by default. Use
--no-experimental-detect-moduleto disable it ifneeded.
Syntax detection attempts to run ambiguous files as CommonJS, and if the module
fails to parse as CommonJS due to ES module syntax, Node.js tries again and runs
the file as an ES module.
Ambiguous files are those with a
.jsor no extension, where the nearest parentpackage.jsonhas no"type"field (either"type": "module"or"type": "commonjs").Syntax detection should have no performance impact on CommonJS modules, but it
incurs a slight performance penalty for ES modules; add
"type": "module"tothe nearest parent
package.jsonfile to eliminate the performance cost.A use case unlocked by this feature is the ability to use ES module syntax in
extensionless scripts with no nearby
package.json.Thanks to Geoffrey Booth for making this work on #53619.
Other Notable Changes
285bb4ee14] - crypto: update root certificates to NSS 3.107 (Node.js GitHub Bot) #5656673b5c16684] - (SEMVER-MINOR) worker: add postMessageToThread (Paolo Insogna) #53682de313b2336] - (SEMVER-MINOR) module: only emit require(esm) warning under --trace-require-module (Joyee Cheung) #561944fba01911d] - (SEMVER-MINOR) process: add process.features.require_module (Joyee Cheung) #55241df8a045afe] - (SEMVER-MINOR) module: implement the "module-sync" exports condition (Joyee Cheung) #54648f9dc1eaef5] - (SEMVER-MINOR) module: add __esModule to require()'d ESM (Joyee Cheung) #52166Commits
d84be843e3] - benchmark: add validateStream to styleText bench (Rafael Gonzaga) #56556d8eaf5b9b8] - build: fix compatibility with V8'sdepot_tools(Richard Lau) #573301ee4bf9690] - build: test macos-13 on GitHub actions (Michaël Zasso) #563071cc8d69882] - build: build v8 with -fvisibility=hidden on macOS (Joyee Cheung) #5627552f1f7e22b] - child_process: fix parsing messages with splitted length field (Maksim Gorkov) #561065ef3c3c996] - crypto: add missing return value check (Michael Dawson) #56615285bb4ee14] - crypto: update root certificates to NSS 3.107 (Node.js GitHub Bot) #5656646ceb9dc1c] - deps: update timezone to 2025a (Node.js GitHub Bot) #56876d4ca38fe8e] - deps: macro ENODATA is deprecated in libc++ (Cheng) #5669815214e6508] - deps: update simdutf to 6.0.3 (Node.js GitHub Bot) #565671e44f5d84b] - deps: update simdutf to 5.7.2 (Node.js GitHub Bot) #56388b92ff7be38] - deps: update googletest to7d76a23(Node.js GitHub Bot) #56387e1b71a81a9] - deps: update googletest toe54519b(Node.js GitHub Bot) #56370c0d45e7f38] - deps: update simdutf to 5.7.0 (Node.js GitHub Bot) #56332d69107f5a8] - deps: update icu to 76.1 (Node.js GitHub Bot) #555515c9a397699] - deps: V8: backport9ab4059(Lu Yahan) #567818342233f6d] - deps: update corepack to 0.31.0 (Node.js GitHub Bot) #56795561493d35e] - deps,src: simplify base64 encoding (Daniel Lemire) #527146207b2936c] - doc: move anatoli to emeritus (Michael Dawson) #56592b0ab483400] - doc: fix styles of the expandable TOC (Antoine du Hamel) #5675553e4dc2a82] - doc: add "Skip to content" button (Antoine du Hamel) #5675033ee4645c3] - doc: improve accessibility of expandable lists (Antoine du Hamel) #56749b514438418] - doc: add note regarding commit message trailers (Dario Piotrowicz) #56736627f2997e3] - doc: fix typo in example code for util.styleText (Robin Mehner) #5672068548dcb48] - doc: fix inconsistencies inWeakSetandWeakMapcomparison details (Shreyans Pathak) #56683337cfb2549] - doc: add RafaelGSS as latest sec release stewards (Rafael Gonzaga) #56682e890c86d7b] - doc: clarify cjs/esm diff inqueueMicrotask()vsprocess.nextTick()(Dario Piotrowicz) #56659978263923f] - doc:WeakSetandWeakMapcomparison details (Shreyans Pathak) #56648aba280ccd8] - doc: mention prepare --security (Rafael Gonzaga) #566170a009a527b] - doc: tweak info on reposts in ambassador program (Michael Dawson) #56589d2f09e2ab3] - doc: add type stripping to ambassadors program (Marco Ippolito) #56598b0b77d7fbe] - doc: improve internal documentation on built-in snapshot (Joyee Cheung) #565054b3e7fee94] - doc: document