Skip to content

Bump the npm_and_yarn group across 2 directories with 15 updates#2

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/backend/npm_and_yarn-2aae270692
Open

Bump the npm_and_yarn group across 2 directories with 15 updates#2
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/backend/npm_and_yarn-2aae270692

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Feb 19, 2026

Copy link
Copy Markdown

Bumps the npm_and_yarn group with 7 updates in the /backend directory:

Package From To
axios 1.7.9 1.13.5
cloudinary 2.5.1 2.7.0
mongoose 8.9.0 8.9.5
multer 1.4.5-lts.1 2.0.2
form-data 3.0.2 3.0.4
lodash 4.17.21 4.17.23
qs 6.13.0 6.14.2

Bumps the npm_and_yarn group with 9 updates in the /frontend directory:

Package From To
axios 1.7.9 1.13.5
lodash 4.17.21 4.17.23
vite 5.4.11 5.4.21
vite 6.0.3 6.4.1
@babel/runtime 7.26.0 7.28.6
brace-expansion 1.1.11 1.1.12
esbuild 0.21.5 0.27.3
js-yaml 4.1.0 4.1.1
phin 2.9.3 removed
react-router 6.28.0 6.30.3

Updates axios from 1.7.9 to 1.13.5

Release notes

Sourced from axios's releases.

v1.13.5

Release 1.13.5

Highlights

  • Security: Fixed a potential Denial of Service issue involving the __proto__ key in mergeConfig. (PR #7369)
  • Bug fix: Resolved an issue where AxiosError could be missing the status field on and after v1.13.3. (PR #7368)

Changes

Security

  • Fix Denial of Service via __proto__ key in mergeConfig. (PR #7369)

Fixes

  • Fix/5657. (PR #7313)
  • Ensure status is present in AxiosError on and after v1.13.3. (PR #7368)

Features / Improvements

  • Add input validation to isAbsoluteURL. (PR #7326)
  • Refactor: bump minor package versions. (PR #7356)

Documentation

  • Clarify object-check comment. (PR #7323)
  • Fix deprecated Buffer constructor usage and README formatting. (PR #7371)

CI / Maintenance

  • Chore: fix issues with YAML. (PR #7355)
  • CI: update workflow YAMLs. (PR #7372)
  • CI: fix run condition. (PR #7373)
  • Dev deps: bump karma-sourcemap-loader from 0.3.8 to 0.4.0. (PR #7360)
  • Chore(release): prepare release 1.13.5. (PR #7379)

New Contributors

Full Changelog: axios/axios@v1.13.4...v1.13.5

v1.13.4

Overview

The release addresses issues discovered in v1.13.3 and includes significant CI/CD improvements.

Full Changelog: v1.13.3...v1.13.4

What's New in v1.13.4

Bug Fixes

  • fix: issues with version 1.13.3 (#7352) (ee90dfc)
    • Fixed issues discovered in v1.13.3 release

... (truncated)

Changelog

Sourced from axios's changelog.

Changelog

1.13.3 (2026-01-20)

Bug Fixes

  • http2: Use port 443 for HTTPS connections by default. (#7256) (d7e6065)
  • interceptor: handle the error in the same interceptor (#6269) (5945e40)
  • main field in package.json should correspond to cjs artifacts (#5756) (7373fbf)
  • package.json: add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (#5754) (b89217e)
  • silentJSONParsing=false should throw on invalid JSON (#7253) (#7257) (7d19335)
  • turn AxiosError into a native error (#5394) (#5558) (1c6a86d)
  • types: add handlers to AxiosInterceptorManager interface (#5551) (8d1271b)
  • types: restore AxiosError.cause type from unknown to Error (#7327) (d8233d9)
  • unclear error message is thrown when specifying an empty proxy authorization (#6314) (6ef867e)

Features

Reverts

  • Revert "fix: silentJSONParsing=false should throw on invalid JSON (#7253) (#7…" (#7298) (a4230f5), closes #7253 #7 #7298
  • deps: bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (#7334) (2d6ad5e)

Contributors to this release

... (truncated)

Commits
  • 29f7542 chore(release): prepare release 1.13.5 (#7379)
  • 431c3a3 ci: fix run condition (#7373)
  • 9ff3a78 ci: update ymls (#7372)
  • 265b712 docs: fix deprecated Buffer constructor and formatting issues in README (#7371)
  • 475e75a feat: add input validation to isAbsoluteURL (#7326)
  • 28c7215 fix: Denial of Service via proto Key in mergeConfig (#7369)
  • 04cf019 docs: clarify object check comment (#7323)
  • 696fa75 fix: status is missing in AxiosError on and after v1.13.3 (#7368)
  • 569f028 fix: added a option to choose between legacy and the new request/response int...
  • 44b7c9f chore(deps-dev): bump karma-sourcemap-loader (#7360)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for axios since your current version.


Updates cloudinary from 2.5.1 to 2.7.0

Release notes

Sourced from cloudinary's releases.

Version 2.7.0

  • fix: prevent parameter injection via ampersand in parameter values (#709)

Version 2.6.1

No release notes provided.

Version 2.6.1-rc.1

  • fix: uploader interface

Version 2.6.0

  • chore: bumped jsdoc
  • fix: defaults for related asset methods and proper content_type
  • chore: Updated Sample Projects (#698)
  • fix: metadata field datasource type (#693)
  • feat: Add support for DELETE /resources/backup/:asset_id (#700)
  • chore: dev dependencies cleanup
  • chore: new node version support in CI
Changelog

Sourced from cloudinary's changelog.

2.7.0 / 2025-06-18

  • fix: prevent parameter injection via ampersand in parameter values (#709)

2.6.1 / 2025-05-05

2.6.1-rc.1 / 2025-05-05

  • fix: uploader interface

2.6.0 / 2025-03-11

  • chore: bumped jsdoc
  • fix: defaults for related asset methods and proper content_type
  • chore: Updated Sample Projects (#698)
  • fix: metadata field datasource type (#693)
  • feat: Add support for DELETE /resources/backup/:asset_id (#700)
  • chore: dev dependencies cleanup
  • chore: new node version support in CI
Commits

Updates mongoose from 8.9.0 to 8.9.5

Release notes

Sourced from mongoose's releases.

8.9.5 / 2025-01-13

  • fix: disallow nested $where in populate match
  • fix(schema): handle bitwise operators on Int32 #15176 #15170

8.9.4 / 2025-01-09

  • fix(document): fix document not applying manual populate when using a function in schema.options.ref #15138 IchirokuXVI
  • fix(model): make Model.validate() static correctly cast document arrays #15169 #15164
  • fix(model): allow passing validateBeforeSave option to bulkSave() to skip validation #15161 #15156
  • fix(schema): allow multiple self-referencing discriminator schemas using Schema.prototype.discriminator #15142 #15120
  • types: avoid BufferToBinary<> wiping lean types when passed to generic functions #15160 #15158
  • docs: fix <code> in header ids #15159
  • docs: fix header in field-level-encryption.md #15137 damieng

8.9.3 / 2024-12-30

  • fix(schema): make duplicate index error a warning for now to prevent blocking upgrading #15135 #15112 #15109
  • fix(model): handle document array paths set to non-array values in Model.castObject() #15124 #15075
  • fix(document): avoid using childSchemas.path for compatibility with pre-Mongoose-8.8 schemas #15131 #15071
  • fix(model): avoid throwing unnecessary error if updateOne() returns null in save() #15126
  • perf(cursor): clear the stack every time if using populate with batchSize to avoid stack overflows with large docs #15136 #10449
  • types: make BufferToBinary avoid Document instances #15123 #15122
  • types(model+query): avoid stripping out virtuals when calling populate with paths generic #15132 #15111
  • types(schema): add missing removeIndex #15134
  • types: add cleanIndexes() to IndexManager interface #15127
  • docs: move search endpoint to netlify #15119

8.9.2 / 2024-12-19

  • fix(schema): avoid throwing duplicate index error if index spec keys have different order or index has a custom name #15112 #15109
  • fix(map): clean modified subpaths when overwriting values in map of subdocs #15114 #15108
  • fix(aggregate): pull session from transaction local storage for aggregation cursors #15094 IchirokuXVI
  • types: correctly handle union types in BufferToBinary and related helpers #15103 #15102 #15057
  • types: add UUID to RefType #15115 #15101
  • docs: remove link to Mongoose 5.x docs from dropdown #15116
  • docs(connection+document+model): remove remaining references to remove(), clarify that deleteOne() does not execute until then() or exec() #15113 #15107

8.9.1 / 2024-12-16

  • fix(connection): remove heartbeat check in load balanced mode #15089 #15042 #14812
  • fix(discriminator): gather childSchemas when creating discriminator to ensure $getAllSubdocs() can properly get all subdocs #15099 #15088 #15092
  • fix(model): handle discriminators in castObject() #15096 #15075
  • fix(schema): throw error if duplicate index definition using unique in schema path and subsequent .index() call #15093 #15056
  • fix: mark documents that are populated using hydratedPopulatedDocs option as populated in top-level doc #15080 #15048
  • fix(document+schema): improve error message for get() on invalid path #15098 #15071
  • docs: remove more callback doc references & some small other changes #15095
Changelog

Sourced from mongoose's changelog.

8.9.5 / 2025-01-13

7.8.4 / 2025-01-13

6.13.6 / 2025-01-13

8.9.4 / 2025-01-09

  • fix(document): fix document not applying manual populate when using a function in schema.options.ref #15138 IchirokuXVI
  • fix(model): make Model.validate() static correctly cast document arrays #15169 #15164
  • fix(model): allow passing validateBeforeSave option to bulkSave() to skip validation #15161 #15156
  • fix(schema): allow multiple self-referencing discriminator schemas using Schema.prototype.discriminator #15142 #15120
  • types: avoid BufferToBinary<> wiping lean types when passed to generic functions #15160 #15158
  • docs: fix <code> in header ids #15159
  • docs: fix header in field-level-encryption.md #15137 damieng

8.9.3 / 2024-12-30

  • fix(schema): make duplicate index error a warning for now to prevent blocking upgrading #15135 #15112 #15109
  • fix(model): handle document array paths set to non-array values in Model.castObject() #15124 #15075
  • fix(document): avoid using childSchemas.path for compatibility with pre-Mongoose-8.8 schemas #15131 #15071
  • fix(model): avoid throwing unnecessary error if updateOne() returns null in save() #15126
  • perf(cursor): clear the stack every time if using populate with batchSize to avoid stack overflows with large docs #15136 #10449
  • types: make BufferToBinary avoid Document instances #15123 #15122
  • types(model+query): avoid stripping out virtuals when calling populate with paths generic #15132 #15111
  • types(schema): add missing removeIndex #15134
  • types: add cleanIndexes() to IndexManager interface #15127
  • docs: move search endpoint to netlify #15119

8.9.2 / 2024-12-19

  • fix(schema): avoid throwing duplicate index error if index spec keys have different order or index has a custom name #15112 #15109
  • fix(map): clean modified subpaths when overwriting values in map of subdocs #15114 #15108
  • fix(aggregate): pull session from transaction local storage for aggregation cursors #15094 IchirokuXVI
  • types: correctly handle union types in BufferToBinary and related helpers #15103 #15102 #15057
  • types: add UUID to RefType #15115 #15101
  • docs: remove link to Mongoose 5.x docs from dropdown #15116
  • docs(connection+document+model): remove remaining references to remove(), clarify that deleteOne() does not execute until then() or exec() #15113 #15107

8.9.1 / 2024-12-16

  • fix(connection): remove heartbeat check in load balanced mode #15089 #15042 #14812
  • fix(discriminator): gather childSchemas when creating discriminator to ensure $getAllSubdocs() can properly get all subdocs #15099 #15088 #15092

... (truncated)

Commits

Updates multer from 1.4.5-lts.1 to 2.0.2

Release notes

Sourced from multer's releases.

v2.0.2

Important

Full Changelog: expressjs/multer@v2.0.1...v2.0.2

v2.0.1

Important

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from multer's changelog.

2.0.2

2.0.1

2.0.0

1.4.5-lts.2

  • Fix out-of-band error event from busboy (#1177)
Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for multer since your current version.


Updates form-data from 3.0.2 to 3.0.4

Changelog

Sourced from form-data's changelog.

v3.0.4 - 2025-07-16

Fixed

Commits

  • [eslint] update linting config f5e7eb0
  • [meta] add auto-changelog d2eb290
  • [Tests] handle predict-v8-randomness failures in node < 17 and node > 23 e8c574c
  • [Fix] Switch to using crypto random for boundary values c6ced61
  • [Refactor] use hasown 1a78b5d
  • [Fix] validate boundary type in setBoundary() method 70bbaa0
  • [Tests] add tests to check the behavior of getBoundary with non-strings b22a64e
  • [meta] actually ensure the readme backup isn’t published 0150851
  • [meta] remove local commit hooks fc42bb9
  • [Dev Deps] remove unused deps a14d09e
  • [meta] fix scripts to use prepublishOnly 11d9f73
  • [meta] fix readme capitalization fc38b48

v3.0.3 - 2025-02-14

Merged

Fixed

Commits

  • [Refactor] use Object.prototype.hasOwnProperty.call 7fecefe
  • [Dev Deps] update @types/node, browserify, coveralls, cross-spawn, eslint, formidable, in-publish, pkgfiles, pre-commit, puppeteer, request, tape, typescript 8261fcb
  • Only apps should have lockfiles b82f590
  • [Dev Deps] pin request which via tough-cookie ^2.4 depends on psl e5df7f2
  • [Deps] update mime-types 5a5bafe
Commits
  • 9c82fcd v3.0.4
  • e8c574c [Tests] handle predict-v8-randomness failures in node < 17 and node > 23
  • c6ced61 [Fix] Switch to using crypto random for boundary values
  • 0150851 [meta] actually ensure the readme backup isn’t published
  • fc38b48 [meta] fix readme capitalization
  • d2eb290 [meta] add auto-changelog
  • fc42bb9 [meta] remove local commit hooks
  • a14d09e [Dev Deps] remove unused deps
  • 002b9b0 [Fix] append: avoid a crash on nullish values
  • 70bbaa0 [Fix] validate boundary type in setBoundary() method
  • Additional commits viewable in compare view
Install script changes

This version modifies prepublish script that runs during installation. Review the package contents before updating.


Updates lodash from 4.17.21 to 4.17.23

Commits

Updates qs from 6.13.0 to 6.14.2

Changelog

Sourced from qs's changelog.

6.14.2

  • [Fix] parse: mark overflow objects for indexed notation exceeding arrayLimit (#546)
  • [Fix] arrayLimit means max count, not max index, in combine/merge/parseArrayValue
  • [Fix] parse: throw on arrayLimit exceeded with indexed notation when throwOnLimitExceeded is true (#529)
  • [Fix] parse: enforce arrayLimit on comma-parsed values
  • [Fix] parse: fix error message to reflect arrayLimit as max index; remove extraneous comments (#545)
  • [Robustness] avoid .push, use void
  • [readme] document that addQueryPrefix does not add ? to empty output (#418)
  • [readme] clarify parseArrays and arrayLimit documentation (#543)
  • [readme] replace runkit CI badge with shields.io check-runs badge
  • [meta] fix changelog typo (arrayLengtharrayLimit)
  • [actions] fix rebase workflow permissions

6.14.1

  • [Fix] ensure arrayLimit applies to [] notation as well
  • [Fix] parse: when a custom decoder returns null for a key, ignore that key
  • [Refactor] parse: extract key segment splitting helper
  • [meta] add threat model
  • [actions] add workflow permissions
  • [Tests] stringify: increase coverage
  • [Dev Deps] update eslint, @ljharb/eslint-config, npmignore, es-value-fixtures, for-each, object-inspect

6.14.0

  • [New] parse: add throwOnParameterLimitExceeded option (#517)
  • [Refactor] parse: use utils.combine more
  • [patch] parse: add explicit throwOnLimitExceeded default
  • [actions] use shared action; re-add finishers
  • [meta] Fix changelog formatting bug
  • [Deps] update side-channel
  • [Dev Deps] update es-value-fixtures, has-bigints, has-proto, has-symbols
  • [Tests] increase coverage

6.13.3

[Fix] fix regressions from robustness refactor [actions] update reusable workflows

6.13.2

  • [Robustness] avoid .push, use void
  • [readme] clarify parseArrays and arrayLimit documentation (#543)
  • [readme] document that addQueryPrefix does not add ? to empty output (#418)
  • [readme] replace runkit CI badge with shields.io check-runs badge
  • [actions] fix rebase workflow permissions

6.13.1

  • [Fix] stringify: avoid a crash when a filter key is null
  • [Fix] utils.merge: functions should not be stringified into keys
  • [Fix] parse: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset
  • [Fix] stringify: ensure a non-string filter does not crash
  • [Refactor] use __proto__ syntax instead of Object.create for null objects
  • [Refactor] misc cleanup

... (truncated)

Commits

Bumps the npm_and_yarn group with 7 updates in the /backend directory:

| Package | From | To |
| --- | --- | --- |
| [axios](https://github.com/axios/axios) | `1.7.9` | `1.13.5` |
| [cloudinary](https://github.com/cloudinary/cloudinary_npm) | `2.5.1` | `2.7.0` |
| [mongoose](https://github.com/Automattic/mongoose) | `8.9.0` | `8.9.5` |
| [multer](https://github.com/expressjs/multer) | `1.4.5-lts.1` | `2.0.2` |
| [form-data](https://github.com/form-data/form-data) | `3.0.2` | `3.0.4` |
| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |
| [qs](https://github.com/ljharb/qs) | `6.13.0` | `6.14.2` |

Bumps the npm_and_yarn group with 9 updates in the /frontend directory:

| Package | From | To |
| --- | --- | --- |
| [axios](https://github.com/axios/axios) | `1.7.9` | `1.13.5` |
| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.4.11` | `5.4.21` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.0.3` | `6.4.1` |
| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.26.0` | `7.28.6` |
| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.12` |
| [esbuild](https://github.com/evanw/esbuild) | `0.21.5` | `0.27.3` |
| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |
| [phin](https://github.com/ethanent/phin) | `2.9.3` | `removed` |
| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `6.28.0` | `6.30.3` |



Updates `axios` from 1.7.9 to 1.13.5
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.7.9...v1.13.5)

Updates `cloudinary` from 2.5.1 to 2.7.0
- [Release notes](https://github.com/cloudinary/cloudinary_npm/releases)
- [Changelog](https://github.com/cloudinary/cloudinary_npm/blob/master/CHANGELOG.md)
- [Commits](cloudinary/cloudinary_npm@2.5.1...2.7.0)

Updates `mongoose` from 8.9.0 to 8.9.5
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md)
- [Commits](Automattic/mongoose@8.9.0...8.9.5)

Updates `multer` from 1.4.5-lts.1 to 2.0.2
- [Release notes](https://github.com/expressjs/multer/releases)
- [Changelog](https://github.com/expressjs/multer/blob/main/CHANGELOG.md)
- [Commits](expressjs/multer@v1.4.5-lts.1...v2.0.2)

Updates `form-data` from 3.0.2 to 3.0.4
- [Release notes](https://github.com/form-data/form-data/releases)
- [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md)
- [Commits](form-data/form-data@v3.0.2...v3.0.4)

Updates `lodash` from 4.17.21 to 4.17.23
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.21...4.17.23)

Updates `qs` from 6.13.0 to 6.14.2
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.13.0...v6.14.2)

Updates `axios` from 1.7.9 to 1.13.5
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.7.9...v1.13.5)

Updates `form-data` from 4.0.1 to 4.0.5
- [Release notes](https://github.com/form-data/form-data/releases)
- [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md)
- [Commits](form-data/form-data@v3.0.2...v3.0.4)

Updates `lodash` from 4.17.21 to 4.17.23
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.21...4.17.23)

Updates `vite` from 5.4.11 to 5.4.21
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.4.21/packages/vite)

Updates `vite` from 6.0.3 to 6.4.1
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.4.21/packages/vite)

Updates `@babel/runtime` from 7.26.0 to 7.28.6
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.28.6/packages/babel-runtime)

Updates `brace-expansion` from 1.1.11 to 1.1.12
- [Release notes](https://github.com/juliangruber/brace-expansion/releases)
- [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12)

Updates `esbuild` from 0.21.5 to 0.27.3
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md)
- [Commits](evanw/esbuild@v0.21.5...v0.27.3)

Updates `cross-spawn` from 5.1.0 to 7.0.6
- [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md)
- [Commits](moxystudio/node-cross-spawn@5.1.0...v7.0.6)

Updates `js-yaml` from 4.1.0 to 4.1.1
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](nodeca/js-yaml@4.1.0...4.1.1)

Removes `phin`

Updates `react-router` from 6.28.0 to 6.30.3
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/react-router@6.30.3/packages/react-router/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router@6.30.3/packages/react-router)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.13.5
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: cloudinary
  dependency-version: 2.7.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: mongoose
  dependency-version: 8.9.5
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: multer
  dependency-version: 2.0.2
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: form-data
  dependency-version: 3.0.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: lodash
  dependency-version: 4.17.23
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: qs
  dependency-version: 6.14.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.13.5
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: form-data
  dependency-version: 4.0.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: lodash
  dependency-version: 4.17.23
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: vite
  dependency-version: 5.4.21
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: vite
  dependency-version: 6.4.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@babel/runtime"
  dependency-version: 7.28.6
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: brace-expansion
  dependency-version: 1.1.12
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: esbuild
  dependency-version: 0.27.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cross-spawn
  dependency-version: 7.0.6
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: js-yaml
  dependency-version: 4.1.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: phin
  dependency-version: 
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: react-router
  dependency-version: 6.30.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 19, 2026
@vercel

vercel Bot commented Feb 19, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
eternal Error Error Feb 19, 2026 10:29pm

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants