chore(deps): bump the production-dependencies group across 1 directory with 6 updates by dependabot[bot] · Pull Request #134 · madhavcodez/SoundScoreV0.1

dependabot · 2026-03-25T12:27:28Z

Bumps the production-dependencies group with 6 updates in the / directory:

Package	From	To
@fastify/cors	`10.1.0`	`11.2.0`
bcryptjs	`2.4.3`	`3.0.3`
dotenv	`16.6.1`	`17.3.1`
fastify	`5.8.2`	`5.8.4`
ioredis	`5.10.0`	`5.10.1`
zod	`3.25.76`	`4.3.6`

Updates @fastify/cors from 10.1.0 to 11.2.0

Release notes

Sourced from @fastify/cors's releases.

v11.2.0

What's Changed

chore(deps-dev): bump typescript from 5.8.3 to 5.9.2 by @dependabot[bot] in fastify/fastify-cors#379

Update README.md by @msbahal in fastify/fastify-cors#382

chore(deps-dev): bump tsd from 0.32.0 to 0.33.0 by @dependabot[bot] in fastify/fastify-cors#385

chore(.npmrc): ignore scripts by @Fdawgs in fastify/fastify-cors#386

build(deps-dev): remove @fastify/pre-commit by @Fdawgs in fastify/fastify-cors#387

ci(ci): add concurrency config by @Fdawgs in fastify/fastify-cors#388

feat: support route-level CORS configuration by @vimutti77 in fastify/fastify-cors#384

New Contributors

@msbahal made their first contribution in fastify/fastify-cors#382

@vimutti77 made their first contribution in fastify/fastify-cors#384

Full Changelog: fastify/fastify-cors@v11.1.0...v11.2.0

v11.1.0

What's Changed

docs(readme): update version by @udhayakumarcp in fastify/fastify-cors#367

docs(readme): update plugin version syntax by @Fdawgs in fastify/fastify-cors#369

ci: set permissions at workflow level by @Fdawgs in fastify/fastify-cors#371

ci: restore job level permissions by @Fdawgs in fastify/fastify-cors#372

chore(deps-dev): bump tsd from 0.31.2 to 0.32.0 by @dependabot[bot] in fastify/fastify-cors#373

chore(license): update date ranges; standardise style by @Fdawgs in fastify/fastify-cors#376

chore(deps-dev): bump @types/node from 22.15.34 to 24.0.8 by @dependabot[bot] in fastify/fastify-cors#377

docs(readme): correct default value for preflight option by @inyourtime in fastify/fastify-cors#378

Feat/preflight add logLevel option to silence CORS preflight logs by @gulbaki in fastify/fastify-cors#375

New Contributors

@udhayakumarcp made their first contribution in fastify/fastify-cors#367

@inyourtime made their first contribution in fastify/fastify-cors#378

@gulbaki made their first contribution in fastify/fastify-cors#375

Full Changelog: fastify/fastify-cors@v11.0.1...v11.1.0

v11.0.1

What's Changed

chore(deps-dev): bump typescript from 5.7.3 to 5.8.2 by @dependabot in fastify/fastify-cors#362

chore(deps): bump mnemonist from 0.40.0 to 0.40.3 by @dependabot in fastify/fastify-cors#363

docs(readme): update methods defaults by @victorbalssa in fastify/fastify-cors#364

ci(ci): set job permissions by @Fdawgs in fastify/fastify-cors#365

build(deps): replace mnemonist with toad-cache by @Fdawgs in fastify/fastify-cors#366

New Contributors

@victorbalssa made their first contribution in fastify/fastify-cors#364

Full Changelog: fastify/fastify-cors@v11.0.0...v11.0.1

v11.0.0

Breaking Change

... (truncated)

Commits

db4ceb6 v11.2.0
aeb6a48 feat: support route-level CORS configuration (#384)
561480b ci(ci): add concurrency config (#388)
708f3a3 build(deps-dev): remove @fastify/pre-commit (#387)
7a478c0 chore(.npmrc): ignore scripts (#386)
3502123 chore(deps-dev): bump tsd from 0.32.0 to 0.33.0 (#385)
4c03abe fix(docs): config set (#382)
2e5f646 chore(deps-dev): bump typescript from 5.8.3 to 5.9.2 (#379)
de3cdbd Bumped 11.1.0
c16aeae Merge branch 'main' of github.com:fastify/fastify-cors
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by gurgunday, a new releaser for @fastify/cors since your current version.