CLI way to open the nodejs/bluesky PR (Antoine du Hamel) #5650603878b0384] - doc: update gcc-version for ubuntu-lts (Kunal Kumar) #56553acbbd7c1a6] - doc: fix parentheses in options (Tobias Nießen) #565633fe80c30b8] - doc: include CVE to EOL lines as sec release process (Rafael Gonzaga) #56520ff8af58046] - doc: add esm examples to node:trace_events (Alfredo González) #5651427b9cfd135] - doc: add message for Ambassadors to promote (Michael Dawson) #56235020c939da1] - doc: allow request for TSC reviews via the GitHub UI (Antoine du Hamel) #564931ef9c9a354] - doc: add example for piping ReadableStream (Gabriel Schulhof) #56415e675c3a7fc] - doc: expand description ofparseArg'sdefault(Kevin Gibbons) #54431bc756da876] - doc: use<ul>instead of<ol>inSECURITY.md(Antoine du Hamel) #56346ad59c82a49] - doc: clarify that WASM is trusted (Matteo Collina) #563458e76cc69e5] - doc: move dual package shipping docs to separate repo (Joyee Cheung) #554449fda8e29cd] - doc: mark--env-file-if-existsflag as experimental (Juan José) #568939e975f1a7d] - doc: fix link and history ofSourceMapsections (Antoine du Hamel) #5709864ce95b8fc] - doc: updaterequire(ESM)history and stability status (Antoine du Hamel) #55199697a39248b] - doc: fix history ofprocess.features(Antoine du Hamel) #548977c38e503a3] - doc: add documentation for process.features (Marco Ippolito) #54897c85b386a39] - esm: fix jsdoc type refs toModuleJobBasein esm/loader (Jacob Smith) #564994813a6a66c] - esm: throwERR_REQUIRE_ESMinstead ofERR_INTERNAL_ASSERTION(Antoine du Hamel) #548680d327c8e47] - esm: refactorget_format(Antoine du Hamel) #53872e87db6c9bc] - events: add hasEventListener util for validate (Sunghoon) #55230674b932f33] - http: don't emit error after destroy (Robert Nagy) #554574c24ef8f71] - http2: omit server name when HTTP2 host is IP address (islandryu) #56530533afe8124] - lib: reduce amount of caught URL errors (Yagiz Nizipli) #5265834221a1d6e] - lib: allow CJS source map cache to be reclaimed (Chengzhong Wu) #51711f13589f1f9] - lib,src: iterate module requests of a module wrap in JS (Chengzhong Wu) #520586afee9ea43] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #5658085bb738739] - meta: add codeowners of security release document (Rafael Gonzaga) #5652148f9ca0992] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #563424d724121b4] - meta: move MoLow to TSC regular member (Moshe Atlow) #562765e2dab7868] - module: fix badrequire.resolvewith option paths for.and..(Dario Piotrowicz) #56735f507c05060] - module: simplify --inspect-brk handling (Joyee Cheung) #55679ed2d373e5a] - module: disable require(esm) for policy and network import (Joyee Cheung) #56927de313b2336] - (SEMVER-MINOR) module: only emit require(esm) warning under --trace-require-module (Joyee Cheung) #561943d89e6b6fa] - module: mark evaluation rejection in require(esm) as handled (Joyee Cheung) #56122e01dd4bd4f] - module: do not warn when require(esm) comes from node_modules (Joyee Cheung) #55960011e6e0032] - module: fix error thrown from require(esm) hitting TLA repeatedly (Joyee Cheung) #55520fdf50289c6] - module: trim off internal stack frames for require(esm) warnings (Joyee Cheung) #554968d33f78ca5] - module: allow ESM that failed to be required to be re-imported (Joyee Cheung) #555028192dd6cf3] - module: include module information in require(esm) warning (Joyee Cheung) #553971db210a0ec] - module: check --experimental-require-module separately from detection (Joyee Cheung) #55250cf8701c866] - module: use kNodeModulesRE to detect node_modules (Joyee Cheung) #55243dc66632261] - module: support 'module.exports' interop export in require(esm) (Guy Bedford) #545631ac1dda9a4] - (SEMVER-MINOR) module: unflag --experimental-require-module (Joyee Cheung) #55085683c93f45f] - module: refator ESM loader for adding future synchronous hooks (Joyee Cheung) #54769df8a045afe] - (SEMVER-MINOR) module: implement the "module-sync" exports condition (Joyee Cheung) #54648249d82b686] - module: report unfinished TLA in ambiguous modules (Antoine du Hamel) #549801925d729f9] - module: remove bogus assertion in CJS entrypoint handling with --import (Joyee Cheung) #54592d1331fccb2] - module: do not warn for typeless package.json when there isn't one (Joyee Cheung) #540459916458b44] - (SEMVER-MINOR) module: unflag detect-module (Geoffrey Booth) #53619f9dc1eaef5] - (SEMVER-MINOR) module: add __esModule to require()'d ESM (Joyee Cheung) #52166b86f575504] - module: do not set CJS variables for Worker eval (Antoine du Hamel) #5305030ed93db12] - module: cache synchronous module jobs before linking (Joyee Cheung) #52868a03faf289d] - module: support ESM detection in the CJS loader (Joyee Cheung) #52047b07ad39bda] - module: detect ESM syntax by trying to recompile as SourceTextModule (Joyee Cheung) #52413132a5c190f] - module: eliminate performance cost of detection for cjs entry (Geoffrey Booth) #5209355a57a189f] - node-api: remove deprecated attribute from napi_module_register (Vladimir Morozov) #561624fba01911d] - (SEMVER-MINOR) process: add process.features.require_module (Joyee Cheung) #55241c0fad18ac0] - src: add nullptr handling from X509_STORE_new() (Burkov Egor) #567005b88d48cbb] - src: add default value for RSACipherConfig mode field (Burkov Egor) #56701e3b69e57a6] - src: fix build with GCC 15 (tjuhaszrh) #56740a7c1d8c0e8] - src: initialize FSReqWrapSync in path that uses it (Michaël Zasso) #56613c06ac66356] - src: fix undefined script name in error source (Chengzhong Wu) #56502500f3ccc66] - src: lock the thread properly in snapshot builder (Joyee Cheung) #56327cf25a5edeb] - src: drain platform tasks before creating startup snapshot (Chengzhong Wu) #564038af1b53bb8] - src: safely remove the last line from dotenv (Shima Ryuhei) #55982bb57e909aa] - src: removebase64fromprocess.versions(Richard Lau) #53442b8c89a693e] - src: add--env-file-if-existsflag (Bosco Domingo) #530609097de073a] - src: don't match after--inDotenv::GetPathFromArgs(Aviv Keller) #54237ececd225b6] - src: implement IsInsideNodeModules() in C++ (Joyee Cheung) #5528618593b7d3e] - src: refactor embedded entrypoint loading (Joyee Cheung) #53573d7aefc0524] - stream: fix typo in ReadableStreamBYOBReader.readIntoRequests (Mattias Buelens) #56560fe5f7bcd47] - stream: validate undefined sizeAlgorithm in WritableStream (Jason Zhang) #5606712744c1fd4] - test: reduce number of written chunks (Luigi Pinca) #56757e121d7d62c] - test: fix invalid common.mustSucceed() usage (Luigi Pinca) #5675611b82de7ed] - test: use strict mode in global setters test (Rich Trott) #56742f9d6e35c5e] - test: cleanup and simplify test-crypto-aes-wrap (James M Snell) #56748792ce98699] - test: do not use common.isMainThread (Luigi Pinca) #567684f0cf475e0] - test: add test that uses multibyte for path and resolves modules (yamachu) #566963bc8d273c2] - test: add missing test for env file (Jonas) #56642ad39367712] - test: enforce strict mode in test-zlib-const (Rich Trott) #56689ca79914137] - test: test-stream-compose.js doesn't need internals (Meghan Denny) #5661908bde67101] - test: add maxCount and gcOptions to gcUntil() (Joyee Cheung) #5652240a0f6f6e3] - test: mark test-worker-prof as flaky on smartos (Joyee Cheung) #56583d17bf2f62a] - test: update test-child-process-bad-stdio to use node:test (Colin Ihrig) #565625660b99b43] - test: disable openssl 3.4.0 incompatible tests (Jelle van der Waa) #56160861c99f351] - test: make test-crypto-hash compatible with OpenSSL > 3.4.0 (Jelle van der Waa) #56160597a39b5f9] - test: update error code in tls-psk-circuit for for OpenSSL 3.4 (sebastianas) #56420721e9e1217] - test: add initial test426 coverage (Chengzhong Wu) #56436cfe5380c44] - test: update test-set-http-max-http-headers to use node:test (Colin Ihrig) #5643951ff71a87a] - test: update test-child-process-windows-hide to use node:test (Colin Ihrig) #56437d6aca0cd89] - test: increase spin for eventloop test on s390 (Michael Dawson) #5622882461af6ec] - test: migrate message eval tests from Python to JS (Yiyun Lei) #504825083bbb2bb] - test: remove async-hooks/test-writewrap flaky designation (Luigi Pinca) #56048b4b26e973d] - test: deflake test-esm-loader-hooks-inspect-brk (Luigi Pinca) #56050182be26b8a] - test: update WPT for url to67880a4(Node.js GitHub Bot) #55999e67a84902f] - test_runner: remove unused errors (Pietro Marchini) #566074274c6a015] - test_runner: run single test file benchmark (Pietro Marchini) #56479e57004458b] - tools: update doc to new version (Node.js GitHub Bot) #56259e039f2b571] - tools: do not throw on missingcreate-release-proposal.sh(Antoine du Hamel) #567049a1e314498] - tools: fix tools-deps-update (Daniel Lemire) #56684d6469b5287] - tools: do not throw on missingcreate-release-proposal.sh(Antoine du Hamel) #56695e162476fdc] - tools: fix permissions inlint-release-proposalworkflow (Antoine du Hamel) #56614914b4675c8] - tools: editcreate-release-proposalworkflow (Antoine du Hamel) #565404ff9aa7235] - tools: validate commit list as part oflint-release-commit(Antoine du Hamel) #56291589d0ae8ea] - tools: fix loong64 build failed (Xiao-Tao) #56466bc8c39bff8] - tools: disable unneeded rule ignoring in Python linting (Rich Trott) #564293b130002bb] - tools: add release line label when opening release proposal (Antoine du Hamel) #5631773b5c16684] - (SEMVER-MINOR) worker: add postMessageToThread (Paolo Insogna) #53682v20.18.3: 2025-02-10, Version 20.18.3 'Iron' (LTS), @marco-ippolitoCompare Source
Notable Changes
030f155986] - esm: mark import attributes and JSON module as stable (Nicolò Ribaudo) #55333b9b006331f] - doc: add LJHarb to collaborators (Jordan Harband) #5613239b89e90b4] - doc: enforce strict policy to semver-major releases (Rafael Gonzaga) #55732247fa1959f] - crypto: update root certificates to NSS 3.104 (Richard Lau) #55681adfc2f993a] - tools: fix root certificate updater (Richard Lau) #5568129862ae105] - doc: add jazelly to collaborators (Jason Zhang) #55531Commits
b4f5da18a5] - benchmark: addtest-reporters(Aviv Keller) #55757407992e272] - benchmark: addtest_runner/mock-fn(Aviv Keller) #5577117abec4367] - benchmark: add nodeTiming.uvmetricsinfo bench (RafaelGSS) #5561443f7050338] - benchmark: add --runs support to run.js (Rafael Gonzaga) #55158470789a981] - benchmark: adjust byte size for buffer-copy (Rafael Gonzaga) #55295ea1c97ac16] - buffer: document concat zero-fill (Duncan) #55562ae683a9e1f] - build: set DESTCPU correctly for 'make binary' on loongarch64 (吴小白) #56271af020edf96] - build: fix missing fp16 dependency in d8 builds (Joyee Cheung) #56266d6a1b74404] - build: add major release action (Rafael Gonzaga) #56199bc92a96a5a] - build: allow overriding clang usage (Shelley Vohr) #56016f370ec0989] - build: remove defaults for create-release-proposal (Rafael Gonzaga) #5604225e1862e87] - build: set node_arch to target_cpu in GN (Shelley Vohr) #5596755c205e5f6] - build: add create release proposal action (Rafael Gonzaga) #556909f14ba808d] - build: implement node_use_amaro flag in GN build (Cheng) #55798046430c47e] - build: fix building with system icu 76 (Michael Cho) #555630b6d62c812] - build: fix GN arg used in generate_config_gypi.py (Shelley Vohr) #555308f9c642369] - build: fix GN build for cares/uv deps (Cheng) #55477284e932326] - build: fix uninstall script for AIX 7.1 (Cloorc) #554382f71f168ef] - build: tidy up cares.gyp (Richard Lau) #55445e89e807522] - build: synchronize list of c-ares source files (Richard Lau) #554455eb6c94851] - build: fix path concatenation (Mohammed Keyvanzadeh) #55387720d23f3ac] - build: fix make errors that occur in Makefile (minkyu_kim) #55287dc552c6739] - build,win: enable pch for clang-cl (Stefan Stojanovic) #5524964b140d484] - cli: add--heap-profflag available toNODE_OPTIONS(Juan José) #5425923fb644037] - crypto: ensure CryptoKey usages and algorithm are cached objects (Filip Skokan) #56108247fa1959f] - crypto: update root certificates to NSS 3.104 (Richard Lau) #556813c4262a171] - deps: V8: cherry-pConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.