chore(deps): bump the security-updates group across 1 directory with 10 updates by dependabot[bot] · Pull Request #31 · alternatefutures/package-cloud-cli

dependabot · 2025-12-08T23:32:57Z

Bumps the security-updates group with 10 updates in the / directory:

Package	From	To
@aws-sdk/client-lambda	`3.906.0`	`3.947.0`
axios	`1.12.2`	`1.13.2`
eciesjs	`0.4.7`	`0.4.16`
esbuild	`0.27.0`	`0.27.1`
files-from-path	`1.0.0`	`1.1.4`
ts-node	`10.9.1`	`10.9.2`
@changesets/cli	`2.29.7`	`2.29.8`
@tsconfig/node16	`16.1.5`	`16.1.8`
@types/estree	`1.0.5`	`1.0.8`
@types/lodash	`4.17.20`	`4.17.21`

Updates @aws-sdk/client-lambda from 3.906.0 to 3.947.0

Release notes

Sourced from @aws-sdk/client-lambda's releases.

v3.947.0

3.947.0(2025-12-08)

Chores

codegen: service closure knowledge index (#7554) (731dbfef)

core/client: emit warning for Node.js 18.x end-of-support (#7540) (fee7ba1d)

Documentation Changes

add support policy section for Node.js/ECMAScript versions (#7556) (bf1f6e0b)

New Features

clients: update client endpoints as of 2025-12-08 (7e0d61b2)

client-cost-explorer: Add support for Cost Category resource associations including filtering by resource type on ListCostCategoryDefinitions and new ListCostCategoryResourceAssociations API. (011b4f65)

client-sesv2: Update Mail Manager Archive ARN validation (18c203b2)

client-redshift-serverless: Added GetIdentityCenterAuthToken API to retrieve encrypted authentication tokens for Identity Center integrated serverless workgroups. This API enables programmatic access to secure Identity Center tokens with proper error handling and parameter validation across supported SDK languages. (c3d27769)

client-identitystore: Updating AWS Identity Store APIs to support Attribute Extensions capability, with the first release adding Enterprise Attributes. This launch aligns Identity Store APIs with SCIM for enterprise attributes, reducing cases when customers are forced to use SCIM due to lack of SigV4 API support. (14887fde)

client-rds: Adding support for tagging RDS Instance/Cluster Automated Backups (41b9a139)

client-partnercentral-selling: Deal Sizing Service for AI-based deal size estimation with AWS service-level breakdown, supporting Expansion and Migration deals across Technology, and Reseller partner cohorts, including Pricing Calculator AddOn for MAP deals and funding incentives. (867598e2)

client-rolesanywhere: Increases certificate string length for trust anchor source data to support ML-DSA certificates. (481b863e)

client-ec2: Amazon EC2 P6-B300 instances provide 8x NVIDIA Blackwell Ultra GPUs with 2.1 TB high bandwidth GPU memory, 6.4 Tbps EFA networking, 300 Gbps dedicated ENA throughput, and 4 TB of system memory. Amazon EC2 C8a instances are powered by 5th Gen AMD EPYC processors with a maximum frequency of 4.5 GHz. (229ff011)

Tests

core/protocols: add test and additional condition for xml declaration (#7552) (c83c986a)

For list of updated packages, view updated-packages.md in assets-3.947.0.zip

v3.946.0

3.946.0(2025-12-05)

Chores

codegen:

release smithy-aws-typescript-codegen 0.39.0 (#7548) (abaca492)

sync for typescript formatting (#7546) (da6eee73)

type imports and index tests (#7545) (eb4e29bd)

deps: bump jws from 3.2.2 to 3.2.3 (#7544) (a934dcb7)

Documentation Changes

client-ecs: Updating stop-task API to encapsulate containers with custom stop signal (d7a58e20)

New Features

... (truncated)

Changelog

Sourced from @aws-sdk/client-lambda's changelog.

3.947.0 (2025-12-08)

Note: Version bump only for package @aws-sdk/client-lambda

3.946.0 (2025-12-05)

Note: Version bump only for package @aws-sdk/client-lambda

3.945.0 (2025-12-04)

Features

client-lambda: Add DisallowedByVpcEncryptionControl to the LastUpdateStatusReasonCode and StateReasonCode enums to represent failures caused by VPC Encryption Controls. (cc1ebe7)

3.943.0 (2025-12-02)

Features

client-lambda: Launching Lambda durable functions - a new feature to build reliable multi-step applications and AI workflows natively within the Lambda developer experience. (01476cf)

3.942.0 (2025-12-01)

Features

client-lambda: Launching Lambda Managed Instances - a new feature to run Lambda on EC2. (ea7080c)

3.940.0 (2025-11-25)

... (truncated)

Commits

656bd00 Publish v3.947.0
731dbfe chore(codegen): service closure knowledge index (#7554)
309a20f Publish v3.946.0
da6eee7 chore(codegen): sync for typescript formatting (#7546)
eb4e29b chore(codegen): type imports and index tests (#7545)
fce0442 Publish v3.945.0
cc1ebe7 feat(client-lambda): Add DisallowedByVpcEncryptionControl to the LastUpdateSt...
6900953 Publish v3.943.0
01476cf feat(client-lambda): Launching Lambda durable functions - a new feature to bu...
c44350d Publish v3.942.0
Additional commits viewable in compare view

Updates axios from 1.12.2 to 1.13.2

Release notes

Sourced from axios's releases.

Release v1.13.2

Release notes:

Bug Fixes

http: fix 'socket hang up' bug for keep-alive requests when using timeouts; (#7206) (8d37233)

http: use default export for http2 module to support stubs; (#7196) (0588880)

Performance Improvements

http: fix early loop exit; (#7202) (12c314b)

Contributors to this release

Dmitriy Mozgovoy

Kasper Isager Dalsgarð

Release v1.13.1

Release notes:

Bug Fixes

http: fixed a regression that caused the data stream to be interrupted for responses with non-OK HTTP statuses; (#7193) (bcd5581)

Contributors to this release

Anchal Singh

Dmitriy Mozgovoy

Release v1.13.0

Release notes:

Bug Fixes

fetch: prevent TypeError when config.env is undefined (#7155) (015faec)

resolve issue #7131 (added spacing in mergeConfig.js) (#7133) (9b9ec98)

Features

http: add HTTP2 support; (#7150) (d676df7)

Contributors to this release

Dmitriy Mozgovoy

Noritaka Kobayashi

Aviraj2929

prasoon patel

Samyak Dandge

Anchal Singh

Rahul Kumar

Amit Verma

... (truncated)

Changelog

Sourced from axios's changelog.

1.13.2 (2025-11-04)

Bug Fixes

http: fix 'socket hang up' bug for keep-alive requests when using timeouts; (#7206) (8d37233)

http: use default export for http2 module to support stubs; (#7196) (0588880)

Performance Improvements

http: fix early loop exit; (#7202) (12c314b)

Contributors to this release

Dmitriy Mozgovoy

Kasper Isager Dalsgarð

1.13.1 (2025-10-28)

Bug Fixes

http: fixed a regression that caused the data stream to be interrupted for responses with non-OK HTTP statuses; (#7193) (bcd5581)

Contributors to this release

Anchal Singh

Dmitriy Mozgovoy

1.13.0 (2025-10-27)

Bug Fixes

fetch: prevent TypeError when config.env is undefined (#7155) (015faec)

resolve issue #7131 (added spacing in mergeConfig.js) (#7133) (9b9ec98)

Features

http: add HTTP2 support; (#7150) (d676df7)

Contributors to this release

Dmitriy Mozgovoy

Noritaka Kobayashi

Aviraj2929

prasoon patel

Samyak Dandge

... (truncated)

Commits

08b84b5 chore(release): v1.13.2 (#7207)
8d37233 fix(http): fix 'socket hang up' bug for keep-alive requests when using timeou...
12c314b perf(http): fix early loop exit; (#7202)
f6d79e7 chore(sponsor): update sponsor block (#7203)
0588880 fix(http): use default export for http2 module to support stubs; (#7196)
1ef8e72 chore(release): v1.13.1 (#7194)
bcd5581 fix(http): fixed a regression that caused the data stream to be interrupted f...
c9b3371 chore: enhance styling and responsiveness in client.html (#7173)
9ead04d [Release] v1.13.0 (#7189)
d000fbf fix(http2): fix possible race condition when handling http2 stream on almost ...
Additional commits viewable in compare view

Updates eciesjs from 0.4.7 to 0.4.16

Release notes

Sourced from eciesjs's releases.

v0.4.16

What's Changed

Upgrade biome by @kigawas in ecies/js#850

Add x25519 tests by @kigawas in ecies/js#851

Bump dependencies by @kigawas in ecies/js#855

Mention deno support in README by @kigawas in ecies/js#856

Combine get elliptic curve config in utils by @kigawas in ecies/js#860

Bump dependencies by @kigawas in ecies/js#864

Drop Node 18 by @kigawas in ecies/js#865

Prepare for noble-curves v2 by @kigawas in ecies/js#869

Full Changelog: ecies/js@v0.4.15...v0.4.16

v0.4.15

What's Changed

Update CHANGELOG.md by @kigawas in ecies/js#834

Bump typescript from 5.7.3 to 5.8.2 by @dependabot in ecies/js#835

Bump undici from 7.3.0 to 7.4.0 by @dependabot in ecies/js#837

Bump dependencies by @kigawas in ecies/js#838

Lint code with biome by @kigawas in ecies/js#839

Revamp documentation by @kigawas in ecies/js#840

Configurable curve in keys and utils by @kigawas in ecies/js#843

Bump undici from 7.7.0 to 7.8.0 by @dependabot in ecies/js#845

Bump dependencies by @kigawas in ecies/js#847

Full Changelog: ecies/js@v0.4.14...v0.4.15

v0.4.14

What's Changed

Bump undici from 7.1.1 to 7.2.0 by @dependabot in ecies/js#825

Bump dependencies by @kigawas in ecies/js#826

Add sponsor: dotenvx by @kigawas in ecies/js#827

Bump undici from 7.2.0 to 7.2.3 by @dependabot in ecies/js#828

Bump dependencies by @kigawas in ecies/js#832

Add details by @kigawas in ecies/js#833

Full Changelog: ecies/js@v0.4.13...v0.4.14

v0.4.13

What's Changed

Bump dependencies by @kigawas in ecies/js#822

Revamp doc by @kigawas in ecies/js#823

Full Changelog: ecies/js@v0.4.12...v0.4.13

v0.4.12

... (truncated)

Changelog

Sourced from eciesjs's changelog.

0.4.16

Bump dependencies

Drop Node 18 support

Remove deprecated @noble/curves usage

0.4.15

Bump dependencies

Revamp documentation

Make curve configurable in keys and utils via argument

0.4.14

Bump dependencies

Add details

Revamp documentation

0.4.13

Bump dependencies

0.4.12

Add PublicKey.toBytes and deprecate PublicKey.compressed and PublicKey.uncompressed

Save uncompressed public key data for secp256k1

0.4.11

Revamp encapsulate/decapsulate

Revamp symmetric encryption/decryption

Revamp elliptic utils

Add browser tests

0.4.10

Fix commonjs build

0.4.9

Add examples

Update documentation

Migrate to vitest

Export all modules to allow full customization

Introduce @ecies/ciphers as symmetric cipher adapter for different platforms

Use pure JS (@noble/ciphers) AES implementation if running in browsers to improve compatibility

Use node:crypto's chacha20 implementation on Node runtime to improve performance

0.4.1 ~ 0.4.8

... (truncated)

Commits

66c5447 Prepare for noble-curves v2 (#869)
b42acd2 Drop Node 18 (#865)
06aaf7c Bump dependencies (#864)
053d5ab Combine get elliptic curve config in utils (#860)
3142816 Mention deno support in README (#856)
7c6883f Bump dependencies (#855)
ee4d2ba Add x25519 tests (#851)
20c819c Upgrade biome (#850)
4e737b4 Bump dependencies (#847)
6e3a064 Bump undici from 7.7.0 to 7.8.0 (#845)
Additional commits viewable in compare view

Updates esbuild from 0.27.0 to 0.27.1

Release notes

Sourced from esbuild's releases.

v0.27.1
Fix bundler bug with var nested inside if (#4348)

This release fixes a bug with the bundler that happens when importing an ES module using require (which causes it to be wrapped) and there's a top-level var inside an if statement without being wrapped in a { ... } block (and a few other conditions). The bundling transform needed to hoist these var declarations outside of the lazy ES module wrapper for correctness. See the issue for details.
Fix minifier bug with for inside try inside label (#4351)

This fixes an old regression from version v0.21.4. Some code was introduced to move the label inside the try statement to address a problem with transforming labeled for await loops to avoid the await (the transformation involves converting the for await loop into a for loop and wrapping it in a try statement). However, it introduces problems for cross-compiled JVM code that uses all three of these features heavily. This release restricts this transform to only apply to for loops that esbuild itself generates internally as part of the for await transform. Here is an example of some affected code:
// Original code
d: {
  e: {
    try {
      while (1) { break d }
    } catch { break e; }
  }
}
// Old output (with --minify)
a:try{e:for(;;)break a}catch{break e}
// New output (with --minify)
a:e:try{for(;;)break a}catch{break e}
Inline IIFEs containing a single expression (#4354)

Previously inlining of IIFEs (immediately-invoked function expressions) only worked if the body contained a single return statement. Now it should also work if the body contains a single expression statement instead:
// Original code
const foo = () => {
  const cb = () => {
    console.log(x())
  }
  return cb()
}
// Old output (with --minify)
const foo=()=>(()=>{console.log(x())})();
// New output (with --minify)
const foo=()=>{console.log(x())};
The minifier now strips empty finally clauses (#4353)

This improvement means that finally clauses containing dead code can potentially cause the associated try statement to be removed from the output entirely in minified builds:

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.27.1
Fix bundler bug with var nested inside if (#4348)

This release fixes a bug with the bundler that happens when importing an ES module using require (which causes it to be wrapped) and there's a top-level var inside an if statement without being wrapped in a { ... } block (and a few other conditions). The bundling transform needed to hoist these var declarations outside of the lazy ES module wrapper for correctness. See the issue for details.
Fix minifier bug with for inside try inside label (#4351)

This fixes an old regression from version v0.21.4. Some code was introduced to move the label inside the try statement to address a problem with transforming labeled for await loops to avoid the await (the transformation involves converting the for await loop into a for loop and wrapping it in a try statement). However, it introduces problems for cross-compiled JVM code that uses all three of these features heavily. This release restricts this transform to only apply to for loops that esbuild itself generates internally as part of the for await transform. Here is an example of some affected code:
// Original code
d: {
  e: {
    try {
      while (1) { break d }
    } catch { break e; }
  }
}
// Old output (with --minify)
a:try{e:for(;;)break a}catch{break e}
// New output (with --minify)
a:e:try{for(;;)break a}catch{break e}
Inline IIFEs containing a single expression (#4354)

Previously inlining of IIFEs (immediately-invoked function expressions) only worked if the body contained a single return statement. Now it should also work if the body contains a single expression statement instead:
// Original code
const foo = () => {
  const cb = () => {
    console.log(x())
  }
  return cb()
}
// Old output (with --minify)
const foo=()=>(()=>{console.log(x())})();
// New output (with --minify)
const foo=()=>{console.log(x())};
The minifier now strips empty finally clauses (#4353)

This improvement means that finally clauses containing dead code can potentially cause the associated try statement to be removed from the output entirely in minified builds:

... (truncated)

Commits

5e0e56d publish 0.27.1 to npm
5a89732 fix #4354: improve IIFE inlining for expressions
b940218 minify: move unused expr simplification later
c46d498 fix #4353: remove empty try/finally clauses
7a72735 fix #4348: bundler bug with var inside if
4e4e177 fix #4351: label + try + for minifier bug
d6427c9 fix: deno release url wrong comment (#4326)
48e3e19 calling Symbol.for with a primitive never throws
4ff88d0 update decorator-tests.js snapshot
1877e60 calling Symbol with a primitive will never throw
See full diff in compare view

Updates files-from-path from 1.0.0 to 1.1.4

Release notes

Sourced from files-from-path's releases.

v1.1.4

1.1.4 (2025-03-25)

Bug Fixes

build (448b532)

v1.1.3

1.1.3 (2025-02-12)

Bug Fixes

github URLs (51f7007)

v1.1.2

1.1.2 (2025-02-11)

Bug Fixes

Add missing types key to package entry point (#41) (b645e00)

v1.1.1

1.1.1 (2024-11-15)

Bug Fixes

docs (ac4fb2d)

v1.1.0

1.1.0 (2024-11-15)

Features

normalise paths for windows file paths (#38) (41bb5c5)

v1.0.4

1.0.4 (2023-12-07)

Bug Fixes

build step cannot be run in dist dir (198359f)

v1.0.3

1.0.3 (2023-11-29)

... (truncated)

Changelog

Sourced from files-from-path's changelog.

1.1.4 (2025-03-25)

Bug Fixes

build (448b532)

1.1.3 (2025-02-12)

Bug Fixes

github URLs (51f7007)

1.1.2 (2025-02-11)

Bug Fixes

Add missing types key to package entry point (#41) (b645e00)

1.1.1 (2024-11-15)

Bug Fixes

docs (ac4fb2d)

1.1.0 (2024-11-15)

Features

normalise paths for windows file paths (#38) (41bb5c5)

1.0.4 (2023-12-07)

Bug Fixes

build step cannot be run in dist dir (198359f)

1.0.3 (2023-11-29)

Bug Fixes

publish from dist (#33) (fea9816)

1.0.2 (2023-11-20)

... (truncated)

Commits

7b7b88f chore(main): release 1.1.4 (#44)
448b532 fix: build
f44ee52 chore(main): release 1.1.3 (#43)
8bec0b4 chore: update nodejs version in CI
647cd4f Merge branch 'main' of github.com:storacha/files-from-path
51f7007 fix: github URLs
9bd3b25 chore(main): release 1.1.2 (#42)
b645e00 fix: Add missing types key to package entry point (#41)
724c917 chore(main): release 1.1.1 (#40)
ac4fb2d fix: docs
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by it-dag-house, a new releaser for files-from-path since your current version.

Updates ts-node from 10.9.1 to 10.9.2

Release notes

Sourced from ts-node's releases.

Fix tsconfig.json file not found

Fixed

Fixed tsconfig.json file not found on latest TypeScript version (TypeStrong/ts-node#2091)

Commits

057ac1b 10.9.2
c8805d5 Update package lock
99862f7 Bump swc dependency
cdc4e88 Ignore test files in build schema
08cdfb0 Backport swc fixes on main
9639daa Ignore test files in build
cc1a503 Fix tsconfig.json not found with TS >= 5.3 (#2091)
See full diff in compare view

Updates @changesets/cli from 2.29.7 to 2.29.8

Commits

See full diff in compare view

Updates @tsconfig/node16 from 16.1.5 to 16.1.8

Commits

See full diff in compare view

Updates @types/estree from 1.0.5 to 1.0.8

Commits

See full diff in compare view

Updates @types/lodash from 4.17.20 to 4.17.21

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

dependabot · 2025-12-08T23:32:57Z

Labels

The following labels could not be found: dependencies, security. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

github-actions · 2025-12-08T23:33:21Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

…10 updates Bumps the security-updates group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@aws-sdk/client-lambda](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-lambda) | `3.906.0` | `3.947.0` | | [axios](https://github.com/axios/axios) | `1.12.2` | `1.13.2` | | [eciesjs](https://github.com/ecies/js) | `0.4.7` | `0.4.16` | | [esbuild](https://github.com/evanw/esbuild) | `0.27.0` | `0.27.1` | | [files-from-path](https://github.com/storacha/files-from-path) | `1.0.0` | `1.1.4` | | [ts-node](https://github.com/TypeStrong/ts-node) | `10.9.1` | `10.9.2` | | [@changesets/cli](https://github.com/changesets/changesets) | `2.29.7` | `2.29.8` | | [@tsconfig/node16](https://github.com/tsconfig/bases/tree/HEAD/bases) | `16.1.5` | `16.1.8` | | [@types/estree](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/estree) | `1.0.5` | `1.0.8` | | [@types/lodash](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/lodash) | `4.17.20` | `4.17.21` | Updates `@aws-sdk/client-lambda` from 3.906.0 to 3.947.0 - [Release notes](https://github.com/aws/aws-sdk-js-v3/releases) - [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-lambda/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.947.0/clients/client-lambda) Updates `axios` from 1.12.2 to 1.13.2 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.12.2...v1.13.2) Updates `eciesjs` from 0.4.7 to 0.4.16 - [Release notes](https://github.com/ecies/js/releases) - [Changelog](https://github.com/ecies/js/blob/master/CHANGELOG.md) - [Commits](ecies/js@v0.4.7...v0.4.16) Updates `esbuild` from 0.27.0 to 0.27.1 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md) - [Commits](evanw/esbuild@v0.27.0...v0.27.1) Updates `files-from-path` from 1.0.0 to 1.1.4 - [Release notes](https://github.com/storacha/files-from-path/releases) - [Changelog](https://github.com/storacha/files-from-path/blob/main/CHANGELOG.md) - [Commits](storacha/files-from-path@v1.0.0...v1.1.4) Updates `ts-node` from 10.9.1 to 10.9.2 - [Release notes](https://github.com/TypeStrong/ts-node/releases) - [Changelog](https://github.com/TypeStrong/ts-node/blob/main/development-docs/release-template.md) - [Commits](TypeStrong/ts-node@v10.9.1...v10.9.2) Updates `@changesets/cli` from 2.29.7 to 2.29.8 - [Release notes](https://github.com/changesets/changesets/releases) - [Commits](https://github.com/changesets/changesets/commits) Updates `@tsconfig/node16` from 16.1.5 to 16.1.8 - [Commits](https://github.com/tsconfig/bases/commits/HEAD/bases) Updates `@types/estree` from 1.0.5 to 1.0.8 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/estree) Updates `@types/lodash` from 4.17.20 to 4.17.21 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/lodash) --- updated-dependencies: - dependency-name: "@aws-sdk/client-lambda" dependency-version: 3.947.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: axios dependency-version: 1.13.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: eciesjs dependency-version: 0.4.16 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: esbuild dependency-version: 0.27.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: files-from-path dependency-version: 1.1.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: ts-node dependency-version: 10.9.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: "@changesets/cli" dependency-version: 2.29.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: "@tsconfig/node16" dependency-version: 16.1.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: "@types/estree" dependency-version: 1.0.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: "@types/lodash" dependency-version: 4.17.21 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: security-updates ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2025-12-22T23:26:05Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot bot force-pushed the dependabot/npm_and_yarn/security-updates-5dc66b7568 branch from 1824f3a to 56cfb31 Compare December 10, 2025 23:10

chore: 🤖 code format

d1f239b

dependabot bot closed this Dec 22, 2025

dependabot bot deleted the dependabot/npm_and_yarn/security-updates-5dc66b7568 branch December 22, 2025 23:26

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the security-updates group across 1 directory with 10 updates#31

chore(deps): bump the security-updates group across 1 directory with 10 updates#31
dependabot[bot] wants to merge 2 commits intomainfrom
dependabot/npm_and_yarn/security-updates-5dc66b7568

dependabot bot commented on behalf of github Dec 8, 2025 •

edited

Loading

Uh oh!

dependabot bot commented on behalf of github Dec 8, 2025

Uh oh!

github-actions bot commented Dec 8, 2025 •

edited

Loading

Uh oh!

dependabot bot commented on behalf of github Dec 22, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot bot commented on behalf of github Dec 8, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v3.947.0

3.947.0(2025-12-08)

Chores

Documentation Changes

New Features

Tests

v3.946.0

3.946.0(2025-12-05)

Chores

Documentation Changes

New Features

3.947.0 (2025-12-08)

3.946.0 (2025-12-05)

3.945.0 (2025-12-04)

Features

3.943.0 (2025-12-02)

Features

3.942.0 (2025-12-01)

Features

3.940.0 (2025-11-25)

Release v1.13.2

Release notes:

Bug Fixes

Performance Improvements

Contributors to this release

Release v1.13.1

Release notes:

Bug Fixes

Contributors to this release

Release v1.13.0

Release notes:

Bug Fixes

Features

Contributors to this release

1.13.2 (2025-11-04)

Bug Fixes

Performance Improvements

Contributors to this release

1.13.1 (2025-10-28)

Bug Fixes

Contributors to this release

1.13.0 (2025-10-27)

Bug Fixes

Features

Contributors to this release

v0.4.16

What's Changed

v0.4.15

What's Changed

v0.4.14

What's Changed

v0.4.13

What's Changed

v0.4.12

0.4.16

0.4.15

0.4.14

0.4.13

0.4.12

0.4.11

0.4.10

0.4.9

0.4.1 ~ 0.4.8

v0.27.1

0.27.1

v1.1.4

1.1.4 (2025-03-25)

Bug Fixes

v1.1.3

1.1.3 (2025-02-12)

Bug Fixes

v1.1.2

1.1.2 (2025-02-11)

Bug Fixes

v1.1.1

1.1.1 (2024-11-15)

Bug Fixes

dependabot bot commented on behalf of github Dec 8, 2025 •

edited

Loading

Fix `tsconfig.json` file not found

github-actions bot commented Dec 8, 2025 •

edited

Loading