Updates bcryptjs from 2.4.3 to 3.0.3

Release notes

Sourced from bcryptjs's releases.

v3.0.3

Bug fixes

Always yield to event loop before nextTick for async versions (#164) (1211e9a2213e0b3ee232a204b3ce899beebce31a)

v3.0.2

Bug fixes

Use upstream fix to emit interop helpers (28e510389374f5736c447395443d4a6687325048)

v3.0.1

Bug fixes

Separate ESM and UMD type definitions (e7055caf0c723cbcf8bc3f0784b8c30ee332380f)

v3.0.0

Breaking changes

Modernize project structure (2f45985738604c743c4b8cc8464e3e7d3e04c73d) The project now exports an ECMAScript module by default, albeit with an UMD fallback, ships with types, the dist/ directory no longer exists in version control, and Closure Compiler externs have been removed.

Generate 2b hashes by default (d36bfb42fa642b6d6986a84ce106a7110e5824db) This library was not affected by the bug that led to incrementing the bcrypt version from 2a to 2b, but nowadays most implementations use 2b, including the native bcrypt binding, so this change aligns with them. Existing hashes will continue to work, but test logic that generates hashes and compares them literally might need to be updated to account for the new default.

Features

Add helper to check for password input length (d5656b39e2e368c87724a312e4e454456a4e5d1b)

Other

Update publish workflow (2a9bea9e276e6be04dbd403f9695937788b3b10a)

Add note on using the ESM variant in the browser (e09eb9afb14170069aaea19631b763307ee7b480)

Update types (58333a1533dd53838e2697628f84b98d54a5c079)

Merge lint and test workflows (2e3b17659e8856696acfe3015631ce2989eb3084)

Fix tests (ec02e8a0ada7a8f6c71a91df164db8c25bbbb7b4)

Update legacy fallback to handle crypto dependency (9db275fa10b1b40da4a6844480d7f8ae8df27fb8)

Update lint workflow title (ac70ac57c2f99ad5639eddf54578e5fdd07b9c4c)

Adapt crypto module usage for ESM environments (574d690d4972bcebbd5ca07880a62abab9ae3c0b)

Format with prettier (e7465479282d8155852ce88d6407eccb14adc106)

Rename default branch to 'main' (548559d032d7dd5ac3e4e16d7afd87b36ebe96ca)

Update description to mention TypeScript support (4977df0849eaf8cad5b0d0b543fe452432a2d761)

Add stale action for issues and PRs (a84d4e45487df0972d8781feafa477d5db4c1dbd)

Fix typo (c8c9c01799bbc13092fcbb20cfab4d9015d14c61)

Fix Node.js version in CI (1b54cc48d4120b50e1d9058e5a67f326102fd744)

Backlog from v2

Added externs to .npmignore (#124) (7e2e93af99df2952253f9cf32db29aefa8f272f7) The npm package does not need externs as it is needed only for closure compiler. Added it in .npmignore since bcryptjs overrides global module and process in WebStorm IDE.

Make sure the bin script uses LF (684fac6814a81d974c805a15e22fd69922c7ca6e)

Post-merge; Clean up a bit (b09f7f266a7015456b7b36deeb026dc636f64542)

... (truncated)

Commits

1211e9a fix: Always yield to event loop before nextTick for async versions (#164)
28e5103 fix: Use upstream fix to emit interop helpers
e7055ca fix: Separate ESM and UMD type definitions
2a9bea9 Update publish workflow
d5656b3 Add helper to check for password input length
e09eb9a Add note on using the ESM variant in the browser
58333a1 Update types
2e3b176 Merge lint and test workflows
ec02e8a Fix tests
9db275f Update legacy fallback to handle crypto dependency
Additional commits viewable in compare view

Updates dotenv from 16.6.1 to 17.3.1

Changelog

Sourced from dotenv's changelog.

17.3.1 (2026-02-12)

Changed

Fix as2 example command in README and update spanish README

17.3.0 (2026-02-12)

Added

Add a new README section on dotenv’s approach to the agentic future.

Changed

Rewrite README to get humans started more quickly with less noise while simultaneously making more accessible for llms and agents to go deeper into details.

17.2.4 (2026-02-05)

Changed

Make DotenvPopulateInput accept NodeJS.ProcessEnv type (#915)

Give back to dotenv by checking out my newest project vestauth. It is auth for agents. Thank you for using my software.

17.2.3 (2025-09-29)

Changed

Fixed typescript error definition (#912)

17.2.2 (2025-09-02)

Added

🙏 A big thank you to new sponsor Tuple.app - the premier screen sharing app for developers on macOS and Windows. Go check them out. It's wonderful and generous of them to give back to open source by sponsoring dotenv. Give them some love back.

17.2.1 (2025-07-24)

Changed

Fix clickable tip links by removing parentheses (#897)

17.2.0 (2025-07-09)

Added

Optionally specify DOTENV_CONFIG_QUIET=true in your environment or .env file to quiet the runtime log (#889)

Just like dotenv any DOTENV_CONFIG_ environment variables take precedence over any code set options like ({quiet: false})
# .env
</tr></table> 

... (truncated)

Commits

7bc16a4 17.3.1
27303fd update README-es
6379eb2 update README
b6d7339 fix spelling
5febe35 17.3.0
f61f383 changelog 🪵
dec94ad update README
4856950 update README
6351887 update README
23bd017 update README
Additional commits viewable in compare view

Updates fastify from 5.8.2 to 5.8.4

Release notes

Sourced from fastify's releases.

v5.8.4

Full Changelog: fastify/fastify@v5.8.3...v5.8.4

v5.8.3

⚠️ Security Release

This fixes CVE CVE-2026-3635 GHSA-444r-cwp2-x5xf.

What's Changed

docs(readme): add @Tony133 to plugin team by @Tony133 in fastify/fastify#6565

Updated Plugins-Guide.md; Changed "fastify" to "instance" during plugin registration to showcase that it's added as a child by @kyrylchenko in fastify/fastify#6566

test: use fastify.test in test case by @climba03003 in fastify/fastify#6568

docs: use fastify.example in documentation by @climba03003 in fastify/fastify#6567

docs: add common performance degradation guidance by @maxpetrusenko in fastify/fastify#6520

docs(server): fix camelCase anchor links in TOC by @Deepvamja in fastify/fastify#6530

ci(link-checker): fix root-relative links resolution by @barba-rossa in fastify/fastify#6535

docs: update syntax markdown, absolute paths and links by @Tony133 in fastify/fastify#6569

docs: clarify content-type parser/schema mismatch is outside threat model by @mcollina in fastify/fastify#6537

docs: fix incorrect code examples in Reply and Request reference by @mahmoodhamdi in fastify/fastify#6582

docs: replace redirected npm.im http-errors link by @mcollina in fastify/fastify#6588

types: Allow port to be null in request type definition by @TristanBarlow in fastify/fastify#6589

docs: update links by @Tony133 in fastify/fastify#6593

ci(lock-threads): use shared lock-threads workflow by @Fdawgs in fastify/fastify#6592

New Contributors

@kyrylchenko made their first contribution in fastify/fastify#6566

@maxpetrusenko made their first contribution in fastify/fastify#6520

@Deepvamja made their first contribution in fastify/fastify#6530

@barba-rossa made their first contribution in fastify/fastify#6535

@mahmoodhamdi made their first contribution in fastify/fastify#6582

@TristanBarlow made their first contribution in fastify/fastify#6589

Full Changelog: fastify/fastify@v5.8.2...v5.8.3

Commits

af92d0d Bumped v5.8.4
a3e77ce Bumped v5.8.3
4e1db5b fix: gate host and protocol getters on proxy trust function
a22217f ci(lock-threads): use shared lock-threads workflow (#6592)
1851f20 docs: update links (#6593)
9cc5187 types: Allow port to be null in request type definition (#6589)
722d83b docs: replace redirected npm.im http-errors link (#6588)
a1413de docs: fix incorrect code examples in Reply and Request reference (#6582)
d7f01b6 docs: clarify content-type parser/schema mismatch is outside threat model (#6...
a0649e9 docs: update syntax markdown, absolute paths and links (#6569)
Additional commits viewable in compare view

Updates ioredis from 5.10.0 to 5.10.1

Release notes

Sourced from ioredis's releases.

v5.10.1

5.10.1 (2026-03-19)

Bug Fixes

cluster: lazily start sharded subscribers (#2090) (4f167bb)

Changelog

Sourced from ioredis's changelog.

5.10.1 (2026-03-19)

Bug Fixes

cluster: lazily start sharded subscribers (#2090) (4f167bb)

Commits

9e26f8b chore(release): 5.10.1 [skip ci]
4f167bb fix(cluster): lazily start sharded subscribers (#2090)
See full diff in compare view

Updates zod from 3.25.76 to 4.3.6

Release notes

Sourced from zod's releases.

v4.3.6

Commits:

9977fb0868432461de265a773319e80a90ba3e37 Add brand.dev to sponsors

f4b7bae3468f6188b8f004e007d722148fc91d77 Update pullfrog.yml (#5634)

251d7163a0ac7740fee741428d913e3c55702ace Clean up workflow_call

edd4132466da0f5065a8e051b599d01fdd1081d8 fix: add missing User-agent to robots.txt and allow all (#5646)

85db85e9091d0706910d60c7eb2e9c181edd87bd fix: typo in codec.test.ts file (#5628)

cbf77bb12bdfda2e054818e79001f5cb3798ce76 Avoid non null assertion (#5638)

dfbbf1c1ae0c224b8131d80ddf0a264262144086 Avoid re-exported star modules (#5656)

762e911e5773f949452fd6dd4e360f2362110e8e Generalize numeric key handling

ca3c8629c0c2715571f70b44c2433cad3db7fe4e v4.3.6

v4.3.5

Commits:

21afffdb42ccab554036312e33fed0ea3cb8f982 [Docs] Update migration guide docs for deprecation of message (#5595)

e36743e513aadb307b29949a80d6eb0dcc8fc278 Improve mini treeshaking

0cdc0b8597999fd9ca99767b912c1e82c1ff2d6c 4.3.5

v4.3.4

Commits:

1a8bea3b474eada6f219c163d0d3ad09fadabe72 Add integration tests

e01cd02b2f23d7e9078d3813830b146f8a2258b4 Support patternProperties for looserecord (#5592)

089e5fbb0f58ce96d2c4fb34cd91724c78df4af5 Improve looseRecord docs

decef9c418d9a598c3f1bada06891ba5d922c5cd Fix lint

9443aab00d44d5d5f4a7eada65fc0fc851781042 Drop iso time in fromJSONSchema

66bda7491a1b9eab83bdeec0c12f4efc7290bd48 Remove .refine() from ZodMiniType

b4ab94ca608cd5b581bfc12b20dd8d95b35b3009 4.3.4

v4.3.3

Commits:

f3b2151959d215d405f54dff3c7ab3bf1fd887ca v4.3.3

v4.3.2

Commits:

bf96635d243118de6e4f260077aa137453790bf6 Loosen strictObjectinside intersection (#5587)

f71dc0182ab0f0f9a6be6295b07faca269e10179 Remove Juno (#5590)

0f41e5a12a43e6913c9dcb501b2b5136ea86500d 4.3.2

v4.3.1

Commits:

0fe88407a4149c907929b757dc6618d8afe998fc allow non-overwriting extends with refinements. 4.3.1

v4.3.0

This is Zod's biggest release since 4.0. It addresses several of Zod's longest-standing feature requests.

