chore(deps): update all non-major dependencies by renovate[bot] · Pull Request #419 · apollographql/datasource-rest

renovate · 2025-04-27T06:39:04Z

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Type	Update
@changesets/changelog-github (source)	`0.5.1` → `0.7.0`	devDependencies	minor
@changesets/cli (source)	`2.29.2` → `2.31.0`	devDependencies	minor
cspell (source)	`8.19.2` → `8.19.4`	devDependencies	patch
form-data	`4.0.4` → `4.0.5`	devDependencies	patch
graphql	`16.11.0` → `16.14.0`	devDependencies	minor
node (source)	`20.19.1` → `20.20.2`	volta	minor
npm (source)	`10.9.2` → `10.9.8`	volta	patch
prettier (source)	`3.5.3` → `3.8.3`	devDependencies	minor
secops	`2.0.7` → `2.0.9`	orb	patch
ts-jest (source)	`29.3.2` → `29.4.11`	devDependencies	minor
typescript (source)	`5.8.3` → `5.9.3`	devDependencies	minor

Release Notes

changesets/changesets (@changesets/changelog-github)

`v0.7.0`

Compare Source

Minor Changes

#1255 94578cf Thanks @Kauhsa! - Added disableThanks option

`v0.6.0`

Compare Source

Minor Changes

#1850 fd0bc2e Thanks @mixelburg! - Linkify issue references in changelog entries.

Patch Changes

#1810 27fd8f4 Thanks @hirasso! - Replace deprecated String.prototype.trimRight with String.prototype.trimEnd
Updated dependencies [d4b8ad8, e462d89]:
- @changesets/get-github-info@0.8.0

`v0.5.2`

Compare Source

streetsidesoftware/cspell (cspell)

`v8.19.4`

Compare Source

Note: Version bump only for package cspell

`v8.19.3`

Compare Source

Note: Version bump only for package cspell

form-data/form-data (form-data)

`v4.0.5`

Compare Source

Commits

[Tests] Switch to newer v8 prediction library; enable node 24 testing 16e0076
[Dev Deps] update @ljharb/eslint-config, eslint 5822467
[Fix] set Symbol.toStringTag in the proper place 76d0dee

graphql/graphql-js (graphql)

`v16.14.0`

Compare Source

v16.14.0 (2026-05-03)

New Feature 🚀

#4317 Allow configuration of the ofType introspection depth (@Nols1000)
#4521 Add experimental support for directives on directive definitions (@BoD)

Bug Fix 🐞

#4652 Fix valueFromAST variable own-property checks
(@abishekgiri)

Docs 📝

#4706 Fix mistake in GraphQLError guidance (@benjie)

Committers: 4

Abishek Kumar Giri(@abishekgiri)
Benjie(@benjie)
Benoit 'BoD' Lubek(@BoD)
Nils-Börge Margotti(@Nols1000)

nodejs/node (node)

`v20.20.2`: 2026-03-24, Version 20.20.2 'Iron' (LTS), @marco-ippolito

Compare Source

This is a security release.

Notable Changes

(CVE-2026-21717) fix array index hash collision (Joyee Cheung)
(CVE-2026-21713) use timing-safe comparison in Web Cryptography HMAC and KMAC (Filip Skokan)
(CVE-2026-21710) use null prototype for headersDistinct/trailersDistinct (Matteo Collina)
(CVE-2026-21716) include permission check on lib/fs/promises (RafaelGSS)pull/795>
(CVE-2026-21715) add permission check to realpath.native (RafaelGSS)
(CVE-2026-21714) handle NGHTTP2_ERR_FLOW_CONTROL error code (RafaelGSS)
(CVE-2026-21637) wrap SNICallback invocation in try/catch (Matteo Collina)

Commits

[cfb51fa9ce] - (CVE-2026-21713) crypto: use timing-safe comparison in Web Cryptography HMAC (Filip Skokan) nodejs-private/node-private#831
[f333d0be5f] - deps: V8: override depot_tools version (Richard Lau) #62344
[2acd5d1226] - deps: update undici to v6.24.1 (Matteo Collina) #62285
[af5c144ebc] - (CVE-2026-21717) deps,build,test: fix array index hash collision (Joyee Cheung) nodejs-private/node-private#834
[00ad47a28e] - (CVE-2026-21710) http: use null prototype for headersDistinct/trailersDistinct (Matteo Collina) nodejs-private/node-private#821
[0123309566] - (CVE-2026-21716) permission: include permission check on lib/fs/promises (RafaelGSS) nodejs-private/node-private#840
[00830712bc] - (CVE-2026-21715) permission: add permission check to realpath.native (RafaelGSS) nodejs-private/node-private#838
[a0c73425da] - (CVE-2026-21714) src: handle NGHTTP2_ERR_FLOW_CONTROL error code (RafaelGSS) nodejs-private/node-private#832
[cc3f294507] - (CVE-2026-21637) tls: wrap SNICallback invocation in try/catch (Matteo Collina) nodejs-private/node-private#839

`v20.20.1`: 2026-03-05, Version 20.20.1 'Iron' (LTS), @marco-ippolito

Compare Source

Notable Changes

[91a66e671c] - build: test on Python 3.14 (Christian Clauss) #59983
[f66056054b] - crypto: update root certificates to NSS 3.119 (Node.js GitHub Bot) #61419
[80feacaddb] - crypto: update root certificates to NSS 3.117 (Node.js GitHub Bot) #60741

Commits

[6f580d5399] - assert: fix deepEqual always return true on URL (Xuguang Mei) #50853
[91a66e671c] - build: test on Python 3.14 (Christian Clauss) #59983
[cc4f7af6f3] - build: skip sscache action on non-main branches (Joyee Cheung) #61790
[f66056054b] - crypto: update root certificates to NSS 3.119 (Node.js GitHub Bot) #61419
[80feacaddb] - crypto: update root certificates to NSS 3.117 (Node.js GitHub Bot) #60741
[fa88cc07e2] - crypto: ensure documented RSA-PSS saltLength default is used (Filip Skokan) #60662
[88b2eec88a] - deps: update minimatch to 10.2.2 (Node.js GitHub Bot) #61830
[5c053264f1] - deps: V8: backport 6a0a25a (Vivian Wang) #61687
[4a398699d0] - deps: update googletest to 5a9c3f9 (Node.js GitHub Bot) #61731
[4fa43adf15] - deps: update googletest to 56efe39 (Node.js GitHub Bot) #61605
[1a855d490c] - deps: update googletest to 8508785 (Node.js GitHub Bot) #61417
[d8a9359826] - deps: update icu to 78.2 (Node.js GitHub Bot) #60523
[e79cd3a0bb] - deps: update acorn-walk to 8.3.5 (Node.js GitHub Bot) #61928
[0707ade464] - deps: update acorn to 8.16.0 (Node.js GitHub Bot) #61925
[dc5a3cddef] - deps: update llhttp to 9.3.1 (Node.js GitHub Bot) #61827
[46043b94c7] - deps: update zlib to 1.3.1-e00f703 (Node.js GitHub Bot) #61135
[6be15a596e] - deps: update cjs-module-lexer to 2.2.0 (Node.js GitHub Bot) #61271
[10881404cd] - deps: update timezone to 2025c (Node.js GitHub Bot) #61138
[1594a78c85] - deps: update googletest to 065127f (Node.js GitHub Bot) #61055
[7fa2ee1933] - deps: update zlib to 1.3.1-63d7e16 (Node.js GitHub Bot) #60898
[09259532ef] - deps: update googletest to 1b96fa1 (Node.js GitHub Bot) #60739
[aa8bdb6886] - deps: update cjs-module-lexer to 2.1.1 (Node.js GitHub Bot) #60646
[cc849fde27] - deps: update googletest to 279f847 (Node.js GitHub Bot) #60219
[a99ba553a2] - deps: update googletest to 50b8600 (Node.js GitHub Bot) #59955
[6349a79f5f] - deps: update googletest to 7e17b15 (Node.js GitHub Bot) #59131
[8ba759f1a0] - deps: update googletest to 35b75a2 (Node.js GitHub Bot) #58710
[927d906850] - deps: update googletest to e9092b1 (Node.js GitHub Bot) #58565
[bf8919f5c2] - deps: update googletest to 0bdccf4 (Node.js GitHub Bot) #57380
[ae6231dac0] - deps: update googletest to e235eb3 (Node.js GitHub Bot) #56873
[0561c62e85] - deps: update minimatch to 10.1.2 (Node.js GitHub Bot) #61732
[f0ef221b0d] - deps: update minimatch to 10.1.1 (Node.js GitHub Bot) #60543
[15bd0da404] - deps: update archs files for openssl (Antoine du Hamel) #61912
[04d439323f] - deps: upgrade openssl sources to openssl-3.0.19 (Antoine du Hamel) #61912
[2ea16d3bd6] - deps: update corepack to 0.34.6 (Node.js GitHub Bot) #61510
[622f973d1c] - deps: update corepack to 0.34.5 (Node.js GitHub Bot) #60842
[2cd265d8b9] - deps: update corepack to 0.34.4 (Node.js GitHub Bot) #60643
[65e839687b] - deps: update corepack to 0.34.2 (Node.js GitHub Bot) #60550
[2dc99d2771] - dns: fix Windows SRV ECONNREFUSED by adjusting c-ares fallback detection (notvivek12) #61453
[2c7b84b1d8] - doc: fix typo in http.md (Michael Solomon) #59354
[a84b42667c] - doc: fix grammar in global dispatcher usage (Eng Zer Jun) #59344
[ffd0ada45f] - doc: fix typo in test/common/README.md (Yoo) #59180
[b4d9d006e7] - doc: fix broken sentence in URL.parse (Superchupu) #59164
[45e9971d9c] - doc: fix typo in writing-test.md (SeokHun) #59123
[e9fd10b5d6] - doc: fix fetch subsections in globals.md (Antoine du Hamel) #58933
[3715dd1c2b] - doc: fix wrong RFC number in http2 (Deokjin Kim) #58753
[098c017eac] - doc: punctuation fix for Node-API versioning clarification (Jiacai Liu) #58599
[545bf434e1] - doc: fix typo of file http.md, outgoingMessage.setTimeout section (yusheng chen) #58188
[b3d6683e7b] - doc: support toolchain with Visual Studio 2019 & 2022 only (Mike McCready) #61450
[8fdde5d110] - doc: fix v20 changelog after security release (Marco Ippolito) #61371
[31d04599be] - http: fix keep-alive not timing out after post-request empty line (Shima Ryuhei) #58178
[5ec7d1eba0] - http2: validate initialWindowSize per HTTP/2 spec (Matteo Collina) #61402
[5c091d5a96] - meta: persist sccache daemon until end of build workflows (René) #61639
[183353aba0] - path,win: fix bug in resolve and normalize (Hüseyin Açacak) #55623
[dbe9e5091b] - src: fix flags argument offset in JSUdpWrap (Weixie Cui) #61948
[4106bfc775] - test: mark stringbytes-external-max flaky on AIX (Stewart X Addison) #60995
[de51937306] - test: mark stringbytes-external-exceed-max tests as flaky on AIX (Joyee Cheung) #60565
[368b221be3] - test: fix flaky test-performance-eventloopdelay (Matteo Collina) #61629
[e134912a33] - test: fix flaky test-worker-message-port-transfer-filehandle test (Alex Yang) #59158
[5630170d3e] - test: account for truthy signal in flaky async_hooks tests (Darshan Sen) #58478
[1e5363bb63] - test: mark test-http2-debug as flaky on LinuxONE (Richard Lau) #58494
[662998787a] - test: set test-fs-cp as flaky (Stefan Stojanovic) #56799
[0807127339] - test: mark test-esm-loader-hooks-inspect-wait flaky (Richard Lau) #56803
[6320cd0721] - test: skip strace test with shared openssl (Richard Lau) #61987
[83b9f8ee02] - tools: make nodedownload module compatible with Python 3.14 (Lumír 'Frenzy' Balhar) #58752
[6cf9b5786e] - tools: enforce removal of lts-watch-* labels on release proposals (Antoine du Hamel) #61672
[cd4161499c] - tools: use ubuntu-slim runner in meta GitHub Actions (Tierney Cyren) #61663
[6dc2a99a0d] - tools: validate release commit diff as part of lint-release-proposal (Antoine du Hamel) #61440
[5014f22332] - tools: add read permission to workflows that read contents (Antoine du Hamel) #58255
[6c3ad2a5a3] - tools: switch to ARM runners on GHA jobs (Antoine du Hamel) #61903
[1abada9c34] - tools: avoid building twice in coverage jobs (Antoine du Hamel) #61899
[f260e40127] - tools: use ubuntu-slim runner in GHA (Antoine du Hamel) #61759
[64beca5e01] - tools: use ubuntu-slim runner in GHA (Antoine du Hamel) #61734

`v20.20.0`: 2026-01-13, Version 20.20.0 'Iron' (LTS), @marco-ippolito

Compare Source

This is a security release.

Notable Changes

lib:

(CVE-2025-55132) disable futimes when permission model is enabled (RafaelGSS) nodejs-private/node-private#802
(CVE-2025-59465) add TLSSocket default error handler (RafaelGSS) nodejs-private/node-private#797
lib,permission:
(CVE-2025-55130) require full read and write to symlink APIs (RafaelGSS) nodejs-private/node-private#760
src:
(CVE-2025-59466) rethrow stack overflow exceptions in async_hooks (Matteo Collina) nodejs-private/node-private#773
src,lib:
(CVE-2025-55131) refactor unsafe buffer creation to remove zero-fill toggle (Сковорода Никита Андреевич) nodejs-private/node-private#759
tls:
(CVE-2026-21637) route callback exceptions through error handlers (Matteo Collina) nodejs-private/node-private#796

Commits

[8f9ba3f623] - deps: update c-ares to v1.34.6 (Node.js GitHub Bot) #60997
[97fc9b0eb7] - deps: update undici to 6.23.0 (Matteo Collina) nodejs-private/node-private#792
[14fbbb510c] - (CVE-2025-55132) lib: disable futimes when permission model is enabled (RafaelGSS) nodejs-private/node-private#802
[1febc48d5b] - (CVE-2025-59465) lib: add TLSSocket default error handler (RafaelGSS) nodejs-private/node-private#797
[494f62dc23] - (CVE-2025-55130) lib,permission: require full read and write to symlink APIs (RafaelGSS) nodejs-private/node-private#760
[d7a5c587c0] - (CVE-2025-59466) src: rethrow stack overflow exceptions in async_hooks (Matteo Collina) nodejs-private/node-private#773
[51f4de4b4a] - (CVE-2025-55131) src,lib: refactor unsafe buffer creation to remove zero-fill toggle (Сковорода Никита Андреевич) nodejs-private/node-private#759
[85f73e7057] - (CVE-2026-21637) tls: route callback exceptions through error handlers (Matteo Collina) nodejs-private/node-private#796

`v20.19.6`: 2025-11-25, Version 20.19.6 'Iron' (LTS), @marco-ippolito

Compare Source

Notable Changes

[6277910a15] - crypto: update root certificates to NSS 3.114 (Node.js GitHub Bot) #59571
[082e50d4a2] - doc: update the instruction on how to verify releases (Antoine du Hamel) #59113
[db68cec4cb] - doc: deprecate HTTP/2 priority signaling (Matteo Collina) #58313

Commits

[0f644df42e] - build: fix 'implicit-function-declaration' on OpenHarmony platform (hqzing) #59547
[fba0025b9c] - build: use windows-2025 runner (Michaël Zasso) #59673
[3456ec946d] - crypto: update root certificates to NSS 3.116 (Node.js GitHub Bot) #59956
[6277910a15] - crypto: update root certificates to NSS 3.114 (Node.js GitHub Bot) #59571
[1788fb5f3d] - deps: update undici to 6.22.0 (Matteo Collina) #60112
[5d61b55f24] - deps: update uvwasi to 0.0.23 (Node.js GitHub Bot) #59791
[9f1e5e4637] - deps: update histogram to 0.11.9 (Node.js GitHub Bot) #59689
[d0edb01d25] - deps: update googletest to eb2d85e (Node.js GitHub Bot) #59335
[576242ff39] - deps: V8: cherry-pick a0d0d4f (Ho Cheung) #60716
[a07a277020] - deps: update corepack to 0.34.1 (Node.js GitHub Bot) #60314
[fa5c5af8ce] - deps: update archs files for openssl-3.0.17 (Node.js GitHub Bot) #59134
[556113e2fc] - deps: upgrade openssl sources to openssl-3.0.17 (Node.js GitHub Bot) #59134
[cd1536ca90] - deps: update corepack to 0.34.0 (Node.js GitHub Bot) #59133
[acec79989e] - deps: V8: cherry-pick 6b1b9bc (zhoumingtao) #59283
[e65b930aa7] - deps: V8: backport 2e4c5cf (Michaël Zasso) #60654
[1b75a601f7] - doc: fix typo on child_process.md (Angelo Gazzola) #60114
[a2bcb217c6] - doc: fix typo in section on microtask order (Tobias Nießen) #59932
[2426d3f3ff] - doc: add security escalation policy (Ulises Gascón) #59806
[e7f6f04758] - doc: add Miles Guicent as triager (Miles Guicent) #59562
[e51ef3f48b] - doc: update install_tools.bat free disk space (Stefan Stojanovic) #59579
[8a504d900a] - doc: fix missing link to the Error documentation in the http page (Alexander Makarenko) #59080
[8c5c8aa71d] - doc: clarify experimental platform vulnerability policy (Matteo Collina) #59591
[109c4bff77] - doc: add security incident reponse plan (Rafael Gonzaga) #59470
[4f004efdf3] - doc: add RafaelGSS as performance strategic lead (Rafael Gonzaga) #59445
[caa2db4bac] - doc: fix links in test.md (Vas Sudanagunta) #58876
[082e50d4a2] - doc: update the instruction on how to verify releases (Antoine du Hamel) #59113
[19a66365d9] - doc: clarify DEP0194 scope (Antoine du Hamel) #58504
[db68cec4cb] - doc: deprecate HTTP/2 priority signaling (Matteo Collina) #58313
[3b2368774f] - doc: make Stability labels not sticky in Stability index (Livia Medeiros) #58291
[960d05ad7d] - doc: add history entries to --input-type section (Antoine du Hamel) #58175
[20616f1750] - http2: do not crash on mismatched ping buffer length (René) #60135
[9eb94232c8] - lib: handle superscript variants on windows device (Rafael Gonzaga) #59261
[dc58b4e35f] - meta: move Michael to emeritus (Michael Dawson) #60070
[d943cfb260] - meta: bump actions/setup-node from 4.4.0 to 5.0.0 (dependabot[bot]) #60093
[de9a3aaf0f] - meta: bump step-security/harden-runner from 2.12.2 to 2.13.1 (dependabot[bot]) #60094
[b4b5d4a4d7] - meta: bump ossf/scorecard-action from 2.4.2 to 2.4.3 (dependabot[bot]) #60096
[e5b4eee901] - meta: bump actions/setup-python from 5.6.0 to 6.0.0 (dependabot[bot]) #60090
[7cb032c2c1] - meta: update devcontainer to the latest schema (Aviv Keller) #54347
[bb108191aa] - meta: call create-release-post.yml post release (Aviv Keller) #60366
[2a11d50526] - module: correctly detect top-level await in ambiguous contexts (Shima Ryuhei) #58646
[144233b71a] - process: fix wrong asyncContext under unhandled-rejections=strict (Shima Ryuhei) #60103
[409cb773a4] - repl: fix cpu overhead pasting big strings to the REPL (Ruben Bridgewater) #59857
[d1c9d80cac] - repl: add isValidParentheses check before wrap input (Xuguang Mei) #59607
[b8d145db2c] - src: fix order of CHECK_NOT_NULL/dereference (Tobias Nießen) #59487
[2c8a73f95f] - src: remove duplicate assignment of O_EXCL in node_constants.cc (Daniel Osvaldo R) #59049
[b1da374503] - test: fix typo of test-benchmark-readline.js (Deokjin Kim) #59993
[4b4e38f497] - test: mark sea tests flaky on macOS x64 (Richard Lau) #60068
[cbf4fc34c3] - test: skip more sea tests on Linux ppc64le (Richard Lau) #59755
[9543facad7] - test: mark test-inspector-network-fetch as flaky again (Joyee Cheung) #59640
[4f858d22ac] - test: skip test-fs-cp* tests that are constantly failing on Windows (Joyee Cheung) #59637
[3ec534dbe8] - test: skip sea tests on Linux ppc64le (Richard Lau) #59563
[a7a109f926] - test: fix typos (Lee Jiho) #59330
[fd9d43da46] - test: skip failing test on macOS 15.7+ (Antoine du Hamel) #60419
[bc3ffbd713] - test_runner: fix isSkipped check in junit (Sungwon) #59414
[0cace96472] - test_runner: correct "already mocked" error punctuation placement (Jacob Smith) #58840
[76001f9480] - tools: remove unused actions from build-tarball.yml (Antoine du Hamel) #59787
[69904844bb] - tools: do not attempt to compress tgz archive (Antoine du Hamel) #59785
[a6e7adb173] - tools: fix return value of try_check_compiler (theanarkh) #59434
[6443ad2da5] - tools: drop deprecated macos-13 runner (Richard Lau) #60679
[45ec702ef7] - tools: fix tools/make-v8.sh for clang (Richard Lau) #59893
[393ff7226e] - util: fix numericSeparator with negative fractional numbers (sangwook) #59379
[9e8beff0f4] - util: fix error's namespaced node_modules highlighting using inspect (Ruben Bridgewater) #59446

`v20.19.5`: 2025-09-03, Version 20.19.5 'Iron' (LTS), @marco-ippolito

Compare Source

Notable Changes

[f5b293ad48] - doc: add JonasBa to collaborators (Jonas Badalic) #58355
[4e6ae787c6] - doc: add puskin to collaborators (Giovanni Bucci) #58308
[d06db658fc] - doc: add Filip Skokan to TSC (Rafael Gonzaga) #58499
[3c6206cac9] - doc: add @geeksilva97 to collaborators (Edy Silva) #57241

Commits

[ea20403467] - build: fix uvwasi pkgname (Antoine du Hamel) #58270
[c647aa4b30] - build: fix pointer compression builds (Joyee Cheung) #58171
[d2c5e609ae] - build: disable v8_enable_pointer_compression_shared_cage on non-64bit (Shelley Vohr) #58867
[84d5c4d244] - build: search for libnode.so in multiple places (Jan Staněk) #58213
[068c439552] - crypto: fix SHAKE128/256 breaking change introduced with OpenSSL 3.4 (Filip Skokan) #58942
[edff105c34] - debugger: fix behavior of plain object exec in debugger repl (Dario Piotrowicz) #57498
[0473e35b7f] - deps: update zlib to 1.3.1-470d3a2 (Node.js GitHub Bot) #58628
[1218dbbea5] - deps: update zlib to 1.3.0.1-motley-780819f (Node.js GitHub Bot) #57768
[0e3cd9ec00] - deps: update zlib to 1.3.0.1-motley-788cb3c (Node.js GitHub Bot) #56655
[a194dd9bd4] - deps: update archs files for openssl-3.0.16 (Node.js GitHub Bot) #57335
[cc9b79ca70] - deps: upgrade openssl sources to quictls/openssl-3.0.16 (Node.js GitHub Bot) #57335
[82c46d5358] - deps: update cjs-module-lexer to 2.1.0 (Node.js GitHub Bot) #57180
[43e3f9b26b] - deps: update cjs-module-lexer to 2.0.0 (Michael Dawson) #56855
[91282ff16b] - deps: update corepack to 0.33.0 (Node.js GitHub Bot) #58566
[b76bca6f38] - deps: update acorn to 8.15.0 (Node.js GitHub Bot) #58711
[ae11481011] - deps: update acorn to 8.14.1 (Node.js GitHub Bot) #57382
[142d701201] - deps: update minimatch to 10.0.3 (Node.js GitHub Bot) #58712
[fee082d684] - deps: update llhttp to 9.3.0 (Fedor Indutny) #58144
[c06f6f3f05] - dns: remove redundant code using common variable (Deokjin Kim) #57386
[cded8e7e77] - dns: fix parse memory leaky (theanarkh) #58973
[182ae67233] - dns: fix dns query cache implementation (Ethan Arrowood) #58404
[621b66a297] - doc: add review guidelines for collaborator nominations (Antoine du Hamel) #57449
[b1009b5b72] - doc: explicit mention arbitrary code execution as a vuln (Rafael Gonzaga) #57426
[f5b293ad48] - doc: add JonasBa to collaborators (Jonas Badalic) #58355
[4e6ae787c6] - doc: add puskin to collaborators (Giovanni Bucci) #58308
[530473f479] - doc: add ovflowd back to core collaborators (Claudio W.) #58911
[38e8bbc131] - doc: add info on how project manages social media (Michael Dawson) #57318
[d06bb4dcc2] - doc: ping nodejs/tsc for each security pull request (Rafael Gonzaga) #57309
[d06db658fc] - doc: add Filip Skokan to TSC (Rafael Gonzaga) #58499
[8c3bc156ed] - doc: clarify path.isAbsolute is not path traversal mitigation (Eric Fortis) #57073
[e688410bda] - doc: fix rendering of DEP0174 description (David Sanders) #56835
[e6a0c6a0fa] - doc: add missing assert return types (Colin Ihrig) #57219
[[026b3cab6a](https://redirect.github.com/nodejs/node/commit

✂ Note

PR body was truncated to here.

Configuration

📅 Schedule: (in timezone America/Los_Angeles)

Branch creation
- "every weekend"
Automerge
- At any time (no schedule defined)

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

codesandbox-ci · 2025-04-27T06:39:23Z

This pull request is automatically built and testable in CodeSandbox.

To see build info of the built libraries, click here or the icon next to each commit SHA.

renovate Bot requested a review from a team as a code owner April 27, 2025 06:39

renovate Bot added the 🎄 dependencies label Apr 27, 2025

renovate Bot enabled auto-merge (squash) April 27, 2025 06:39

renovate Bot force-pushed the renovate/all-minor-patch branch from 8b78095 to 0add9b7 Compare May 3, 2025 14:37

renovate Bot changed the title ~~chore(deps): update dependency cspell to v8.19.3~~ chore(deps): update dependency cspell to v8.19.4 May 3, 2025

renovate Bot force-pushed the renovate/all-minor-patch branch from 0add9b7 to e4bf9c0 Compare May 10, 2025 09:52

renovate Bot changed the title ~~chore(deps): update dependency cspell to v8.19.4~~ chore(deps): update all non-major dependencies May 10, 2025

renovate Bot force-pushed the renovate/all-minor-patch branch 3 times, most recently from 8a23451 to e8d3b3e Compare May 16, 2025 18:27

renovate Bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from 2f41dc6 to 4e95874 Compare June 12, 2025 05:52

renovate Bot force-pushed the renovate/all-minor-patch branch 6 times, most recently from 140b264 to db86ade Compare June 27, 2025 06:11

renovate Bot force-pushed the renovate/all-minor-patch branch 4 times, most recently from 18bbabe to 7690e6d Compare July 22, 2025 14:34

renovate Bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from a06fc87 to 0fd77fa Compare August 4, 2025 23:44

renovate Bot force-pushed the renovate/all-minor-patch branch 3 times, most recently from 4822e36 to 04b47a2 Compare August 16, 2025 14:24

renovate Bot force-pushed the renovate/all-minor-patch branch from 04b47a2 to dc8f98a Compare August 19, 2025 12:53

renovate Bot force-pushed the renovate/all-minor-patch branch from dc8f98a to b5618f9 Compare August 31, 2025 10:22

renovate Bot force-pushed the renovate/all-minor-patch branch 6 times, most recently from 5f2697c to c9d4850 Compare December 1, 2025 20:36

renovate Bot force-pushed the renovate/all-minor-patch branch from c9d4850 to 85af250 Compare December 3, 2025 07:04

renovate Bot force-pushed the renovate/all-minor-patch branch from 85af250 to 0e4fb69 Compare December 31, 2025 14:35

renovate Bot force-pushed the renovate/all-minor-patch branch 5 times, most recently from aed768c to 11b3829 Compare January 15, 2026 00:35

renovate Bot force-pushed the renovate/all-minor-patch branch 3 times, most recently from 6d2dae9 to a127e29 Compare January 23, 2026 18:53

renovate Bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from 6a3c22c to e44ffde Compare February 4, 2026 12:35

renovate Bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from 6109e93 to 20a23c7 Compare February 17, 2026 16:52

renovate Bot force-pushed the renovate/all-minor-patch branch from 20a23c7 to e989b84 Compare February 24, 2026 09:51

renovate Bot force-pushed the renovate/all-minor-patch branch 4 times, most recently from e732673 to b1fcc38 Compare March 5, 2026 15:56

renovate Bot force-pushed the renovate/all-minor-patch branch 3 times, most recently from 1069587 to 3c8c0c5 Compare March 18, 2026 21:57

renovate Bot force-pushed the renovate/all-minor-patch branch from 3c8c0c5 to 35a7b9c Compare March 19, 2026 08:53

chore(deps): update all non-major dependencies

4387d68

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update all non-major dependencies#419

chore(deps): update all non-major dependencies#419
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/all-minor-patch

renovate Bot commented Apr 27, 2025 •

edited

Loading

Uh oh!

codesandbox-ci Bot commented Apr 27, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

renovate Bot commented Apr 27, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release Notes

Minor Changes

Minor Changes

Patch Changes

Commits

v16.14.0 (2026-05-03)

New Feature 🚀

Bug Fix 🐞

Docs 📝

Committers: 4

v20.20.2: 2026-03-24, Version 20.20.2 'Iron' (LTS), @​marco-ippolito

Notable Changes

Commits

v20.20.1: 2026-03-05, Version 20.20.1 'Iron' (LTS), @​marco-ippolito

Notable Changes

Commits

v20.20.0: 2026-01-13, Version 20.20.0 'Iron' (LTS), @​marco-ippolito

Notable Changes

Commits

v20.19.6: 2025-11-25, Version 20.19.6 'Iron' (LTS), @​marco-ippolito

Notable Changes

Commits

v20.19.5: 2025-09-03, Version 20.19.5 'Iron' (LTS), @​marco-ippolito

Notable Changes

Commits

Configuration

Uh oh!

codesandbox-ci Bot commented Apr 27, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

renovate Bot commented Apr 27, 2025 •

edited

Loading

`v20.20.2`: 2026-03-24, Version 20.20.2 'Iron' (LTS), @marco-ippolito

`v20.20.1`: 2026-03-05, Version 20.20.1 'Iron' (LTS), @marco-ippolito

`v20.20.0`: 2026-01-13, Version 20.20.0 'Iron' (LTS), @marco-ippolito

`v20.19.6`: 2025-11-25, Version 20.19.6 'Iron' (LTS), @marco-ippolito

`v20.19.5`: 2025-09-03, Version 20.19.5 'Iron' (LTS), @marco-ippolito

codesandbox-ci Bot commented Apr 27, 2025 •

edited

Loading