chore(deps): bump the security-updates group across 1 directory with 13 updates by dependabot[bot] · Pull Request #60 · alternatefutures/package-cloud-cli

dependabot · 2026-02-10T01:43:12Z

Bumps the security-updates group with 13 updates in the / directory:

Package	From	To
@aws-sdk/client-lambda	`3.906.0`	`3.986.0`
axios	`1.12.2`	`1.13.5`
eciesjs	`0.4.7`	`0.4.17`
esbuild	`0.27.0`	`0.27.3`
files-from-path	`1.0.0`	`1.1.4`
lodash-es	`4.17.21`	`4.17.23`
semver	`7.7.3`	`7.7.4`
ts-node	`10.9.1`	`10.9.2`
@changesets/cli	`2.29.7`	`2.29.8`
@tsconfig/node16	`16.1.5`	`16.1.8`
@types/estree	`1.0.5`	`1.0.8`
@types/lodash	`4.17.20`	`4.17.23`
typescript	`5.7.3`	`5.9.3`

Updates @aws-sdk/client-lambda from 3.906.0 to 3.986.0

Release notes

Sourced from @aws-sdk/client-lambda's releases.

v3.986.0

3.986.0(2026-02-09)

Chores

codegen: smithy-typescript-aws-codegen 0.44.0 (#7719) (1a8de1bf)

Documentation Changes

client-lakeformation: Allow cross account v5 in put data lake settings (e10aebc6)

client-transfer: This release adds a documentation update for MdnResponse of type "ASYNC" (a9087979)

New Features

clients: update client endpoints as of 2026-02-09 (b81f169c)

client-connectcampaignsv2: Add the missing event type for WhatsApp (6b19703e)

client-pcs: Introduces RESUMING state for clusters, compute node groups, and queues. (78ec45d5)

client-eks: Amazon EKS adds a new DescribeUpdate update type, VendedLogsUpdate, to support an integration between EKS Auto Mode and Amazon CloudWatch Vended Logs. (85135c4a)

client-neptunedata: Added edgeOnlyLoad boolean parameter to Neptune bulk load request. When TRUE, files are loaded in order without scanning. When FALSE (default), the loader scans files first, then loads vertex files before edge files automatically. (012843ab)

client-imagebuilder: EC2 Image Builder now supports wildcard patterns in lifecycle policies with recipes and enhances the experience of tag-scoped policies. (f015ab63)

client-ec2: Amazon Secondary Networks is a networking feature that provides high-performance, low-latency connectivity for specialized workloads. (0ba27c28)

Tests

middleware-websocket: improve integ test for websocket (#7718) (e25063ae)

For list of updated packages, view updated-packages.md in assets-3.986.0.zip

v3.985.0

3.985.0(2026-02-06)

Chores

codegen: generate caret versions for aws-sdk dependencies (#7714) (5682d095)

New Features

client-bedrock-data-automation-runtime: Add OutputConfiguration to InvokeDataAutomation input and output to support S3 output (72c126f0)

client-deadline: Adds support for tagging jobs during job creation (444dcec9)

client-sagemaker: Adding g7e instance support in Sagemaker Training (01f57c15)

client-partnercentral-selling: Releasing AWS Opportunity Snapshots for SDK release. (9b27cd2b)

client-iot-managed-integrations: Adding support for Custom(General) Authorization in managed integrations for AWS IoT Device Management cloud connectors. (f683f7b9)

Bug Fixes

core/protocols: nested Error objects in REST XML (#7717) (2c0d671f)

... (truncated)

Changelog

Sourced from @aws-sdk/client-lambda's changelog.

3.986.0 (2026-02-09)

Note: Version bump only for package @aws-sdk/client-lambda

3.985.0 (2026-02-06)

Note: Version bump only for package @aws-sdk/client-lambda

3.984.0 (2026-02-05)

Note: Version bump only for package @aws-sdk/client-lambda

3.983.0 (2026-02-04)

Note: Version bump only for package @aws-sdk/client-lambda

3.982.0 (2026-02-03)

Note: Version bump only for package @aws-sdk/client-lambda

3.981.0 (2026-02-02)

Note: Version bump only for package @aws-sdk/client-lambda

3.980.0 (2026-01-30)

... (truncated)

Commits

a635e84 Publish v3.986.0
e64db5e Publish v3.985.0
5682d09 chore(codegen): generate caret versions for aws-sdk dependencies (#7714)
4272704 Publish v3.984.0
66d159c Publish v3.983.0
179b42c Publish v3.982.0
15514da Publish v3.981.0
0306270 Publish v3.980.0
b951130 chore: use yarn workspace versioning for monorepo packages (#7693)
a1794f7 Publish v3.978.0
Additional commits viewable in compare view

Updates axios from 1.12.2 to 1.13.5

Release notes

Sourced from axios's releases.

v1.13.5

Release 1.13.5

Highlights

Security: Fixed a potential Denial of Service issue involving the __proto__ key in mergeConfig. (PR #7369)

Bug fix: Resolved an issue where AxiosError could be missing the status field on and after v1.13.3. (PR #7368)

Changes

Security

Fix Denial of Service via __proto__ key in mergeConfig. (PR #7369)

Fixes

Fix/5657. (PR #7313)

Ensure status is present in AxiosError on and after v1.13.3. (PR #7368)

Features / Improvements

Add input validation to isAbsoluteURL. (PR #7326)

Refactor: bump minor package versions. (PR #7356)

Documentation

Clarify object-check comment. (PR #7323)

Fix deprecated Buffer constructor usage and README formatting. (PR #7371)

CI / Maintenance

Chore: fix issues with YAML. (PR #7355)

CI: update workflow YAMLs. (PR #7372)

CI: fix run condition. (PR #7373)

Dev deps: bump karma-sourcemap-loader from 0.3.8 to 0.4.0. (PR #7360)

Chore(release): prepare release 1.13.5. (PR #7379)

New Contributors

@sachin11063 (first contribution — PR #7323)

@asmitha-16 (first contribution — PR #7326)

Full Changelog: axios/axios@v1.13.4...v1.13.5

v1.13.4

Overview

The release addresses issues discovered in v1.13.3 and includes significant CI/CD improvements.

Full Changelog: v1.13.3...v1.13.4

What's New in v1.13.4

Bug Fixes

fix: issues with version 1.13.3 (#7352) (ee90dfc)

Fixed issues discovered in v1.13.3 release

... (truncated)

Changelog

Sourced from axios's changelog.

Changelog

1.13.3 (2026-01-20)

Bug Fixes

http2: Use port 443 for HTTPS connections by default. (#7256) (d7e6065)

interceptor: handle the error in the same interceptor (#6269) (5945e40)

main field in package.json should correspond to cjs artifacts (#5756) (7373fbf)

package.json: add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (#5754) (b89217e)

silentJSONParsing=false should throw on invalid JSON (#7253) (#7257) (7d19335)

turn AxiosError into a native error (#5394) (#5558) (1c6a86d)

types: add handlers to AxiosInterceptorManager interface (#5551) (8d1271b)

types: restore AxiosError.cause type from unknown to Error (#7327) (d8233d9)

unclear error message is thrown when specifying an empty proxy authorization (#6314) (6ef867e)

Features

add undefined as a value in AxiosRequestConfig (#5560) (095033c)

add automatic minor and patch upgrades to dependabot (#6053) (65a7584)

add Node.js coverage script using c8 (closes #7289) (#7294) (ec9d94e)

added copilot instructions (3f83143)

compatibility with frozen prototypes (#6265) (860e033)

enhance pipeFileToResponse with error handling (#7169) (88d7884)

types: Intellisense for string literals in a widened union (#6134) (f73474d), closes microsoft/TypeScript#33471

Reverts

Revert "fix: silentJSONParsing=false should throw on invalid JSON (#7253) (#7…" (#7298) (a4230f5), closes #7253 #7 #7298

deps: bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (#7334) (2d6ad5e)

Contributors to this release

Ashvin Tiwari

Nikunj Mochi

Anchal Singh

jasonsaayman

Julian Dax

Akash Dhar Dubey

Madhumita

Tackoil

Justin Dhillon

Rudransh

WuMingDao

codenomnom

Nandan Acharya

Eric Dubé

Tibor Pilz

Gabriel Quaresma

Turadg Aleahmad

... (truncated)

Commits

29f7542 chore(release): prepare release 1.13.5 (#7379)
431c3a3 ci: fix run condition (#7373)
9ff3a78 ci: update ymls (#7372)
265b712 docs: fix deprecated Buffer constructor and formatting issues in README (#7371)
475e75a feat: add input validation to isAbsoluteURL (#7326)
28c7215 fix: Denial of Service via proto Key in mergeConfig (#7369)
04cf019 docs: clarify object check comment (#7323)
696fa75 fix: status is missing in AxiosError on and after v1.13.3 (#7368)
569f028 fix: added a option to choose between legacy and the new request/response int...
44b7c9f chore(deps-dev): bump karma-sourcemap-loader (#7360)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for axios since your current version.

Updates eciesjs from 0.4.7 to 0.4.17

Release notes

Sourced from eciesjs's releases.

v0.4.17

What's Changed

Prepare for ESM by @kigawas in ecies/js#870

Revamp example by @kigawas in ecies/js#873

Refactor config by @kigawas in ecies/js#874

Bump undici from 7.16.0 to 7.18.2 by @dependabot[bot] in ecies/js#877

Bump dependencies by @kigawas in ecies/js#878

Full Changelog: ecies/js@v0.4.16...v0.4.17

v0.4.16

What's Changed

Upgrade biome by @kigawas in ecies/js#850

Add x25519 tests by @kigawas in ecies/js#851

Bump dependencies by @kigawas in ecies/js#855

Mention deno support in README by @kigawas in ecies/js#856

Combine get elliptic curve config in utils by @kigawas in ecies/js#860

Bump dependencies by @kigawas in ecies/js#864

Drop Node 18 by @kigawas in ecies/js#865

Prepare for noble-curves v2 by @kigawas in ecies/js#869

Full Changelog: ecies/js@v0.4.15...v0.4.16

v0.4.15

What's Changed

Update CHANGELOG.md by @kigawas in ecies/js#834

Bump typescript from 5.7.3 to 5.8.2 by @dependabot in ecies/js#835

Bump undici from 7.3.0 to 7.4.0 by @dependabot in ecies/js#837

Bump dependencies by @kigawas in ecies/js#838

Lint code with biome by @kigawas in ecies/js#839

Revamp documentation by @kigawas in ecies/js#840

Configurable curve in keys and utils by @kigawas in ecies/js#843

Bump undici from 7.7.0 to 7.8.0 by @dependabot in ecies/js#845

Bump dependencies by @kigawas in ecies/js#847

Full Changelog: ecies/js@v0.4.14...v0.4.15

v0.4.14

What's Changed

Bump undici from 7.1.1 to 7.2.0 by @dependabot in ecies/js#825

Bump dependencies by @kigawas in ecies/js#826

Add sponsor: dotenvx by @kigawas in ecies/js#827

Bump undici from 7.2.0 to 7.2.3 by @dependabot in ecies/js#828

Bump dependencies by @kigawas in ecies/js#832

Add details by @kigawas in ecies/js#833

... (truncated)

Changelog

Sourced from eciesjs's changelog.

0.4.17

Bump dependencies

Prepare for ESM

0.4.16

Bump dependencies

Drop Node 18 support

Remove deprecated @noble/curves usage

0.4.15

Bump dependencies

Revamp documentation

Make curve configurable in keys and utils via argument

0.4.14

Bump dependencies

Add details

Revamp documentation

0.4.13

Bump dependencies

0.4.12

Add PublicKey.toBytes and deprecate PublicKey.compressed and PublicKey.uncompressed

Save uncompressed public key data for secp256k1

0.4.11

Revamp encapsulate/decapsulate

Revamp symmetric encryption/decryption

Revamp elliptic utils

Add browser tests

0.4.10

Fix commonjs build

0.4.9

Add examples

Update documentation

Migrate to vitest

Export all modules to allow full customization

Introduce @ecies/ciphers as symmetric cipher adapter for different platforms

... (truncated)

Commits

a204284 Bump dependencies (#878)
4f8cf3b Bump undici from 7.16.0 to 7.18.2 (#877)
a028eac Refactor config (#874)
24c99e7 Revamp example (#873)
dd393ee Prepare for ESM (#870)
66c5447 Prepare for noble-curves v2 (#869)
b42acd2 Drop Node 18 (#865)
06aaf7c Bump dependencies (#864)
053d5ab Combine get elliptic curve config in utils (#860)
3142816 Mention deno support in README (#856)
Additional commits viewable in compare view

Updates esbuild from 0.27.0 to 0.27.3

Release notes

Sourced from esbuild's releases.

v0.27.3
Preserve URL fragments in data URLs (#4370)

Consider the following HTML, CSS, and SVG:
index.html:
<!DOCTYPE html>
<html>
  <head><link rel="stylesheet" href="icons.css"></head>
  <body><div class="triangle"></div></body>
</html>
icons.css:
.triangle {
  width: 10px;
  height: 10px;
  background: currentColor;
  clip-path: url(./triangle.svg#x);
}
triangle.svg:
<svg xmlns="http://www.w3.org/2000/svg">
  <defs>
    <clipPath id="x">
      <path d="M0 0H10V10Z"/>
    </clipPath>
  </defs>
</svg>
The CSS uses a URL fragment (the #x) to reference the clipPath element in the SVG file. Previously esbuild's CSS bundler didn't preserve the URL fragment when bundling the SVG using the dataurl loader, which broke the bundled CSS. With this release, esbuild will now preserve the URL fragment in the bundled CSS:
/* icons.css */
.triangle {
  width: 10px;
  height: 10px;
  background: currentColor;
  clip-path: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg"><defs><clipPath id="x"><path d="M0 0H10V10Z"/></clipPath></defs></svg>#x');
}

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.27.3
Preserve URL fragments in data URLs (#4370)

Consider the following HTML, CSS, and SVG:
index.html:
<!DOCTYPE html>
<html>
  <head><link rel="stylesheet" href="icons.css"></head>
  <body><div class="triangle"></div></body>
</html>
icons.css:
.triangle {
  width: 10px;
  height: 10px;
  background: currentColor;
  clip-path: url(./triangle.svg#x);
}
triangle.svg:
<svg xmlns="http://www.w3.org/2000/svg">
  <defs>
    <clipPath id="x">
      <path d="M0 0H10V10Z"/>
    </clipPath>
  </defs>
</svg>
The CSS uses a URL fragment (the #x) to reference the clipPath element in the SVG file. Previously esbuild's CSS bundler didn't preserve the URL fragment when bundling the SVG using the dataurl loader, which broke the bundled CSS. With this release, esbuild will now preserve the URL fragment in the bundled CSS:
/* icons.css */
.triangle {
  width: 10px;
  height: 10px;
  background: currentColor;
  clip-path: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg"><defs><clipPath id="x"><path d="M0 0H10V10Z"/></clipPath></defs></svg>#x');
}

... (truncated)

Commits

9129e00 publish 0.27.3 to npm
e20e411 small fix to release notes
0dc0f2d fix #4322: parse and print CSS @scope rules
55fe391 update firefox css gradient support
2c35297 update gradient lowering transform
9209e44 Update Go to 1.25.7 (#4388)
e8d861b close #4374: compat table for the using feature
19b8887 no longer need williamkapke/node-compat-table
7e44218 the kangax/compat-table repo moved to a new url
23b9338 run make update-compat-table
Additional commits viewable in compare view

Updates files-from-path from 1.0.0 to 1.1.4

Release notes

Sourced from files-from-path's releases.

v1.1.4

1.1.4 (2025-03-25)

Bug Fixes

build (448b532)

v1.1.3

1.1.3 (2025-02-12)

Bug Fixes

github URLs (51f7007)

v1.1.2

1.1.2 (2025-02-11)

Bug Fixes

Add missing types key to package entry point (#41) (b645e00)

v1.1.1

1.1.1 (2024-11-15)

Bug Fixes

docs (ac4fb2d)

v1.1.0

1.1.0 (2024-11-15)

Features

normalise paths for windows file paths (#38) (41bb5c5)

v1.0.4

1.0.4 (2023-12-07)

Bug Fixes

build step cannot be run in dist dir (198359f)

v1.0.3

1.0.3 (2023-11-29)

... (truncated)

Changelog

Sourced from files-from-path's changelog.

1.1.4 (2025-03-25)

Bug Fixes

build (448b532)

1.1.3 (2025-02-12)

Bug Fixes

github URLs (51f7007)

1.1.2 (2025-02-11)

Bug Fixes

Add missing types key to package entry point (#41) (b645e00)

1.1.1 (2024-11-15)

Bug Fixes

docs (ac4fb2d)

1.1.0 (2024-11-15)

Features

normalise paths for windows file paths (#38) (41bb5c5)

1.0.4 (2023-12-07)

Bug Fixes

build step cannot be run in dist dir (198359f)

1.0.3 (2023-11-29)

Bug Fixes

publish from dist (#33) (fea9816)

1.0.2 (2023-11-20)

... (truncated)

Commits

7b7b88f chore(main): release 1.1.4 (#44)
448b532 fix: build
f44ee52 chore(main): release 1.1.3 (#43)
8bec0b4 chore: update nodejs version in CI
647cd4f Merge branch 'main' of github.com:storacha/files-from-path
51f7007 fix: github URLs
9bd3b25 chore(main): release 1.1.2 (#42)
b645e00 fix: Add missing types key to package entry point (#41)
724c917 chore(main): release 1.1.1 (#40)
ac4fb2d fix: docs
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by it-dag-house, a new releaser for files-from-path since your current version.

Updates lodash-es from 4.17.21 to 4.17.23

Commits

dec55b7 Bump main to v4.17.23 (#6088)
19c9251 fix: setCacheHas JSDoc return type should be boolean (#6071)
b5e6729 jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (#6062)
edadd45 Prevent prototype pollution on baseUnset function
4879a7a doc: fix autoLink function, conversion of source links (#6056)
9648f69 chore: remove yarn.lock file (#6053)
dfa407d ci: remove legacy configuration files (#6052)
156e196 feat: add renovate setup (#6039)
933e106 ci: add pipeline for Bun (#6023)
072a807 docs: update links related to Open JS Foundation (#5968)
Additional commits viewable in compare view

Updates semver from 7.7.3 to 7.7.4

Release notes

Sourced from semver's releases.

v7.7.4

7.7.4 (2026-01-16)

Bug Fixes

a29faa5 #835 cli: pass options to semver.valid() for loose version validation (#835) (@mldangelo)

Documentation

1d28d5e #836 fix typos and update -n CLI option documentation (#836) (@mldangelo)

Dependencies

120968b #840 @npmcli/template-oss@4.29.0 (#840)

Chores

44d7130 #824 bump @npmcli/eslint-config from 5.1.0 to 6.0.0 (#824) (@dependabot[bot])

7073576 #820 reorder parameters in invalid-versions.js test (#820) (@reggi)

5816d4c #829 bump @npmcli/template-oss from 4.28.0 to 4.28.1 (#829) (@dependabot[bot], @npm-cli-bot)

Changelog

Sourced from semver's changelog.

7.7.4 (2026-01-16)

Bug Fixes

a29faa5 #835 cli: pass options to semver.valid() for loose version validation (#835) (@mldangelo)

Documentation

1d28d5e #836 fix typos and update -n CLI option documentation (#836) (@mldangelo)

Dependencies

120968b #840 @npmcli/template-oss@4.29.0 (#840)

Chores

44d7130 #824 bump @npmcli/eslint-config from 5.1.0 to 6.0.0 (#824) (@dependabot[bot])

7073576 #820 reorder parameters in invalid-versions.js test (#820) (@reggi)

5816d4c #829 bump @npmcli/template-oss from 4.28.0 to 4.28.1 (#829) (@dependabot[bot], @npm-cli-bot)

Commits

5993c2e chore: release 7.7.4 (#839)
120968b deps: @npmcli/template-oss@4.29.0 (#840)
a29faa5 fix(cli): pass options to semver.valid() for loose version validation (#835)
1d28d5e docs: fix typos and update -n CLI option documentation (#836)
5816d4c chore: bump @npmcli/template-oss from 4.28.0 to 4.28.1 (#829)
ab9e28a chore: bump @npmcli/template-oss from 4.27.1 to 4.28.0 (#827)
44d7130 chore: bump @npmcli/eslint-config from 5.1.0 to 6.0.0 (#824)
7073576 chore: reorder parameters in invalid-versions.js test (#820)
16a35f5 chore: bump @npmcli/template-oss from 4.26.0 to 4.27.1 (#823)
3a3459d chore: bump @npmcli/template-oss from 4.25.1 to 4.26.0 (#818)
See full diff in compare view

Updates ts-node from 10.9.1 to 10.9.2

Release notes

Sourced from ts-node's releases.

Fix tsconfig.json file not found

Fixed

Fixed tsconfig.json file not found on latest TypeScript version (TypeStrong/ts-node#2091)

Commits

057ac1b 10.9.2
c8805d5 Update package lock
99862f7 Bump swc dependency
cdc4e88 Ignore test files in build schema
08cdfb0 Backport swc fixes on main
9639daa Ignore test files in build
cc1a503 Fix tsconfig.json not found with TS >= 5.3 (#2091)
See full diff in compare view

Updates @changesets/cli from 2.29.7 to 2.29.8

Commits

See full diff in compare view

Updates @tsconfig/node16 from 16.1.5 to 16.1.8

Commits

See full diff in compare view

Updates @types/estree from 1.0.5 to 1.0.8

Commits

See full diff in compare view

Updates @types/lodash from 4.17.20 to 4.17.23

Commits

See full diff in compare view

Updates typescript from 5.7.3 to 5.9.3

Release notes

Sourced from typescript's releases.

TypeScript 5.9.3

Note: this tag was recreated to point at the correct commit. The npm package contained the correct content.

For release notes, check out the release announcement

fixed issues query for Typescript 5.9.0 (Beta).

fixed issues query for Typescript 5.9.1 (RC).

No specific changes for TypeScript 5.9.2 (Stable)

fixed issues query for Typescript 5.9.3 (Stable).

Downloads are available on:

npm

TypeScript 5.9

Note: this tag was recreated to point at the correct commit. The npm package contained the correct content.

For release notes, check out the release announcement

fixed issues query for Typescript 5.9.0 (Beta).

fixed issues query for Typescript 5.9.1 (RC).

No specific changes for TypeScript 5.9.2 (Stable)

Downloads are available on:

npm

TypeScript 5.9 RC

Note: this tag was recreated to point at the correct commit. The npm package contained the correct content.

For release notes, check out the release announcement

…13 updates Bumps the security-updates group with 13 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@aws-sdk/client-lambda](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-lambda) | `3.906.0` | `3.986.0` | | [axios](https://github.com/axios/axios) | `1.12.2` | `1.13.5` | | [eciesjs](https://github.com/ecies/js) | `0.4.7` | `0.4.17` | | [esbuild](https://github.com/evanw/esbuild) | `0.27.0` | `0.27.3` | | [files-from-path](https://github.com/storacha/files-from-path) | `1.0.0` | `1.1.4` | | [lodash-es](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` | | [semver](https://github.com/npm/node-semver) | `7.7.3` | `7.7.4` | | [ts-node](https://github.com/TypeStrong/ts-node) | `10.9.1` | `10.9.2` | | [@changesets/cli](https://github.com/changesets/changesets) | `2.29.7` | `2.29.8` | | [@tsconfig/node16](https://github.com/tsconfig/bases/tree/HEAD/bases) | `16.1.5` | `16.1.8` | | [@types/estree](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/estree) | `1.0.5` | `1.0.8` | | [@types/lodash](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/lodash) | `4.17.20` | `4.17.23` | | [typescript](https://github.com/microsoft/TypeScript) | `5.7.3` | `5.9.3` | Updates `@aws-sdk/client-lambda` from 3.906.0 to 3.986.0 - [Release notes](https://github.com/aws/aws-sdk-js-v3/releases) - [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-lambda/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.986.0/clients/client-lambda) Updates `axios` from 1.12.2 to 1.13.5 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.12.2...v1.13.5) Updates `eciesjs` from 0.4.7 to 0.4.17 - [Release notes](https://github.com/ecies/js/releases) - [Changelog](https://github.com/ecies/js/blob/master/CHANGELOG.md) - [Commits](ecies/js@v0.4.7...v0.4.17) Updates `esbuild` from 0.27.0 to 0.27.3 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md) - [Commits](evanw/esbuild@v0.27.0...v0.27.3) Updates `files-from-path` from 1.0.0 to 1.1.4 - [Release notes](https://github.com/storacha/files-from-path/releases) - [Changelog](https://github.com/storacha/files-from-path/blob/main/CHANGELOG.md) - [Commits](storacha/files-from-path@v1.0.0...v1.1.4) Updates `lodash-es` from 4.17.21 to 4.17.23 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) Updates `semver` from 7.7.3 to 7.7.4 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.7.3...v7.7.4) Updates `ts-node` from 10.9.1 to 10.9.2 - [Release notes](https://github.com/TypeStrong/ts-node/releases) - [Changelog](https://github.com/TypeStrong/ts-node/blob/main/development-docs/release-template.md) - [Commits](TypeStrong/ts-node@v10.9.1...v10.9.2) Updates `@changesets/cli` from 2.29.7 to 2.29.8 - [Release notes](https://github.com/changesets/changesets/releases) - [Commits](https://github.com/changesets/changesets/commits) Updates `@tsconfig/node16` from 16.1.5 to 16.1.8 - [Commits](https://github.com/tsconfig/bases/commits/HEAD/bases) Updates `@types/estree` from 1.0.5 to 1.0.8 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/estree) Updates `@types/lodash` from 4.17.20 to 4.17.23 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/lodash) Updates `typescript` from 5.7.3 to 5.9.3 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Commits](microsoft/TypeScript@v5.7.3...v5.9.3) --- updated-dependencies: - dependency-name: "@aws-sdk/client-lambda" dependency-version: 3.986.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: axios dependency-version: 1.13.5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: eciesjs dependency-version: 0.4.17 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: esbuild dependency-version: 0.27.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: files-from-path dependency-version: 1.1.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security-updates - dependency-name: lodash-es dependency-version: 4.17.23 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: semver dependency-version: 7.7.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: ts-node dependency-version: 10.9.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: "@changesets/cli" dependency-version: 2.29.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: "@tsconfig/node16" dependency-version: 16.1.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: "@types/estree" dependency-version: 1.0.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: "@types/lodash" dependency-version: 4.17.23 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: security-updates - dependency-name: typescript dependency-version: 5.9.3 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: security-updates ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-02-10T01:43:13Z

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

github-actions · 2026-02-10T01:43:49Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

dependabot bot added the security label Feb 10, 2026

dependabot bot mentioned this pull request Feb 10, 2026

chore(deps-dev): bump typescript from 4.9.3 to 5.9.3 #26

Closed

chore: 🤖 code format

af2c55c

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the security-updates group across 1 directory with 13 updates#60

chore(deps): bump the security-updates group across 1 directory with 13 updates#60
dependabot[bot] wants to merge 2 commits intomainfrom
dependabot/npm_and_yarn/security-updates-d431da42f1

dependabot bot commented on behalf of github Feb 10, 2026

Uh oh!

dependabot bot commented on behalf of github Feb 10, 2026

Uh oh!

github-actions bot commented Feb 10, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot bot commented on behalf of github Feb 10, 2026

v3.986.0

3.986.0(2026-02-09)

Chores

Documentation Changes

New Features

Tests

v3.985.0

3.985.0(2026-02-06)

Chores

New Features

Bug Fixes

3.986.0 (2026-02-09)

3.985.0 (2026-02-06)

3.984.0 (2026-02-05)

3.983.0 (2026-02-04)

3.982.0 (2026-02-03)

3.981.0 (2026-02-02)

3.980.0 (2026-01-30)

v1.13.5

Release 1.13.5

Highlights

Changes

Security

Fixes

Features / Improvements

Documentation

CI / Maintenance

New Contributors

v1.13.4

Overview

What's New in v1.13.4

Bug Fixes

Changelog

1.13.3 (2026-01-20)

Bug Fixes

Features

Reverts

Contributors to this release

v0.4.17

What's Changed

v0.4.16

What's Changed

v0.4.15

What's Changed

v0.4.14

What's Changed

0.4.17

0.4.16

0.4.15

0.4.14

0.4.13

0.4.12

0.4.11

0.4.10

0.4.9

v0.27.3

0.27.3

v1.1.4

1.1.4 (2025-03-25)

Bug Fixes

v1.1.3

1.1.3 (2025-02-12)

Bug Fixes

v1.1.2

1.1.2 (2025-02-11)

Bug Fixes

v1.1.1

1.1.1 (2024-11-15)

Bug Fixes

v1.1.0

1.1.0 (2024-11-15)

Features

v1.0.4

1.0.4 (2023-12-07)

Bug Fixes

v1.0.3

1.0.3 (2023-11-29)

1.1.4 (2025-03-25)

Fix `tsconfig.json` file not found