... (truncated)

Commits

ca3c862 v4.3.6
762e911 Generalize numeric key handling
dfbbf1c Avoid re-exported star modules (#5656)
cbf77bb Avoid non null assertion (#5638)
85db85e fix: typo in codec.test.ts file (#5628)
edd4132 fix: add missing User-agent to robots.txt and allow all (#5646)
251d716 Clean up workflow_call
f4b7bae Update pullfrog.yml (#5634)
9977fb0 Add brand.dev to sponsors
0cdc0b8 4.3.5
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…y with 6 updates Bumps the production-dependencies group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@fastify/cors](https://github.com/fastify/fastify-cors) | `10.1.0` | `11.2.0` | | [bcryptjs](https://github.com/dcodeIO/bcrypt.js) | `2.4.3` | `3.0.3` | | [dotenv](https://github.com/motdotla/dotenv) | `16.6.1` | `17.3.1` | | [fastify](https://github.com/fastify/fastify) | `5.8.2` | `5.8.4` | | [ioredis](https://github.com/luin/ioredis) | `5.10.0` | `5.10.1` | | [zod](https://github.com/colinhacks/zod) | `3.25.76` | `4.3.6` | Updates `@fastify/cors` from 10.1.0 to 11.2.0 - [Release notes](https://github.com/fastify/fastify-cors/releases) - [Commits](fastify/fastify-cors@v10.1.0...v11.2.0) Updates `bcryptjs` from 2.4.3 to 3.0.3 - [Release notes](https://github.com/dcodeIO/bcrypt.js/releases) - [Commits](dcodeIO/bcrypt.js@2.4.3...v3.0.3) Updates `dotenv` from 16.6.1 to 17.3.1 - [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md) - [Commits](motdotla/dotenv@v16.6.1...v17.3.1) Updates `fastify` from 5.8.2 to 5.8.4 - [Release notes](https://github.com/fastify/fastify/releases) - [Commits](fastify/fastify@v5.8.2...v5.8.4) Updates `ioredis` from 5.10.0 to 5.10.1 - [Release notes](https://github.com/luin/ioredis/releases) - [Changelog](https://github.com/redis/ioredis/blob/main/CHANGELOG.md) - [Commits](redis/ioredis@v5.10.0...v5.10.1) Updates `zod` from 3.25.76 to 4.3.6 - [Release notes](https://github.com/colinhacks/zod/releases) - [Commits](colinhacks/zod@v3.25.76...v4.3.6) --- updated-dependencies: - dependency-name: "@fastify/cors" dependency-version: 11.2.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: bcryptjs dependency-version: 3.0.3 dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: dotenv dependency-version: 17.3.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: fastify dependency-version: 5.8.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: ioredis dependency-version: 5.10.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: zod dependency-version: 4.3.6 dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 25, 2026

github-project-automation bot added this to Soundscore Mar 25, 2026

github-project-automation bot moved this to Todo in Soundscore Mar 25, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the production-dependencies group across 1 directory with 6 updates#134

chore(deps): bump the production-dependencies group across 1 directory with 6 updates#134
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/production-dependencies-a5196f22fe

dependabot bot commented on behalf of github Mar 25, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Mar 25, 2026

v11.2.0

What's Changed

New Contributors

v11.1.0

What's Changed

New Contributors

v11.0.1

What's Changed

New Contributors

v11.0.0

Breaking Change

v3.0.3

Bug fixes

v3.0.2

Bug fixes

v3.0.1

Bug fixes

v3.0.0

Breaking changes

Features

Other

Backlog from v2

17.3.1 (2026-02-12)

Changed

17.3.0 (2026-02-12)

Added

Changed

17.2.4 (2026-02-05)

Changed

17.2.3 (2025-09-29)

Changed

17.2.2 (2025-09-02)

Added

17.2.1 (2025-07-24)

Changed

17.2.0 (2025-07-09)

Added

v5.8.4

v5.8.3

⚠️ Security Release

What's Changed

New Contributors

v5.10.1

5.10.1 (2026-03-19)

Bug Fixes

5.10.1 (2026-03-19)

Bug Fixes

v4.3.6

Commits:

v4.3.5

Commits:

v4.3.4

Commits:

v4.3.3

Commits:

v4.3.2

Commits:

v4.3.1

Commits:

v4.3.0

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants