build(deps): bump the dependencies group across 1 directory with 25 updates

[dependabot]

Bumps the dependencies group with 24 updates in the / directory:

Package	From	To
@eslint/js	9.39.1	9.39.2
@types/node	24.10.1	25.0.3
eslint-plugin-jest	29.2.1	29.12.1
globals	16.5.0	17.0.0
lerna	9.0.1	9.0.3
ts-jest	29.4.5	29.4.6
typescript-eslint	8.47.0	8.52.0
node-forge	1.3.2	1.3.3
@aws-sdk/client-route-53	3.936.0	3.962.0
express	5.2.0	5.2.1
@types/express	5.0.1	5.0.6
@electron/rebuild	4.0.1	4.0.2
webpack	5.103.0	5.104.1
ipaddr.js	2.2.0	2.3.0
lru-cache	11.2.2	11.2.4
ws	8.18.3	8.19.0
bufferutil	4.0.9	4.1.0
utf-8-validate	6.0.5	6.0.6
qs	6.14.0	6.14.1
zod	4.1.13	4.3.5
supertest	7.1.4	7.2.2
nightwatch	3.12.3	3.14.0
webpack-bundle-analyzer	5.0.1	5.1.0
pino-pretty	13.1.2	13.1.3

Updates @eslint/js from 9.39.1 to 9.39.2

Release notes

Sourced from @​eslint/js's releases.

v9.39.2

Bug Fixes

• 5705833 fix: warn when eslint-env configuration comments are found (#20381) (sethamus)

Build Related

• 506f154 build: add .scss files entry to knip (#20391) (Milos Djermanovic)

Chores

• 7ca0af7 chore: upgrade to @eslint/js@9.39.2 (#20394) (Francesco Trotta)
• c43ce24 chore: package.json update for @​eslint/js release (Jenkins)
• 4c9858e ci: add v9.x-dev branch (#20382) (Milos Djermanovic)

Commits

• c43ce24 chore: package.json update for @​eslint/js release
• See full diff in compare view

Updates @types/node from 24.10.1 to 25.0.3

Commits

• See full diff in compare view

Updates eslint-plugin-jest from 29.2.1 to 29.12.1

Release notes

Sourced from eslint-plugin-jest's releases.

v29.12.1

29.12.1 (2026-01-02)

Bug Fixes

• no-unnecessary-assertion: don't report for any and unknown types (#1918) (388a36c)

v29.12.0

29.12.0 (2025-12-30)

Features

• prefer-mock-return-shorthand: greatly improve checking if mutable variables are used (#1914) (13bbd20)

v29.11.4

29.11.4 (2025-12-30)

Bug Fixes

• prefer-mock-return-shorthand: ignore use of update expressions (#1913) (5713ac9)

v29.11.3

29.11.3 (2025-12-30)

Bug Fixes

• prefer-mock-return-shorthand: ignore async implementations (#1912) (80288e2)

v29.11.2

29.11.2 (2025-12-29)

Bug Fixes

• prefer-mock-return-shorthand: don't report mutable implementations (#1908) (b164700)

v29.11.1

29.11.1 (2025-12-29)

Bug Fixes

• unbound-method: ignore inline use of jest.mocked(...) (#1862) (3a50b97)

v29.11.0

29.11.0 (2025-12-23)

... (truncated)

Changelog

Sourced from eslint-plugin-jest's changelog.

29.12.1 (2026-01-02)

Bug Fixes

• no-unnecessary-assertion: don't report for any and unknown types (#1918) (388a36c)

29.12.0 (2025-12-30)

Features

• prefer-mock-return-shorthand: greatly improve checking if mutable variables are used (#1914) (13bbd20)

29.11.4 (2025-12-30)

Bug Fixes

• prefer-mock-return-shorthand: ignore use of update expressions (#1913) (5713ac9)

29.11.3 (2025-12-30)

Bug Fixes

• prefer-mock-return-shorthand: ignore async implementations (#1912) (80288e2)

29.11.2 (2025-12-29)

Bug Fixes

• prefer-mock-return-shorthand: don't report mutable implementations (#1908) (b164700)

29.11.1 (2025-12-29)

Bug Fixes

• unbound-method: ignore inline use of jest.mocked(...) (#1862) (3a50b97)

29.11.0 (2025-12-23)

Features

• create new prefer-mock-return-shorthand rule (#1897) (0eb94b6)

29.10.1 (2025-12-22)

... (truncated)

Commits

• 45edad2 chore(release): 29.12.1 [skip ci]
• 388a36c fix(no-unnecessary-assertion): don't report for any and unknown types (#1...
• badfe77 docs: put rule descriptions after title (#1916)
• ce44f84 chore: update eslint-remote-tester (#1915)
• cc3cd98 chore(release): 29.12.0 [skip ci]
• 13bbd20 feat(prefer-mock-return-shorthand): greatly improve checking if mutable varia...
• eaa5549 chore(release): 29.11.4 [skip ci]
• 5713ac9 fix(prefer-mock-return-shorthand): ignore use of update expressions (#1913)
• e9f1a58 chore(release): 29.11.3 [skip ci]
• 80288e2 fix(prefer-mock-return-shorthand): ignore async implementations (#1912)
• Additional commits viewable in compare view

Updates globals from 16.5.0 to 17.0.0

Release notes

Sourced from globals's releases.

v17.0.0

Breaking

• Split audioWorklet environment from browser (#320) 7bc293e

Improvements

• Update globals (#329) ebe1063
• Get all browser globals from both chrome and firefox (#321) 59ceff8
• Add bunBuiltin environment (#324) 1bc6e3b
• Add denoBuiltin environment (#324) 1bc6e3b
• Add paintWorklet environment (#323) 4b78f56
• Add sharedWorker environment (#322) 4a02a85

---

sindresorhus/globals@v16.5.0...v17.0.0

Commits

• bb89b18 17.0.0
• ebe1063 Update globals (2026-01-01) (#329)
• e3d8da3 Revert "Automate script for paintWorklet environment (#325)" (#328)
• e7c0453 Automate script for paintWorklet environment (#325)
• 1bc6e3b Add bunBuiltin and denoBuiltin (#324)
• 4b78f56 Add paintWorklet environment (#323)
• 59ceff8 Get all browser globals from both chrome and firefox (#321)
• 4a02a85 Add sharedWorker environment (#322)
• 7bc293e Split audioWorklet environment from browser (#320)
• 814075f Fix browser launch (#319)
• Additional commits viewable in compare view

Updates lerna from 9.0.1 to 9.0.3

Release notes

Sourced from lerna's releases.

v9.0.3

9.0.3 (2025-11-27)

Bumped some dependencies to reduce audit warning noise.

NOTE: 9.0.2 does not exist because of a failed release

Changelog

Sourced from lerna's changelog.

9.0.3 (2025-11-27)

Note: Version bump only for package lerna

9.0.2 (2025-11-27)

Note: Version bump only for package lerna

Commits

• 215ff00 chore(misc): publish 9.0.3
• b1b2166 chore(misc): publish 9.0.2
• 6c1ea96 chore(deps): bump js-yaml from 4.1.0 to 4.1.1 (#4245)
• See full diff in compare view

Updates ts-jest from 29.4.5 to 29.4.6

Release notes

Sourced from ts-jest's releases.

v29.4.6

Please refer to CHANGELOG.md for details.

Changelog

Sourced from ts-jest's changelog.

29.4.6 (2025-12-01)

Bug Fixes

• log hybrid module as warning instead of failing tests (#5144) (528d37c), closes #5130

Commits

• 202bde5 chore(release): 29.4.6 (#5146)
• 528d37c fix: log hybrid module as warning instead of failing tests (#5144)
• 141e5af build(deps): update github/codeql-action digest to 497990d
• d281cce build(deps): update google/osv-scanner-action action to v2.3.0
• 0d20322 build(deps): update dependency memfs to ^4.51.0
• 455dde2 build(deps): update dependency js-yaml to ^4.1.1
• d579480 build(deps): update dependency @​types/node to v20.19.25
• f6859d0 build(deps): update dependency @​types/yargs to ^17.0.35
• 4d7e432 build(deps): update github/codeql-action digest to d3ced5c
• 4ea70c9 build(deps): update actions/checkout digest to 34e1148
• Additional commits viewable in compare view

Updates typescript-eslint from 8.47.0 to 8.52.0

Release notes

Sourced from typescript-eslint's releases.

v8.52.0

8.52.0 (2026-01-05)

🚀 Features

• eslint-plugin-internal: [no-multiple-lines-of-errors] add rule (#11899)
• typescript-estree: add tseslint.com redirects for CLI outputs (#11895)

🩹 Fixes

• eslint-plugin: [no-useless-default-assignment] handle conditional initializer (#11908)
• eslint-plugin: [no-base-to-string] detect @@​toPrimitive and valueOf (#11901)

❤️ Thank You

• Josh Goldberg ✨
• Ulrich Stark

You can read about our versioning strategy and releases on our website.

v8.51.0

8.51.0 (2025-12-29)

🚀 Features

• eslint-plugin: expose rule name via RuleModule interface (#11719)
• eslint-plugin: [no-useless-default-assignment] fix some cases to optional syntax (#11871)
• eslint-plugin: add namespace to plugin meta (#11885)
• tsconfig-utils: more informative error on parsing failures (#11888)

🩹 Fixes

• eslint-plugin: fix crash and false positives in no-useless-default-assignment (#11845)
• eslint-plugin: remove fixable from no-dynamic-delete rule (#11876)
• eslint-plugin: bump ts-api-utils to 2.2.0 (#11881)
• eslint-plugin: [prefer-optional-chain] handle MemberExpression in final chain position (#11835)

❤️ Thank You

• Josh Goldberg ✨
• Kirk Waiblinger @​kirkwaiblinger
• mdm317
• Ulrich Stark
• Yannick Decat @​mho22
• Yukihiro Hasegawa @​y-hsgw

You can read about our versioning strategy and releases on our website.

v8.50.1

8.50.1 (2025-12-22)

... (truncated)

Changelog

Sourced from typescript-eslint's changelog.

8.52.0 (2026-01-05)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.51.0 (2025-12-29)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.50.1 (2025-12-22)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.50.0 (2025-12-15)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.49.0 (2025-12-08)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.48.1 (2025-12-02)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.48.0 (2025-11-24)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

• 9ddd571 chore(release): publish 8.52.0
• 95c7c73 chore: update deps to latest minor/patch (#11921)
• e4c57f5 chore(release): publish 8.51.0
• d520b88 chore(release): publish 8.50.1
• c62e858 chore(release): publish 8.50.0
• 864595a chore(release): publish 8.49.0
• 32b7e89 chore(deps): update dependency @​vitest/eslint-plugin to v1.5.1 (#11816)
• 8fe3445 chore(release): publish 8.48.1
• 6fb1551 chore(release): publish 8.48.0
• a4dc42a chore: migrate to nx 22 (#11780)
• See full diff in compare view

Updates node-forge from 1.3.2 to 1.3.3

Changelog

Sourced from node-forge's changelog.

1.3.3 - 2025-12-02

Fixed

• [pkcs12] Make digestAlgorithm parameters optional to fix PKCS#12/PFX issues introduced in 1.3.2.

Commits

• 1cea0af Release 1.3.3.
• 5265989 Update changelog.
• e4f3961 Fix changelog for release.
• 503979b Update changelog.
• c3b3b32 Make digestAlgorithm parameters optional
• 6f70043 Update CVE details.
• f547b0d Start 1.3.3-0.
• See full diff in compare view

Updates @aws-sdk/client-route-53 from 3.936.0 to 3.962.0

Release notes

Sourced from @​aws-sdk/client-route-53's releases.

v3.962.0

3.962.0(2026-01-02)

Chores

• codegen:
  • update release tag for 0.41.0 (#7617) (61ed97dd)
  • sync for waiter codegen fix (#7614) (dbc6c8b3)
  • release smithy-typescript-aws-codegen v0.41.0 (#7609) (e4d9a938)
  • sync for default schema generation (#7608) (a5096088)

New Features

• client-identitystore: This change introduces "Roles" attribute for User entities supported by AWS Identity Store SDK. (80de895d)
• client-cleanrooms: Added support for publishing detailed metrics to CloudWatch for operational monitoring of collaborations, including query performance and resource utilization. (762ac213)
• codegen: include lib package versions in sdkVersions.properties file (#7616) (978a0720)

Tests

• credential-provider-login: mock Date for determinism (#7613) (287d8e47)

---

For list of updated packages, view updated-packages.md in assets-3.962.0.zip

v3.961.0

3.961.0(2025-12-30)

New Features

• clients: update client endpoints as of 2025-12-30 (e653544c)
• client-connect: Adds support for searching global contacts using the ActiveRegions filter, and pagination support for ListSecurityProfileFlowModules and ListEntitySecurityProfiles. (fc921795)
• client-kafkaconnect: This change sets the KafkaConnect GovCloud FIPS and FIPS DualStack endpoints to use kafkaconnect instead of kafkaconnect-fips as the service name. This is done to match the Kafka endpoints. (bb5638e8)

---

For list of updated packages, view updated-packages.md in assets-3.961.0.zip

v3.960.0

3.960.0(2025-12-29)

New Features

• client-connect: Changes for Contact for Global Search (4a3526b7)
• client-quicksight: This release adds support for quick users to be able to perform role upgrades on their own. Additionally it allows admins to make this feature admin or auto approval along with new self upgrade capability that can be restricted by Admins. (fb0bfe2b)

Tests

... (truncated)

Changelog

Sourced from @​aws-sdk/client-route-53's changelog.

3.962.0 (2026-01-02)

Note: Version bump only for package @​aws-sdk/client-route-53

3.958.0 (2025-12-23)

Note: Version bump only for package @​aws-sdk/client-route-53

3.957.0 (2025-12-22)

Note: Version bump only for package @​aws-sdk/client-route-53

3.956.0 (2025-12-19)

Note: Version bump only for package @​aws-sdk/client-route-53

3.955.0 (2025-12-18)

Note: Version bump only for package @​aws-sdk/client-route-53

3.954.0 (2025-12-17)

Note: Version bump only for package @​aws-sdk/client-route-53

3.953.0 (2025-12-16)

... (truncated)

Commits

• 821ef45 Publish v3.962.0
• dbc6c8b chore(codegen): sync for waiter codegen fix (#7614)
• 57ab7df Publish v3.958.0
• da9c913 chore(build): generate clients without formatting prettier/eslint (#7599)
• bd65e3e Publish v3.957.0
• 04bdba3 chore(build): replace lerna partial-tree build with turbo (#7597)
• 561b890 chore: move e2e tests from cucumber to vitest (#7539)
• 7804018 Publish v3.956.0
• 2c73829 chore(codegen): update for $unknown union member handling (#7591)
• 821ba3b Publish v3.955.0
• Additional commits viewable in compare view

Updates express from 5.2.0 to 5.2.1

Release notes

Sourced from express's releases.

v5.2.1

What's Changed

[!IMPORTANT]
The prior release (5.2.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.

• Release: 5.2.1 by @​UlisesGascon in expressjs/express#6933

Full Changelog: expressjs/express@v5.2.0...v5.2.1

Changelog

Sourced from express's changelog.

5.2.1 / 2025-12-01

• Revert security fix for CVE-2024-51999 (GHSA-pj86-cfqh-vqx6)
  • The prior release (5.2.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.

Commits

• dbac741 5.2.1
• 697547c Revert "sec: security patch for CVE-2024-51999"
• See full diff in compare view

Updates @types/express from 5.0.1 to 5.0.6

Commits

• See full diff in compare view

Updates @types/express from 5.0.1 to 5.0.6

Commits

• See full diff in compare view

Updates @electron/rebuild from 4.0.1 to 4.0.2

Release notes

Sourced from @​electron/rebuild's releases.

v4.0.2

4.0.2 (2025-12-09)

Bug Fixes

• force release (#1219) (7a8eeea)
• scoped modules work with onlyModules / --only (#1218) (88ddc8f)

Commits

• 7a8eeea fix: force release (#1219)
• 88ddc8f fix: scoped modules work with onlyModules / --only (#1218)
• f26868f chore(deps): bump js-yaml from 3.14.1 to 3.14.2 (#1217)
• 94b3da6 chore(deps): bump actions/checkout from 5.0.0 to 6.0.0 (#1216)
• f10bc07 ci: use npm trusted publishing instead of CFA (#1215)
• 8db209c docs: add API documentation and clean up README (#1214)
• 645dfab chore(deps): bump actions/setup-node from 5.0.0 to 6.0.0 (#1213)
• c3f6cb9 refactor: remove chalk dep (#1212)
• 5c46077 chore(deps): bump brace-expansion from 1.1.11 to 1.1.12 (#1211)
• f5876d0 build: migrate to Yarn 4 (#1210)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​electron/rebuild since your current version.

Updates webpack from 5.103.0 to 5.104.1

Release notes

Sourced from webpack's releases.

v5.104.1

5.104.1

Patch Changes

• 2efd21b: Reexports runtime calculation should not accessing WEBPACK_IMPORT_KEY decl with var.
• c510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.

v5.104.0

5.104.0

Minor Changes

• d3dd841: Use method shorthand to render module content in __webpack_modules__ object.
• d3dd841: Enhance import.meta.env to support object access.
• 4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.
• 04cd530: Handle more at-rules for CSS modules.
• cafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.
• d3dd841: Added base64url, base62, base58, base52, base49, base36, base32 and base25 digests.
• 5983843: Provide a stable runtime function variable __webpack_global__.
• d3dd841: Improved localIdentName hashing for CSS.

Patch Changes

• 22c48fb: Added module existence check for informative error message in development mode.
• 50689e1: Use the fully qualified class name (or export name) for [fullhash] placeholder in CSS modules.
• d3dd841: Support universal lazy compilation.
• d3dd841: Fixed module library export definitions when multiple runtimes.
• d3dd841: Fixed CSS nesting and CSS custom properties parsing.
• d3dd841: Don't write fragment from URL to filename and apply fragment to module URL.
• aab1da9: Fixed bugs for css/global type.
• d3dd841: Compatibility import.meta.filename and import.meta.dirname with eval devtools.
• d3dd841: Handle nested __webpack_require__.
• 728ddb7: The speed of identifier parsing has been improved.
• 0f8b31b: Improve types.
• d3dd841: Don't corrupt debugId injection when hidden-source-map is used.
• 2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.
• d3dd841: Serialize HookWebpackError.
• d3dd841: Added ability to use built-in properties in dotenv and define plugin.
• 3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.
• d3dd841: Reduce collision for local indent name in CSS.
• d3dd841: Remove CSS link tags when CSS imports are removed.

Changelog

Sourced from webpack's changelog.

5.104.1

Patch Changes

• 2efd21b: Reexports runtime calculation should not accessing WEBPACK_IMPORT_KEY decl with var.
• c510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.

5.104.0

Minor Changes

• d3dd841: Use method shorthand to render module content in __webpack_modules__ object.
• d3dd841: Enhance import.meta.env to support object access.
• 4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.
• 04cd530: Handle more at-rules for CSS modules.
• cafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.
• d3dd841: Added base64url, base62, base58, base52, base49, base36, base32 and base25 digests.
• 5983843: Provide a stable runtime function variable __webpack_global__.
• d3dd841: Improved localIdentName hashing for CSS.

Patch Changes

• 22c48fb: Added module existence check for informative error message in development mode.
• 50689e1: Use the fully qualified class name (or export name) for [fullhash] placeholder in CSS modules.
• d3dd841: Support universal lazy compilation.
• d3dd841: Fixed module library export definitions when multiple runtimes.
• d3dd841: Fixed CSS nesting and CSS custom properties parsing.
• d3dd841: Don't write fragment from URL to filename and apply fragment to module URL.
• aab1da9: Fixed bugs for css/global type.
• d3dd841: Compatibility import.meta.filename and import.meta.dirname with eval devtools.
• d3dd841: Handle nested __webpack_require__.
• 728ddb7: The speed of identifier parsing has been improved.
• 0f8b31b: Improve types.
• d3dd841: Don't corrupt debugId injection when hidden-source-map is used.
• 2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.
• d3dd841: Serialize HookWebpackError.
• d3dd841: Added ability to use built-in properties in dotenv and define plugin.
• 3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.
• d3dd841: Reduce collision for local indent name in CSS.
• d3dd841: Remove CSS link tags when CSS imports are removed.

Commits

• 24e3c2d chore(release): new release (#20253)
• 2efd21b fix(re-exports): reexports runtime calculation should not accessing `__WEBPAC...
• c510070 fix(security): userinfo bypass vulnerability in HttpUriPlugin allowedUris
• 4b0501c ci: fix release (#20252)
• 0c213ce ci: use \<@&1450591255485743204> over @here for discord notificationw
• 5bf8bc5 refactor: types for benchmarks and tests
• 505a5e7 chore(release): new release (#20188)
• 0c06680 refactor: update eslint configuration
• 2eb0d6a ci: release announcement (#20238)
• b2b2459 ci: cancel in progress (#20239)
• Additional commits viewable in compare view

Updates ipaddr.js from 2.2.0 to 2.3.0

Changelog

Sourced from ipaddr.js's changelog.

2.3.0 - 2025-11-27

• add isValidCIDRFourPartDecimal helper for IPv4 CIDR in four-part decimal form
• upgrade eslint dev dependency to v9
• remove duplicated LICENSE entry from published files list

Commits

• e373b4e Bump version to 2.3.0
• d564b1d Add IPv4 CIDR four-part decimal validator
• 08c2cd4 dep(eslint): upgrade to v9
• e6438fe remove LICENSE from files, redundant, always included
• See full diff in compare view

Updates lru-cache from 11.2.2 to 11.2.4

Commits

• e4ea6c8 11.2.4
• 4c6930e consistent prettier setting
• f29fceb autopurge: also clear timers for eviction, clear()
• 05d673b 11.2.3
• 49b3fbe clean up Timer objects when using ttlAutopurge
• b7b7c4e BlueOak-1.0.0
• e5df0bb ci: get rid of tests for dead node versions
• See full diff in compare view

Updates ws from 8.18.3 to 8.19.0

Release notes

Sourced from ws's releases.

8.19.0

Features

• Added the closeTimeout option (#2308).

Bug fixes

• Handled a forthcoming breaking change in Node.js core (19984854).

Commits

• 61349ec [dist] 8.19.0
• 3f9ffc6 [feature] Introduce the closeTimeout option (#2308)
• 1998485 [fix] Ensure all remaining data is read as a single chunk
• 726c373 [doc] Sort options alphabetically
• b151f1e [ci] Update actions/checkout action to v6
• dabdd5b [ci] Update actions/setup-node action to v6
• 86eac5b [ci] Test on node 25
• 1891e14 [ci] Update actions/setup-node action to v5
• aa28c77 [ci] Update actions/checkout action to v5
• See full diff in compare view

Updates bufferutil from 4.0.9 to 4.1.0

Commits

• 580a8a9 [dist] 4.1.0
• b4cd4cd [lint] Fix prettier error
• 2a16fa9 [pkg] Update node-gyp to version 12.1.0
• 18f122a [minor] Support buffers greater than 2^32 bytes in length
• 321fbe4 [perf] Do not make compiler life harder (#164)
• 557a7af [ci] Build and deploy two platform-specific binaries for macOS
• 33932c1 [build] Do not build a universal binary for macOS (#167)
• ca57ce2 [ci] Build the prebuilt binary for macOS with the Intel runner image
• 1b9081d [ci] Update actions/checkout action to v6
• 31eb0ad [ci] Update actions/upload-artifact action to v5
• Additional commits viewable in compare view

Updates utf-8-validate from 6.0.5 to 6.0.6

Commits

• e8f7d2f [dist] 6.0.6
• 161245d [pkg] Update node-gyp to version 12.1.0
• 3da9111 [ci] Build and d...

  Description has been truncated

  ---

  [!NOTE]
  Broad dependency refresh across the monorepo with no source changes.

  • Backend/runtime: express → 5.2.1 (reverts prior breaking extended query parser change), @aws-sdk/client-route-53 → 3.962.0, ws → 8.19.0 (+ bufferutil → 4.1.0, utf-8-validate → 6.0.6), ipaddr.js → 2.3.0, lru-cache → 11.2.4, node-forge → 1.3.3, qs → 6.14.1, zod → 4.3.5.
  • Build/tooling: webpack → 5.104.1 (includes security fixes and CSS/import.meta improvements), webpack-bundle-analyzer → 5.1.0, @electron/rebuild → 4.0.2, nightwatch → 3.14.0, supertest → 7.2.2, pino-pretty → 13.1.3.
  • Lint/TS: @eslint/js → 9.39.2, eslint-plugin-jest → 29.12.1, globals → 17.0.0 (breaking), typescript-eslint → 8.52.0, @types/node → 25.0.3, @types/express → 5.0.6, ts-jest → 29.4.6, lerna → 9.0.3.

  Packages updated: root and multiple workspaces (autocertifier-*, dht, proto-rpc, sdk, utils, browser-test-runner, geoip-location, node, test-utils).

  ^{Written by Cursor Bugbot for commit 8208200. This will update automatically on new commits. Configure here.}