[PR #3217] [CLOSED] Bump the prod-minor-updates group across 1 directory with 6 updates #33531

Closed
opened 2026-06-15 10:56:31 -05:00 by GiteaMirror · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/fosrl/pangolin/pull/3217
Author: @dependabot[bot]
Created: 6/4/2026
Status: Closed

Base: mainHead: dependabot/npm_and_yarn/prod-minor-updates-74ef6bedb8


📝 Commits (1)

  • ca1bf73 Bump the prod-minor-updates group across 1 directory with 6 updates

📊 Changes

2 files changed (+301 additions, -403 deletions)

View changed files

📝 package-lock.json (+295 -397)
📝 package.json (+6 -6)

📄 Description

Bumps the prod-minor-updates group with 6 updates in the / directory:

Package From To
@aws-sdk/client-s3 3.1056.0 3.1062.0
@tanstack/react-query 5.100.14 5.101.0
axios 1.16.1 1.17.0
js-yaml 4.1.1 4.2.0
posthog-node 5.35.6 5.36.2
react-hook-form 7.76.1 7.77.0

Updates @aws-sdk/client-s3 from 3.1056.0 to 3.1062.0

Release notes

Sourced from @​aws-sdk/client-s3's releases.

v3.1062.0

3.1062.0(2026-06-04)

Chores
  • scripts: include generated packages when validating declared imports 1-1 with used imports (#8072) (291ad366)
Documentation Changes
  • client-guardduty: Remove unsupported RDS field for filter (5815da7f)
New Features
  • client-interconnect: Adding new BDD representation of endpoint ruleset (34e23ef2)
  • client-ec2-instance-connect: Adding new BDD representation of endpoint ruleset (c2a4981e)
  • client-mq: BDD bulk update change rollout (e058b8fd)
  • client-workspaces: Adding new BDD representation of endpoint ruleset (6b1e3602)
  • client-connectparticipant: Adding new BDD representation of endpoint ruleset (22db2a6a)
  • client-emr: Added support for Spark Connect interactive sessions on Amazon EMR on EC2 with new APIs - StartSession, GetSession, GetSessionEndpoint, ListSessions, and TerminateSession. Added sessionEnabled field in RunJobFlow and DescribeCluster to enable Spark Connect endpoints on EMR clusters. (ba570192)
  • client-s3files: Adding new BDD representation of endpoint ruleset (e538b485)
  • client-chime-sdk-voice: Adding new BDD representation of endpoint ruleset (1ff98336)
  • client-efs: Adding new BDD representation of endpoint ruleset (c7b29f33)
  • client-signer-data: Adding new BDD representation of endpoint ruleset (36e20555)
  • client-mediaconnect: BDD bulk update change rollout (789ef792)
  • client-sagemaker: Adds the IncludedData parameter to DescribeModelCard and DescribeModelPackage. Set it to MetadataOnly to retrieve a model card without decrypt permission on the customer managed AWS KMS key (default AllData returns full content). Adds support for the MTRL Job resource in SageMaker Search. (215af86d)
  • client-ivs: adds UpdateAdConfiguration operation to AWS IVS low-latency APIs (8cda4ea1)
  • client-geo-maps: Adding new BDD representation of endpoint ruleset (58350842)
  • client-appflow: Adding new BDD representation of endpoint ruleset (63dd2cd0)
  • client-sustainability: Adding new BDD representation of endpoint ruleset (506f985f)
  • client-config-service: AWS Config now supports internal service-linked rules, allowing AWS service partners to deploy Config rules for customers and use the evaluation results to build enhanced features. (ba9173b9)
  • client-kendra: Adding new BDD representation of endpoint ruleset (51dfa7c3)
  • client-workdocs: Adding new BDD representation of endpoint ruleset (a88a31d0)
  • client-mwaa-serverless: Adding new BDD representation of endpoint ruleset (7cb91604)
  • client-mediapackage: Adding new BDD representation of endpoint ruleset (eaa31923)
  • client-opensearchserverless: Adding new BDD representation of endpoint ruleset (d08ce2ed)
  • client-uxc: Adding new BDD representation of endpoint ruleset (4d2a8026)
  • client-route53-recovery-readiness: Adding new BDD representation of endpoint ruleset (78b2555f)
  • client-glue: AWS Glue Interactive Sessions now supports Apache Spark Connect, enabling remote Spark execution over gRPC with minimal client-side dependencies. Adds GetSessionEndpoint and GetDashboardUrl APIs. Modifies CreateSession now accepts SPARK CONNECT session type. (41ebf943)
  • client-appintegrations: Adding new BDD representation of endpoint ruleset (3b257e66)
  • client-auditmanager: Adding new BDD representation of endpoint ruleset (b2fff655)
  • client-amplifybackend: Adding new BDD representation of endpoint ruleset (40fcadd6)
  • client-taxsettings: Adding new BDD representation of endpoint ruleset (dcc90bee)
  • client-cloudformation: Adding new BDD representation of endpoint ruleset (64f2514b)
  • client-wickr: AWS Wickr now allows network administrators to configure a maximum session duration for non-SSO users in security groups, and display customizable consent popups to users at login for terms of use or compliance acknowledgements. (ceb38f6b)
  • client-sagemaker-runtime-http2: Adding new BDD representation of endpoint ruleset (924b2e3a)
  • client-cost-explorer: Adding new BDD representation of endpoint ruleset (fb8ea9cb)
  • client-sns: Adding new BDD representation of endpoint ruleset (1cc60ac8)
  • client-mediapackage-vod: Adding new BDD representation of endpoint ruleset (f949a4c5)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-s3's changelog.

3.1062.0 (2026-06-04)

Note: Version bump only for package @​aws-sdk/client-s3

3.1061.0 (2026-06-03)

Note: Version bump only for package @​aws-sdk/client-s3

3.1060.0 (2026-06-03)

Note: Version bump only for package @​aws-sdk/client-s3

3.1059.0 (2026-06-02)

Note: Version bump only for package @​aws-sdk/client-s3

3.1058.0 (2026-06-01)

Note: Version bump only for package @​aws-sdk/client-s3

3.1057.0 (2026-05-29)

Note: Version bump only for package @​aws-sdk/client-s3

Commits
  • f5235bb Publish v3.1062.0
  • 291ad36 chore(scripts): include generated packages when validating declared imports 1...
  • 71df2cc Publish v3.1061.0
  • 1216094 chore(middleware-sdk-s3): consolidate S3 internal packages (#8026)
  • 8aeb92d Publish v3.1060.0
  • 75bb4fc Publish v3.1059.0
  • 6b082a6 chore(codegen): sync for adaptive retry fix, EAI_AGAIN transient error (#8067)
  • d7602d4 Publish v3.1058.0
  • e836d5c Publish v3.1057.0
  • e55a387 chore(codegen): sync for smithy 1.71.0 and snapshot-testing fix (#8053)
  • See full diff in compare view

Updates @tanstack/react-query from 5.100.14 to 5.101.0

Release notes

Sourced from @​tanstack/react-query's releases.

@​tanstack/react-query-devtools@​5.101.0

Patch Changes

@​tanstack/react-query-next-experimental@​5.101.0

Patch Changes

  • #10857 7cf5923 - fix(react-query-next-experimental): replace deprecated 'isServer' with 'environmentManager.isServer()'

  • Updated dependencies []:

    • @​tanstack/react-query@​5.101.0

@​tanstack/react-query-persist-client@​5.101.0

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-persist-client-core@​5.101.0
    • @​tanstack/react-query@​5.101.0

@​tanstack/react-query@​5.101.0

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.101.0
Changelog

Sourced from @​tanstack/react-query's changelog.

5.101.0

Patch Changes

  • Updated dependencies []:
    • @​tanstack/query-core@​5.101.0
Commits

Updates axios from 1.16.1 to 1.17.0

Release notes

Sourced from axios's releases.

v1.17.0 — June 1, 2026

This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.

🔒 Security Fixes

  • Config Hardening: Guarded socketPath, params, and paramsSerializer reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (#10901, #10922)
  • Release Publishing: Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (#10926)

🚀 New Features

  • HTTP Compression: Added Node HTTP adapter support for zstd response decompression, with transitional.advertiseZstdAcceptEncoding controlling whether zstd is advertised in Accept-Encoding. (#6792, #10920)

🐛 Bug Fixes

  • Authentication Handling: Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (#10929, #10896)
  • Proxy TLS: Preserved user httpsAgent TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (#10957)
  • React Native FormData: Cleared default Content-Type for React Native FormData so multipart boundaries can be generated correctly. (#10898)
  • Headers: Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (#10875)
  • Request Data Merging: Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (#10812)
  • Bundler Compatibility: Converted resolveConfig from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (#10891)
  • Types: Corrected AxiosHeaders.toJSON() return types and updated CommonJS isCancel typings to narrow to CanceledError<T>. (#10956, #10952)
  • Build Tooling: Avoided emitting a null Authorization header from the GitHub build helper when GITHUB_TOKEN is unset. (#10931)

🔧 Maintenance & Chores

  • HTTP/2 Internals: Extracted Http2Sessions into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (#10861)
  • Package Publishing: Reduced published package size by switching to a files allowlist and dropping unneeded unminified bundle source maps. (#10939)
  • CI and Release Automation: Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (#10907, #10911, #10916, #10927, #10935, #10983)
  • Developer Workflow: Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (#10925, #10914, #10958)
  • Documentation and Policy: Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (#10890, #10889, #10921, #10945, #10905, #10933, #10915, #10887, #10955)
  • Dependencies: Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, fs-extra, qs, docs dependencies, and GitHub Actions dependencies including actions/dependency-review-action and zizmorcore/zizmor-action. (#10871, #10879, #10918, #10919, #10934, #10947, #10954, #10960)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

Changelog

Sourced from axios's changelog.

v1.17.0 — June 1, 2026

This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.

🔒 Security Fixes

  • Config Hardening: Guarded socketPath, params, and paramsSerializer reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (#10901, #10922)
  • Release Publishing: Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (#10926)

🚀 New Features

  • HTTP Compression: Added Node HTTP adapter support for zstd response decompression, with transitional.advertiseZstdAcceptEncoding controlling whether zstd is advertised in Accept-Encoding. (#6792, #10920)

🐛 Bug Fixes

  • Authentication Handling: Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (#10929, #10896)
  • Proxy TLS: Preserved user httpsAgent TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (#10957)
  • React Native FormData: Cleared default Content-Type for React Native FormData so multipart boundaries can be generated correctly. (#10898)
  • Headers: Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (#10875)
  • Request Data Merging: Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (#10812)
  • Bundler Compatibility: Converted resolveConfig from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (#10891)
  • Types: Corrected AxiosHeaders.toJSON() return types and updated CommonJS isCancel typings to narrow to CanceledError<T>. (#10956, #10952)
  • Build Tooling: Avoided emitting a null Authorization header from the GitHub build helper when GITHUB_TOKEN is unset. (#10931)

🔧 Maintenance & Chores

  • HTTP/2 Internals: Extracted Http2Sessions into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (#10861)
  • Package Publishing: Reduced published package size by switching to a files allowlist and dropping unneeded unminified bundle source maps. (#10939)
  • CI and Release Automation: Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (#10907, #10911, #10916, #10927, #10935, #10983)
  • Developer Workflow: Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (#10925, #10914, #10958)
  • Documentation and Policy: Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (#10890, #10889, #10921, #10945, #10905, #10933, #10915, #10887, #10955)
  • Dependencies: Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, fs-extra, qs, docs dependencies, and GitHub Actions dependencies including actions/dependency-review-action and zizmorcore/zizmor-action. (#10871, #10879, #10918, #10919, #10934, #10947, #10954, #10960)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

Commits

Updates js-yaml from 4.1.1 to 4.2.0

Changelog

Sourced from js-yaml's changelog.

[4.2.0] - 2026-06-01

Added

  • Added docs/safety.md with notes about processing untrusted YAML.
  • Added maxDepth (100) loader option. Not a problem, but gives a better exception instead of RangeError on stack overflow.
  • Added maxMergeSeqLength (20) loader option. Not a problem after merge fix, but an additional restriction for safety.
  • Added sourcemaps to dist/ builds.

Changed

  • Stop resolving numbers with underscores as numeric scalars, #627.
  • Switched dev toolchains to Vite / neostandard.
  • Updated demo.
  • Reorganized tests.
  • dist/ files are no longer kept in the repository.

Fixed

  • Fix parsing of properties on the first implicit block mapping key, #62.
  • Fix trailing whitespace handling when folding flow scalar lines, #307.
  • Reject top-level block scalars without content indentation, #280.
  • Ensure numbers survive round-trip, #737.
  • Fix test coverage for issue #221.
  • Fix flow scalar trailing whitespace folding, #307.
  • Fix digits in YAML named tag handles.

Security

  • Fix potential DoS via quadratic complexity in merge - deduplicate repeated elements (makes sense for malformed files > 10K).

[3.14.2] - 2025-11-15

Security

  • Backported v4.1.1 fix to v3
Commits

Updates posthog-node from 5.35.6 to 5.36.2

Release notes

Sourced from posthog-node's releases.

posthog-node@5.36.2

5.36.2

Patch Changes

  • Updated dependencies []:
    • @​posthog/core@​1.30.8

posthog-node@5.36.1

5.36.1

Patch Changes

  • Updated dependencies []:
    • @​posthog/core@​1.30.7

posthog-node@5.36.0

5.36.0

Minor Changes

  • #3728 9287c87 Thanks @​turnipdabeets! - Add a configurable $is_server event property (default true) so PostHog can identify server-side events. Set isServer: false when using the SDK as a client/CLI so the device OS is attributed normally. (2026-06-04)

posthog-node@5.35.15

5.35.15

Patch Changes

  • Updated dependencies []:
    • @​posthog/core@​1.30.6

posthog-node@5.35.14

5.35.14

Patch Changes

  • Updated dependencies []:
    • @​posthog/core@​1.30.5

posthog-node@5.35.13

5.35.13

Patch Changes

  • Updated dependencies []:
    • @​posthog/core@​1.30.4

posthog-node@5.35.12

5.35.12

... (truncated)

Changelog

Sourced from posthog-node's changelog.

5.36.2

Patch Changes

  • Updated dependencies []:
    • @​posthog/core@​1.30.8

5.36.1

Patch Changes

  • Updated dependencies []:
    • @​posthog/core@​1.30.7

5.36.0

Minor Changes

  • #3728 9287c87 Thanks @​turnipdabeets! - Add a configurable $is_server event property (default true) so PostHog can identify server-side events. Set isServer: false when using the SDK as a client/CLI so the device OS is attributed normally. (2026-06-04)

5.35.15

Patch Changes

  • Updated dependencies []:
    • @​posthog/core@​1.30.6

5.35.14

Patch Changes

  • Updated dependencies []:
    • @​posthog/core@​1.30.5

5.35.13

Patch Changes

  • Updated dependencies []:
    • @​posthog/core@​1.30.4

5.35.12

Patch Changes

  • Updated dependencies []:
    • @​posthog/core@​1.30.3

5.35.11

... (truncated)

Commits
  • a8fd228 chore: update versions and lockfile [version bump]
  • 287ad9f chore: update versions and lockfile [version bump]
  • dc1e193 chore: update versions and lockfile [version bump]
  • 9287c87 feat: emit $is_server property on captured events (#3728)
  • b539fcb chore: update versions and lockfile [version bump]
  • 79de441 chore: update versions and lockfile [version bump]
  • 4a8cacc chore: add Sentry attribution comments (#3738)
  • d385e2a chore: clarify error tracking comments (#3735)
  • 808862d chore: update versions and lockfile [version bump]
  • f052bd7 chore: update versions and lockfile [version bump]
  • Additional commits viewable in compare view

Updates react-hook-form from 7.76.1 to 7.77.0

Release notes

Sourced from react-hook-form's releases.

Version 7.77.0

🥡 feat: add resetDefaultValues API (#13427)

https://react-hook-form.com/docs/useform/resetdefaultvalues

const { resetDefaultValues } = useForm();

resetDefaultValues(currentValues);

🐚 harden get() against prototype-path traversal (proto / constructor / prototype) (#13479) 🐞 fix FieldArray errors overriding nested fields (#13476) 🐞 fix inconsistent reset({}) behavior requiring double-call to take effect (#13473) 🐞 fix: preserve values with shouldUnregister (#13464) 🐞 fix stale isDirty in subscribe payload after reset(..., { keepValues: true }) (#13461) 👝 save bundle size (#13468)

thanks to @​puneetdixit200 & @​dfedoryshchev

Changelog

Sourced from react-hook-form's changelog.

[7.77.0] - 2026-05-31

Added

  • resetDefaultValues API

Fixed

  • Stale isDirty in subscribe payload after reset(..., { keepValues: true })
  • Preserve values with shouldUnregister
  • Inconsistent reset({}) behavior requiring double-call to take effect
  • FieldArray errors overriding nested fields

Security

  • Harden get() against prototype-path traversal (__proto__ / constructor / prototype)

Performance

  • Bundle size reduction
Commits
  • 5b20741 7.77.0
  • f1a02d3 🧪 add regression coverage for createFormControl + useController remount defau...
  • ba88c3d 📚 docs: fix JSDoc for UseFormWatch (#13486)
  • 54198d9 🥡 feat: add resetDefaultValues API (#13427)
  • fe8276e 📚 docs: fix duplicate "de" in es-ES README image alt text (#13481)
  • 6aa81f9 🐚 harden get() against prototype-path traversal (__proto__ / `constructor...
  • 645478b 🐞 fix FieldArray errors overriding nested fields (#13476)
  • 889c752 🧪 add regression coverage for dynamic nested names with useController and wat...
  • 581321c 🐞 fix inconsistent reset({}) behavior requiring double-call to take effect (#...
  • f8eb2d7 🌭 upgrade deps (#13470)
  • Additional commits viewable in compare view


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/fosrl/pangolin/pull/3217 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 6/4/2026 **Status:** ❌ Closed **Base:** `main` ← **Head:** `dependabot/npm_and_yarn/prod-minor-updates-74ef6bedb8` --- ### 📝 Commits (1) - [`ca1bf73`](https://github.com/fosrl/pangolin/commit/ca1bf736c636b58099f1edec7abd2b5eea003f5d) Bump the prod-minor-updates group across 1 directory with 6 updates ### 📊 Changes **2 files changed** (+301 additions, -403 deletions) <details> <summary>View changed files</summary> 📝 `package-lock.json` (+295 -397) 📝 `package.json` (+6 -6) </details> ### 📄 Description Bumps the prod-minor-updates group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.1056.0` | `3.1062.0` | | [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.100.14` | `5.101.0` | | [axios](https://github.com/axios/axios) | `1.16.1` | `1.17.0` | | [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.1` | `4.2.0` | | [posthog-node](https://github.com/PostHog/posthog-js/tree/HEAD/packages/node) | `5.35.6` | `5.36.2` | | [react-hook-form](https://github.com/react-hook-form/react-hook-form) | `7.76.1` | `7.77.0` | Updates `@aws-sdk/client-s3` from 3.1056.0 to 3.1062.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aws/aws-sdk-js-v3/releases">@​aws-sdk/client-s3's releases</a>.</em></p> <blockquote> <h2>v3.1062.0</h2> <h4>3.1062.0(2026-06-04)</h4> <h5>Chores</h5> <ul> <li><strong>scripts:</strong> include generated packages when validating declared imports 1-1 with used imports (<a href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/8072">#8072</a>) (<a href="https://github.com/aws/aws-sdk-js-v3/commit/291ad3664d63b413e6c9631ac0a833e5819ceeaa">291ad366</a>)</li> </ul> <h5>Documentation Changes</h5> <ul> <li><strong>client-guardduty:</strong> Remove unsupported RDS field for filter (<a href="https://github.com/aws/aws-sdk-js-v3/commit/5815da7f30f1bdfdcd45fa09c59d0a199a4e8e0a">5815da7f</a>)</li> </ul> <h5>New Features</h5> <ul> <li><strong>client-interconnect:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/34e23ef23951a492d90749601a3c2e395177b019">34e23ef2</a>)</li> <li><strong>client-ec2-instance-connect:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/c2a4981e83ab456c1335204c4c5693cf2b4ef510">c2a4981e</a>)</li> <li><strong>client-mq:</strong> BDD bulk update change rollout (<a href="https://github.com/aws/aws-sdk-js-v3/commit/e058b8fd7fb9bffbacde2468108973c5a82139e2">e058b8fd</a>)</li> <li><strong>client-workspaces:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/6b1e3602cde54d7840c6ab80610c46c9bd07262c">6b1e3602</a>)</li> <li><strong>client-connectparticipant:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/22db2a6a6f37796f76290bcd3faf1a5bec0f4426">22db2a6a</a>)</li> <li><strong>client-emr:</strong> Added support for Spark Connect interactive sessions on Amazon EMR on EC2 with new APIs - StartSession, GetSession, GetSessionEndpoint, ListSessions, and TerminateSession. Added sessionEnabled field in RunJobFlow and DescribeCluster to enable Spark Connect endpoints on EMR clusters. (<a href="https://github.com/aws/aws-sdk-js-v3/commit/ba570192099541cc0c98e2eaa91dd14f6db29c2f">ba570192</a>)</li> <li><strong>client-s3files:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/e538b48504723a02bd02efc80c9ff0787ab5258e">e538b485</a>)</li> <li><strong>client-chime-sdk-voice:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/1ff983366658074676acc14a2185fbc5dffc0ce4">1ff98336</a>)</li> <li><strong>client-efs:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/c7b29f338f7b26d10f3e73100be0b09b71d6171a">c7b29f33</a>)</li> <li><strong>client-signer-data:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/36e20555e76357a54133dc76cc421241de806b01">36e20555</a>)</li> <li><strong>client-mediaconnect:</strong> BDD bulk update change rollout (<a href="https://github.com/aws/aws-sdk-js-v3/commit/789ef792d1bf9eac73a735366c77ec49d4dd51d6">789ef792</a>)</li> <li><strong>client-sagemaker:</strong> Adds the IncludedData parameter to DescribeModelCard and DescribeModelPackage. Set it to MetadataOnly to retrieve a model card without decrypt permission on the customer managed AWS KMS key (default AllData returns full content). Adds support for the MTRL Job resource in SageMaker Search. (<a href="https://github.com/aws/aws-sdk-js-v3/commit/215af86dc4da79e119fc403c4e7be097192cb60d">215af86d</a>)</li> <li><strong>client-ivs:</strong> adds UpdateAdConfiguration operation to AWS IVS low-latency APIs (<a href="https://github.com/aws/aws-sdk-js-v3/commit/8cda4ea154dd3c189830933573452d2492535ed6">8cda4ea1</a>)</li> <li><strong>client-geo-maps:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/5835084269aeb80c8bffefcd4d55c52e97fa620c">58350842</a>)</li> <li><strong>client-appflow:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/63dd2cd097a121cc2340cac08d53815f5293044e">63dd2cd0</a>)</li> <li><strong>client-sustainability:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/506f985f631874d8fe9e668db062e58f8c365a6c">506f985f</a>)</li> <li><strong>client-config-service:</strong> AWS Config now supports internal service-linked rules, allowing AWS service partners to deploy Config rules for customers and use the evaluation results to build enhanced features. (<a href="https://github.com/aws/aws-sdk-js-v3/commit/ba9173b9efa45159b4af240bcc5d5acce01897aa">ba9173b9</a>)</li> <li><strong>client-kendra:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/51dfa7c30d47a9fbb1b861c64a7d25cff587eea8">51dfa7c3</a>)</li> <li><strong>client-workdocs:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/a88a31d073e755f030a78d46d4657924500be15f">a88a31d0</a>)</li> <li><strong>client-mwaa-serverless:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/7cb9160420bc692521a0eec4f59b1ea16e6b7e10">7cb91604</a>)</li> <li><strong>client-mediapackage:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/eaa31923091a4c04a8811b14c63ae9b31b688d38">eaa31923</a>)</li> <li><strong>client-opensearchserverless:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/d08ce2edcdb37c500c66138d4f6c2c1bac8b36ca">d08ce2ed</a>)</li> <li><strong>client-uxc:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/4d2a80261c03584ad3947b03b0903004da83f83b">4d2a8026</a>)</li> <li><strong>client-route53-recovery-readiness:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/78b2555f57cdd1c38543c47b77873fcb17b2c306">78b2555f</a>)</li> <li><strong>client-glue:</strong> AWS Glue Interactive Sessions now supports Apache Spark Connect, enabling remote Spark execution over gRPC with minimal client-side dependencies. Adds GetSessionEndpoint and GetDashboardUrl APIs. Modifies CreateSession now accepts SPARK CONNECT session type. (<a href="https://github.com/aws/aws-sdk-js-v3/commit/41ebf943216c010b938508d2da389586e0d0a5fb">41ebf943</a>)</li> <li><strong>client-appintegrations:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/3b257e66010f7c5a1da0f3af5c92fbea08d9e368">3b257e66</a>)</li> <li><strong>client-auditmanager:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/b2fff65521418ea053a630f116985d48ade7c70f">b2fff655</a>)</li> <li><strong>client-amplifybackend:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/40fcadd6821780a74f121ff8960bb74296e47c8f">40fcadd6</a>)</li> <li><strong>client-taxsettings:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/dcc90beeea0c2febba9aa034952afc736f0f0635">dcc90bee</a>)</li> <li><strong>client-cloudformation:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/64f2514b791c1ca2e4aaa577439778ea44e4751a">64f2514b</a>)</li> <li><strong>client-wickr:</strong> AWS Wickr now allows network administrators to configure a maximum session duration for non-SSO users in security groups, and display customizable consent popups to users at login for terms of use or compliance acknowledgements. (<a href="https://github.com/aws/aws-sdk-js-v3/commit/ceb38f6b46181ccb1a05990f287e82ac3e98e584">ceb38f6b</a>)</li> <li><strong>client-sagemaker-runtime-http2:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/924b2e3a04ac179162c0f535613295cdae53ad6d">924b2e3a</a>)</li> <li><strong>client-cost-explorer:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/fb8ea9cba5827971024a2059753b8950e19fd320">fb8ea9cb</a>)</li> <li><strong>client-sns:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/1cc60ac87a8da9aebbf96337912b4e65e779ae02">1cc60ac8</a>)</li> <li><strong>client-mediapackage-vod:</strong> Adding new BDD representation of endpoint ruleset (<a href="https://github.com/aws/aws-sdk-js-v3/commit/f949a4c52062a1a7f375eb7da0da46d49484aaae">f949a4c5</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md">@​aws-sdk/client-s3's changelog</a>.</em></p> <blockquote> <h1><a href="https://github.com/aws/aws-sdk-js-v3/compare/v3.1061.0...v3.1062.0">3.1062.0</a> (2026-06-04)</h1> <p><strong>Note:</strong> Version bump only for package <code>@​aws-sdk/client-s3</code></p> <h1><a href="https://github.com/aws/aws-sdk-js-v3/compare/v3.1060.0...v3.1061.0">3.1061.0</a> (2026-06-03)</h1> <p><strong>Note:</strong> Version bump only for package <code>@​aws-sdk/client-s3</code></p> <h1><a href="https://github.com/aws/aws-sdk-js-v3/compare/v3.1059.0...v3.1060.0">3.1060.0</a> (2026-06-03)</h1> <p><strong>Note:</strong> Version bump only for package <code>@​aws-sdk/client-s3</code></p> <h1><a href="https://github.com/aws/aws-sdk-js-v3/compare/v3.1058.0...v3.1059.0">3.1059.0</a> (2026-06-02)</h1> <p><strong>Note:</strong> Version bump only for package <code>@​aws-sdk/client-s3</code></p> <h1><a href="https://github.com/aws/aws-sdk-js-v3/compare/v3.1057.0...v3.1058.0">3.1058.0</a> (2026-06-01)</h1> <p><strong>Note:</strong> Version bump only for package <code>@​aws-sdk/client-s3</code></p> <h1><a href="https://github.com/aws/aws-sdk-js-v3/compare/v3.1056.0...v3.1057.0">3.1057.0</a> (2026-05-29)</h1> <p><strong>Note:</strong> Version bump only for package <code>@​aws-sdk/client-s3</code></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aws/aws-sdk-js-v3/commit/f5235bbaa2e234435fed935ae69df09b33149d0c"><code>f5235bb</code></a> Publish v3.1062.0</li> <li><a href="https://github.com/aws/aws-sdk-js-v3/commit/291ad3664d63b413e6c9631ac0a833e5819ceeaa"><code>291ad36</code></a> chore(scripts): include generated packages when validating declared imports 1...</li> <li><a href="https://github.com/aws/aws-sdk-js-v3/commit/71df2cc54f319fdbd1a6cd82b0317dbb65b386a7"><code>71df2cc</code></a> Publish v3.1061.0</li> <li><a href="https://github.com/aws/aws-sdk-js-v3/commit/121609400451d15166872f5dc2a2d8fe75c7d7f6"><code>1216094</code></a> chore(middleware-sdk-s3): consolidate S3 internal packages (<a href="https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8026">#8026</a>)</li> <li><a href="https://github.com/aws/aws-sdk-js-v3/commit/8aeb92dd6ab42e4b59ebb3ad5a7c43b503af0183"><code>8aeb92d</code></a> Publish v3.1060.0</li> <li><a href="https://github.com/aws/aws-sdk-js-v3/commit/75bb4fc527454646b0992d69d8910e743d81654b"><code>75bb4fc</code></a> Publish v3.1059.0</li> <li><a href="https://github.com/aws/aws-sdk-js-v3/commit/6b082a6526a0bb0ba213bb16b4c97a0b1134bc45"><code>6b082a6</code></a> chore(codegen): sync for adaptive retry fix, EAI_AGAIN transient error (<a href="https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8067">#8067</a>)</li> <li><a href="https://github.com/aws/aws-sdk-js-v3/commit/d7602d4e4256f1c91b499dcfa8e444041fdf96b6"><code>d7602d4</code></a> Publish v3.1058.0</li> <li><a href="https://github.com/aws/aws-sdk-js-v3/commit/e836d5c0437f234ca692615924cf7f88cf2748c6"><code>e836d5c</code></a> Publish v3.1057.0</li> <li><a href="https://github.com/aws/aws-sdk-js-v3/commit/e55a38791745be6ed4be7009808d14a2a393adf9"><code>e55a387</code></a> chore(codegen): sync for smithy 1.71.0 and snapshot-testing fix (<a href="https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8053">#8053</a>)</li> <li>See full diff in <a href="https://github.com/aws/aws-sdk-js-v3/commits/v3.1062.0/clients/client-s3">compare view</a></li> </ul> </details> <br /> Updates `@tanstack/react-query` from 5.100.14 to 5.101.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/TanStack/query/releases">@​tanstack/react-query's releases</a>.</em></p> <blockquote> <h2><code>@​tanstack/react-query-devtools</code><a href="https://github.com/5"><code>@​5</code></a>.101.0</h2> <h3>Patch Changes</h3> <ul> <li>Updated dependencies [<a href="https://github.com/TanStack/query/commit/3042860e3c8731c94ca4dec0e277e415d0484fce"><code>3042860</code></a>, <a href="https://github.com/TanStack/query/commit/e631dc3fa17bff71f413246b7a770a730016d346"><code>e631dc3</code></a>]: <ul> <li><code>@​tanstack/query-devtools</code><a href="https://github.com/5"><code>@​5</code></a>.101.0</li> <li><code>@​tanstack/react-query</code><a href="https://github.com/5"><code>@​5</code></a>.101.0</li> </ul> </li> </ul> <h2><code>@​tanstack/react-query-next-experimental</code><a href="https://github.com/5"><code>@​5</code></a>.101.0</h2> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/TanStack/query/pull/10857">#10857</a> <a href="https://github.com/TanStack/query/commit/7cf5923308fb91f3eff0fe952d8c64676e2bdad7"><code>7cf5923</code></a> - fix(react-query-next-experimental): replace deprecated 'isServer' with 'environmentManager.isServer()'</p> </li> <li> <p>Updated dependencies []:</p> <ul> <li><code>@​tanstack/react-query</code><a href="https://github.com/5"><code>@​5</code></a>.101.0</li> </ul> </li> </ul> <h2><code>@​tanstack/react-query-persist-client</code><a href="https://github.com/5"><code>@​5</code></a>.101.0</h2> <h3>Patch Changes</h3> <ul> <li>Updated dependencies []: <ul> <li><code>@​tanstack/query-persist-client-core</code><a href="https://github.com/5"><code>@​5</code></a>.101.0</li> <li><code>@​tanstack/react-query</code><a href="https://github.com/5"><code>@​5</code></a>.101.0</li> </ul> </li> </ul> <h2><code>@​tanstack/react-query</code><a href="https://github.com/5"><code>@​5</code></a>.101.0</h2> <h3>Patch Changes</h3> <ul> <li>Updated dependencies []: <ul> <li><code>@​tanstack/query-core</code><a href="https://github.com/5"><code>@​5</code></a>.101.0</li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md">@​tanstack/react-query's changelog</a>.</em></p> <blockquote> <h2>5.101.0</h2> <h3>Patch Changes</h3> <ul> <li>Updated dependencies []: <ul> <li><code>@​tanstack/query-core</code><a href="https://github.com/5"><code>@​5</code></a>.101.0</li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/TanStack/query/commit/f3d8d2abbf15bf81ff7575d3be9845d7b402f25a"><code>f3d8d2a</code></a> ci: Version Packages (<a href="https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10774">#10774</a>)</li> <li><a href="https://github.com/TanStack/query/commit/532bb298fba15e945e69c6ee4edc0c759ff21324"><code>532bb29</code></a> fix(tests): disable local coverage instrumentation (<a href="https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10776">#10776</a>)</li> <li>See full diff in <a href="https://github.com/TanStack/query/commits/@tanstack/react-query@5.101.0/packages/react-query">compare view</a></li> </ul> </details> <br /> Updates `axios` from 1.16.1 to 1.17.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/axios/axios/releases">axios's releases</a>.</em></p> <blockquote> <h2>v1.17.0 — June 1, 2026</h2> <p>This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.</p> <h2>🔒 Security Fixes</h2> <ul> <li><strong>Config Hardening:</strong> Guarded <code>socketPath</code>, <code>params</code>, and <code>paramsSerializer</code> reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (<strong><a href="https://redirect.github.com/axios/axios/issues/10901">#10901</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10922">#10922</a></strong>)</li> <li><strong>Release Publishing:</strong> Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (<strong><a href="https://redirect.github.com/axios/axios/issues/10926">#10926</a></strong>)</li> </ul> <h2>🚀 New Features</h2> <ul> <li><strong>HTTP Compression:</strong> Added Node HTTP adapter support for zstd response decompression, with <code>transitional.advertiseZstdAcceptEncoding</code> controlling whether <code>zstd</code> is advertised in <code>Accept-Encoding</code>. (<strong><a href="https://redirect.github.com/axios/axios/issues/6792">#6792</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10920">#10920</a></strong>)</li> </ul> <h2>🐛 Bug Fixes</h2> <ul> <li><strong>Authentication Handling:</strong> Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (<strong><a href="https://redirect.github.com/axios/axios/issues/10929">#10929</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10896">#10896</a></strong>)</li> <li><strong>Proxy TLS:</strong> Preserved user <code>httpsAgent</code> TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (<strong><a href="https://redirect.github.com/axios/axios/issues/10957">#10957</a></strong>)</li> <li><strong>React Native FormData:</strong> Cleared default <code>Content-Type</code> for React Native <code>FormData</code> so multipart boundaries can be generated correctly. (<strong><a href="https://redirect.github.com/axios/axios/issues/10898">#10898</a></strong>)</li> <li><strong>Headers:</strong> Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (<strong><a href="https://redirect.github.com/axios/axios/issues/10875">#10875</a></strong>)</li> <li><strong>Request Data Merging:</strong> Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (<strong><a href="https://redirect.github.com/axios/axios/issues/10812">#10812</a></strong>)</li> <li><strong>Bundler Compatibility:</strong> Converted <code>resolveConfig</code> from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (<strong><a href="https://redirect.github.com/axios/axios/issues/10891">#10891</a></strong>)</li> <li><strong>Types:</strong> Corrected <code>AxiosHeaders.toJSON()</code> return types and updated CommonJS <code>isCancel</code> typings to narrow to <code>CanceledError&lt;T&gt;</code>. (<strong><a href="https://redirect.github.com/axios/axios/issues/10956">#10956</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10952">#10952</a></strong>)</li> <li><strong>Build Tooling:</strong> Avoided emitting a null <code>Authorization</code> header from the GitHub build helper when <code>GITHUB_TOKEN</code> is unset. (<strong><a href="https://redirect.github.com/axios/axios/issues/10931">#10931</a></strong>)</li> </ul> <h2>🔧 Maintenance &amp; Chores</h2> <ul> <li><strong>HTTP/2 Internals:</strong> Extracted <code>Http2Sessions</code> into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (<strong><a href="https://redirect.github.com/axios/axios/issues/10861">#10861</a></strong>)</li> <li><strong>Package Publishing:</strong> Reduced published package size by switching to a <code>files</code> allowlist and dropping unneeded unminified bundle source maps. (<strong><a href="https://redirect.github.com/axios/axios/issues/10939">#10939</a></strong>)</li> <li><strong>CI and Release Automation:</strong> Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (<strong><a href="https://redirect.github.com/axios/axios/issues/10907">#10907</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10911">#10911</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10916">#10916</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10927">#10927</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10935">#10935</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10983">#10983</a></strong>)</li> <li><strong>Developer Workflow:</strong> Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (<strong><a href="https://redirect.github.com/axios/axios/issues/10925">#10925</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10914">#10914</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10958">#10958</a></strong>)</li> <li><strong>Documentation and Policy:</strong> Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (<strong><a href="https://redirect.github.com/axios/axios/issues/10890">#10890</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10889">#10889</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10921">#10921</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10945">#10945</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10905">#10905</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10933">#10933</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10915">#10915</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10887">#10887</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10955">#10955</a></strong>)</li> <li><strong>Dependencies:</strong> Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, <code>fs-extra</code>, <code>qs</code>, docs dependencies, and GitHub Actions dependencies including <code>actions/dependency-review-action</code> and <code>zizmorcore/zizmor-action</code>. (<strong><a href="https://redirect.github.com/axios/axios/issues/10871">#10871</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10879">#10879</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10918">#10918</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10919">#10919</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10934">#10934</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10947">#10947</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10954">#10954</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10960">#10960</a></strong>)</li> </ul> <h2>🌟 New Contributors</h2> <p>We are thrilled to welcome our new contributors. Thank you for helping improve axios:</p> <ul> <li><strong><a href="https://github.com/BasixKOR"><code>@​BasixKOR</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/6792">#6792</a></strong>)</li> <li><strong><a href="https://github.com/carladams1299-lab"><code>@​carladams1299-lab</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10861">#10861</a></strong>)</li> <li><strong><a href="https://github.com/LaplaceYoung"><code>@​LaplaceYoung</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10812">#10812</a></strong>)</li> <li><strong><a href="https://github.com/JamieMagee"><code>@​JamieMagee</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10939">#10939</a></strong>)</li> <li><strong><a href="https://github.com/RonGamzu"><code>@​RonGamzu</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10905">#10905</a></strong>)</li> <li><strong><a href="https://github.com/sapirbaruch"><code>@​sapirbaruch</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10891">#10891</a></strong>)</li> <li><strong><a href="https://github.com/nezukoagent"><code>@​nezukoagent</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10901">#10901</a></strong>)</li> <li><strong><a href="https://github.com/devareddy05"><code>@​devareddy05</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10929">#10929</a></strong>)</li> <li><strong><a href="https://github.com/Mohammad-Faiz-Cloud-Engineer"><code>@​Mohammad-Faiz-Cloud-Engineer</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10922">#10922</a></strong>)</li> <li><strong><a href="https://github.com/azandabot"><code>@​azandabot</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10931">#10931</a></strong>)</li> <li><strong><a href="https://github.com/niksy"><code>@​niksy</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10896">#10896</a></strong>)</li> </ul> <p><a href="https://github.com/axios/axios/compare/v1.16.1...v1.17.0">Full Changelog</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/axios/axios/blob/v1.x/CHANGELOG.md">axios's changelog</a>.</em></p> <blockquote> <h2>v1.17.0 — June 1, 2026</h2> <p>This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.</p> <h2>🔒 Security Fixes</h2> <ul> <li><strong>Config Hardening:</strong> Guarded <code>socketPath</code>, <code>params</code>, and <code>paramsSerializer</code> reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (<strong><a href="https://redirect.github.com/axios/axios/issues/10901">#10901</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10922">#10922</a></strong>)</li> <li><strong>Release Publishing:</strong> Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (<strong><a href="https://redirect.github.com/axios/axios/issues/10926">#10926</a></strong>)</li> </ul> <h2>🚀 New Features</h2> <ul> <li><strong>HTTP Compression:</strong> Added Node HTTP adapter support for zstd response decompression, with <code>transitional.advertiseZstdAcceptEncoding</code> controlling whether <code>zstd</code> is advertised in <code>Accept-Encoding</code>. (<strong><a href="https://redirect.github.com/axios/axios/issues/6792">#6792</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10920">#10920</a></strong>)</li> </ul> <h2>🐛 Bug Fixes</h2> <ul> <li><strong>Authentication Handling:</strong> Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (<strong><a href="https://redirect.github.com/axios/axios/issues/10929">#10929</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10896">#10896</a></strong>)</li> <li><strong>Proxy TLS:</strong> Preserved user <code>httpsAgent</code> TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (<strong><a href="https://redirect.github.com/axios/axios/issues/10957">#10957</a></strong>)</li> <li><strong>React Native FormData:</strong> Cleared default <code>Content-Type</code> for React Native <code>FormData</code> so multipart boundaries can be generated correctly. (<strong><a href="https://redirect.github.com/axios/axios/issues/10898">#10898</a></strong>)</li> <li><strong>Headers:</strong> Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (<strong><a href="https://redirect.github.com/axios/axios/issues/10875">#10875</a></strong>)</li> <li><strong>Request Data Merging:</strong> Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (<strong><a href="https://redirect.github.com/axios/axios/issues/10812">#10812</a></strong>)</li> <li><strong>Bundler Compatibility:</strong> Converted <code>resolveConfig</code> from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (<strong><a href="https://redirect.github.com/axios/axios/issues/10891">#10891</a></strong>)</li> <li><strong>Types:</strong> Corrected <code>AxiosHeaders.toJSON()</code> return types and updated CommonJS <code>isCancel</code> typings to narrow to <code>CanceledError&lt;T&gt;</code>. (<strong><a href="https://redirect.github.com/axios/axios/issues/10956">#10956</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10952">#10952</a></strong>)</li> <li><strong>Build Tooling:</strong> Avoided emitting a null <code>Authorization</code> header from the GitHub build helper when <code>GITHUB_TOKEN</code> is unset. (<strong><a href="https://redirect.github.com/axios/axios/issues/10931">#10931</a></strong>)</li> </ul> <h2>🔧 Maintenance &amp; Chores</h2> <ul> <li><strong>HTTP/2 Internals:</strong> Extracted <code>Http2Sessions</code> into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (<strong><a href="https://redirect.github.com/axios/axios/issues/10861">#10861</a></strong>)</li> <li><strong>Package Publishing:</strong> Reduced published package size by switching to a <code>files</code> allowlist and dropping unneeded unminified bundle source maps. (<strong><a href="https://redirect.github.com/axios/axios/issues/10939">#10939</a></strong>)</li> <li><strong>CI and Release Automation:</strong> Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (<strong><a href="https://redirect.github.com/axios/axios/issues/10907">#10907</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10911">#10911</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10916">#10916</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10927">#10927</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10935">#10935</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10983">#10983</a></strong>)</li> <li><strong>Developer Workflow:</strong> Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (<strong><a href="https://redirect.github.com/axios/axios/issues/10925">#10925</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10914">#10914</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10958">#10958</a></strong>)</li> <li><strong>Documentation and Policy:</strong> Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (<strong><a href="https://redirect.github.com/axios/axios/issues/10890">#10890</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10889">#10889</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10921">#10921</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10945">#10945</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10905">#10905</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10933">#10933</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10915">#10915</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10887">#10887</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10955">#10955</a></strong>)</li> <li><strong>Dependencies:</strong> Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, <code>fs-extra</code>, <code>qs</code>, docs dependencies, and GitHub Actions dependencies including <code>actions/dependency-review-action</code> and <code>zizmorcore/zizmor-action</code>. (<strong><a href="https://redirect.github.com/axios/axios/issues/10871">#10871</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10879">#10879</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10918">#10918</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10919">#10919</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10934">#10934</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10947">#10947</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10954">#10954</a></strong>, <strong><a href="https://redirect.github.com/axios/axios/issues/10960">#10960</a></strong>)</li> </ul> <h2>🌟 New Contributors</h2> <p>We are thrilled to welcome our new contributors. Thank you for helping improve axios:</p> <ul> <li><strong><a href="https://github.com/BasixKOR"><code>@​BasixKOR</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/6792">#6792</a></strong>)</li> <li><strong><a href="https://github.com/carladams1299-lab"><code>@​carladams1299-lab</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10861">#10861</a></strong>)</li> <li><strong><a href="https://github.com/LaplaceYoung"><code>@​LaplaceYoung</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10812">#10812</a></strong>)</li> <li><strong><a href="https://github.com/JamieMagee"><code>@​JamieMagee</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10939">#10939</a></strong>)</li> <li><strong><a href="https://github.com/RonGamzu"><code>@​RonGamzu</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10905">#10905</a></strong>)</li> <li><strong><a href="https://github.com/sapirbaruch"><code>@​sapirbaruch</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10891">#10891</a></strong>)</li> <li><strong><a href="https://github.com/nezukoagent"><code>@​nezukoagent</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10901">#10901</a></strong>)</li> <li><strong><a href="https://github.com/devareddy05"><code>@​devareddy05</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10929">#10929</a></strong>)</li> <li><strong><a href="https://github.com/Mohammad-Faiz-Cloud-Engineer"><code>@​Mohammad-Faiz-Cloud-Engineer</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10922">#10922</a></strong>)</li> <li><strong><a href="https://github.com/azandabot"><code>@​azandabot</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10931">#10931</a></strong>)</li> <li><strong><a href="https://github.com/niksy"><code>@​niksy</code></a></strong> (<strong><a href="https://redirect.github.com/axios/axios/issues/10896">#10896</a></strong>)</li> </ul> <p><a href="https://github.com/axios/axios/compare/v1.16.1...v1.17.0">Full Changelog</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/axios/axios/commit/4306df21e84332fc576e98c2de549347c06bfb76"><code>4306df2</code></a> chore: add fun 88 sponsorship</li> <li><a href="https://github.com/axios/axios/commit/931cc8f0106db4c9885403f85364b9e09ae1f6dc"><code>931cc8f</code></a> chore(release): prepare release 1.17.0 (<a href="https://redirect.github.com/axios/axios/issues/10983">#10983</a>)</li> <li><a href="https://github.com/axios/axios/commit/38ba1b3d2b0aa5ada0463a37a548feb83a84dfa1"><code>38ba1b3</code></a> fix(fetch): support basic auth from URL (<a href="https://redirect.github.com/axios/axios/issues/10896">#10896</a>)</li> <li><a href="https://github.com/axios/axios/commit/32e2515f1e09b649723e4acd89d920df13eee77e"><code>32e2515</code></a> fix: replace ternary side effect in script (<a href="https://redirect.github.com/axios/axios/issues/10931">#10931</a>)</li> <li><a href="https://github.com/axios/axios/commit/030e7223831b0f562af3eb7501b24242c8a4c5ba"><code>030e722</code></a> chore(deps): bump axios from 1.15.2 to 1.16.1 in /docs (<a href="https://redirect.github.com/axios/axios/issues/10960">#10960</a>)</li> <li><a href="https://github.com/axios/axios/commit/ec63164ac6b7a1fcd6b742a8628d3fffe23ce001"><code>ec63164</code></a> chore: remove openspec (<a href="https://redirect.github.com/axios/axios/issues/10958">#10958</a>)</li> <li><a href="https://github.com/axios/axios/commit/3dec28f94ce29d396d5f2d9718805b47428dc7ab"><code>3dec28f</code></a> fix(http): preserve TLS options for proxy tunnels (<a href="https://redirect.github.com/axios/axios/issues/10957">#10957</a>)</li> <li><a href="https://github.com/axios/axios/commit/a2390a5c059342bcac2a5297728181dd9939f562"><code>a2390a5</code></a> fix: correct isCancel type to narrow to CanceledError&lt;T&gt; (<a href="https://redirect.github.com/axios/axios/issues/10952">#10952</a>)</li> <li><a href="https://github.com/axios/axios/commit/fa01b9255d71e72599826428bc6c60f34994c6ce"><code>fa01b92</code></a> chore(deps-dev): bump tmp from 0.2.5 to 0.2.7 in /docs (<a href="https://redirect.github.com/axios/axios/issues/10954">#10954</a>)</li> <li><a href="https://github.com/axios/axios/commit/2d2314a1ac29ce6723eb53e130b4a36617fd201c"><code>2d2314a</code></a> fix: AxiosHeaders <code>toJSON()</code> return types (<a href="https://redirect.github.com/axios/axios/issues/10956">#10956</a>)</li> <li>Additional commits viewable in <a href="https://github.com/axios/axios/compare/v1.16.1...v1.17.0">compare view</a></li> </ul> </details> <br /> Updates `js-yaml` from 4.1.1 to 4.2.0 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md">js-yaml's changelog</a>.</em></p> <blockquote> <h2>[4.2.0] - 2026-06-01</h2> <h3>Added</h3> <ul> <li>Added <code>docs/safety.md</code> with notes about processing untrusted YAML.</li> <li>Added <code>maxDepth</code> (100) loader option. Not a problem, but gives a better exception instead of RangeError on stack overflow.</li> <li>Added <code>maxMergeSeqLength</code> (20) loader option. Not a problem after <code>merge</code> fix, but an additional restriction for safety.</li> <li>Added sourcemaps to <code>dist/</code> builds.</li> </ul> <h3>Changed</h3> <ul> <li>Stop resolving numbers with underscores as numeric scalars, <a href="https://redirect.github.com/nodeca/js-yaml/issues/627">#627</a>.</li> <li>Switched dev toolchains to Vite / neostandard.</li> <li>Updated demo.</li> <li>Reorganized tests.</li> <li><code>dist/</code> files are no longer kept in the repository.</li> </ul> <h3>Fixed</h3> <ul> <li>Fix parsing of properties on the first implicit block mapping key, <a href="https://redirect.github.com/nodeca/js-yaml/issues/62">#62</a>.</li> <li>Fix trailing whitespace handling when folding flow scalar lines, <a href="https://redirect.github.com/nodeca/js-yaml/issues/307">#307</a>.</li> <li>Reject top-level block scalars without content indentation, <a href="https://redirect.github.com/nodeca/js-yaml/issues/280">#280</a>.</li> <li>Ensure numbers survive round-trip, <a href="https://redirect.github.com/nodeca/js-yaml/issues/737">#737</a>.</li> <li>Fix test coverage for issue <a href="https://redirect.github.com/nodeca/js-yaml/issues/221">#221</a>.</li> <li>Fix flow scalar trailing whitespace folding, <a href="https://redirect.github.com/nodeca/js-yaml/issues/307">#307</a>.</li> <li>Fix digits in YAML named tag handles.</li> </ul> <h3>Security</h3> <ul> <li>Fix potential DoS via quadratic complexity in merge - deduplicate repeated elements (makes sense for malformed files &gt; 10K).</li> </ul> <h2>[3.14.2] - 2025-11-15</h2> <h3>Security</h3> <ul> <li>Backported v4.1.1 fix to v3</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/nodeca/js-yaml/commits">compare view</a></li> </ul> </details> <br /> Updates `posthog-node` from 5.35.6 to 5.36.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/PostHog/posthog-js/releases">posthog-node's releases</a>.</em></p> <blockquote> <h2>posthog-node@5.36.2</h2> <h2>5.36.2</h2> <h3>Patch Changes</h3> <ul> <li>Updated dependencies []: <ul> <li><code>@​posthog/core</code><a href="https://github.com/1"><code>@​1</code></a>.30.8</li> </ul> </li> </ul> <h2>posthog-node@5.36.1</h2> <h2>5.36.1</h2> <h3>Patch Changes</h3> <ul> <li>Updated dependencies []: <ul> <li><code>@​posthog/core</code><a href="https://github.com/1"><code>@​1</code></a>.30.7</li> </ul> </li> </ul> <h2>posthog-node@5.36.0</h2> <h2>5.36.0</h2> <h3>Minor Changes</h3> <ul> <li><a href="https://redirect.github.com/PostHog/posthog-js/pull/3728">#3728</a> <a href="https://github.com/PostHog/posthog-js/commit/9287c87b7d4cf00160269d0cc648074f27c0847a"><code>9287c87</code></a> Thanks <a href="https://github.com/turnipdabeets"><code>@​turnipdabeets</code></a>! - Add a configurable <code>$is_server</code> event property (default <code>true</code>) so PostHog can identify server-side events. Set <code>isServer: false</code> when using the SDK as a client/CLI so the device OS is attributed normally. (2026-06-04)</li> </ul> <h2>posthog-node@5.35.15</h2> <h2>5.35.15</h2> <h3>Patch Changes</h3> <ul> <li>Updated dependencies []: <ul> <li><code>@​posthog/core</code><a href="https://github.com/1"><code>@​1</code></a>.30.6</li> </ul> </li> </ul> <h2>posthog-node@5.35.14</h2> <h2>5.35.14</h2> <h3>Patch Changes</h3> <ul> <li>Updated dependencies []: <ul> <li><code>@​posthog/core</code><a href="https://github.com/1"><code>@​1</code></a>.30.5</li> </ul> </li> </ul> <h2>posthog-node@5.35.13</h2> <h2>5.35.13</h2> <h3>Patch Changes</h3> <ul> <li>Updated dependencies []: <ul> <li><code>@​posthog/core</code><a href="https://github.com/1"><code>@​1</code></a>.30.4</li> </ul> </li> </ul> <h2>posthog-node@5.35.12</h2> <h2>5.35.12</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/PostHog/posthog-js/blob/main/packages/node/CHANGELOG.md">posthog-node's changelog</a>.</em></p> <blockquote> <h2>5.36.2</h2> <h3>Patch Changes</h3> <ul> <li>Updated dependencies []: <ul> <li><code>@​posthog/core</code><a href="https://github.com/1"><code>@​1</code></a>.30.8</li> </ul> </li> </ul> <h2>5.36.1</h2> <h3>Patch Changes</h3> <ul> <li>Updated dependencies []: <ul> <li><code>@​posthog/core</code><a href="https://github.com/1"><code>@​1</code></a>.30.7</li> </ul> </li> </ul> <h2>5.36.0</h2> <h3>Minor Changes</h3> <ul> <li><a href="https://redirect.github.com/PostHog/posthog-js/pull/3728">#3728</a> <a href="https://github.com/PostHog/posthog-js/commit/9287c87b7d4cf00160269d0cc648074f27c0847a"><code>9287c87</code></a> Thanks <a href="https://github.com/turnipdabeets"><code>@​turnipdabeets</code></a>! - Add a configurable <code>$is_server</code> event property (default <code>true</code>) so PostHog can identify server-side events. Set <code>isServer: false</code> when using the SDK as a client/CLI so the device OS is attributed normally. (2026-06-04)</li> </ul> <h2>5.35.15</h2> <h3>Patch Changes</h3> <ul> <li>Updated dependencies []: <ul> <li><code>@​posthog/core</code><a href="https://github.com/1"><code>@​1</code></a>.30.6</li> </ul> </li> </ul> <h2>5.35.14</h2> <h3>Patch Changes</h3> <ul> <li>Updated dependencies []: <ul> <li><code>@​posthog/core</code><a href="https://github.com/1"><code>@​1</code></a>.30.5</li> </ul> </li> </ul> <h2>5.35.13</h2> <h3>Patch Changes</h3> <ul> <li>Updated dependencies []: <ul> <li><code>@​posthog/core</code><a href="https://github.com/1"><code>@​1</code></a>.30.4</li> </ul> </li> </ul> <h2>5.35.12</h2> <h3>Patch Changes</h3> <ul> <li>Updated dependencies []: <ul> <li><code>@​posthog/core</code><a href="https://github.com/1"><code>@​1</code></a>.30.3</li> </ul> </li> </ul> <h2>5.35.11</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/PostHog/posthog-js/commit/a8fd22825d9e9203ed88084d2c07b7b31e585f2f"><code>a8fd228</code></a> chore: update versions and lockfile [version bump]</li> <li><a href="https://github.com/PostHog/posthog-js/commit/287ad9fcbb0990f770ab8e0a4311e8fcde6855be"><code>287ad9f</code></a> chore: update versions and lockfile [version bump]</li> <li><a href="https://github.com/PostHog/posthog-js/commit/dc1e1935b1e9e6f26b184e6adb19d68f44a5682e"><code>dc1e193</code></a> chore: update versions and lockfile [version bump]</li> <li><a href="https://github.com/PostHog/posthog-js/commit/9287c87b7d4cf00160269d0cc648074f27c0847a"><code>9287c87</code></a> feat: emit $is_server property on captured events (<a href="https://github.com/PostHog/posthog-js/tree/HEAD/packages/node/issues/3728">#3728</a>)</li> <li><a href="https://github.com/PostHog/posthog-js/commit/b539fcbe64515945a18190b6c973a1bd727b75f1"><code>b539fcb</code></a> chore: update versions and lockfile [version bump]</li> <li><a href="https://github.com/PostHog/posthog-js/commit/79de44145333bd1c18b6c240fef35baf25dba37d"><code>79de441</code></a> chore: update versions and lockfile [version bump]</li> <li><a href="https://github.com/PostHog/posthog-js/commit/4a8cacc72ea1f8a371b06e9e92f1d2671190e48a"><code>4a8cacc</code></a> chore: add Sentry attribution comments (<a href="https://github.com/PostHog/posthog-js/tree/HEAD/packages/node/issues/3738">#3738</a>)</li> <li><a href="https://github.com/PostHog/posthog-js/commit/d385e2a28b4f540620ba8afb0d5ae87839d745ce"><code>d385e2a</code></a> chore: clarify error tracking comments (<a href="https://github.com/PostHog/posthog-js/tree/HEAD/packages/node/issues/3735">#3735</a>)</li> <li><a href="https://github.com/PostHog/posthog-js/commit/808862de025f2d1b0f0fad7deaa1e3e3c09feb96"><code>808862d</code></a> chore: update versions and lockfile [version bump]</li> <li><a href="https://github.com/PostHog/posthog-js/commit/f052bd78cd8bfac5b7a28a7bb94a714b6da651f7"><code>f052bd7</code></a> chore: update versions and lockfile [version bump]</li> <li>Additional commits viewable in <a href="https://github.com/PostHog/posthog-js/commits/posthog-node@5.36.2/packages/node">compare view</a></li> </ul> </details> <br /> Updates `react-hook-form` from 7.76.1 to 7.77.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/react-hook-form/react-hook-form/releases">react-hook-form's releases</a>.</em></p> <blockquote> <h2>Version 7.77.0</h2> <p>🥡 feat: add resetDefaultValues API (<a href="https://redirect.github.com/react-hook-form/react-hook-form/issues/13427">#13427</a>)</p> <p><a href="https://react-hook-form.com/docs/useform/resetdefaultvalues">https://react-hook-form.com/docs/useform/resetdefaultvalues</a></p> <pre lang="tsx"><code>const { resetDefaultValues } = useForm(); <p>resetDefaultValues(currentValues); </code></pre></p> <p>🐚 harden get() against prototype-path traversal (<strong>proto</strong> / constructor / prototype) (<a href="https://redirect.github.com/react-hook-form/react-hook-form/issues/13479">#13479</a>) 🐞 fix FieldArray errors overriding nested fields (<a href="https://redirect.github.com/react-hook-form/react-hook-form/issues/13476">#13476</a>) 🐞 fix inconsistent reset({}) behavior requiring double-call to take effect (<a href="https://redirect.github.com/react-hook-form/react-hook-form/issues/13473">#13473</a>) 🐞 fix: preserve values with shouldUnregister (<a href="https://redirect.github.com/react-hook-form/react-hook-form/issues/13464">#13464</a>) 🐞 fix stale isDirty in subscribe payload after reset(..., { keepValues: true }) (<a href="https://redirect.github.com/react-hook-form/react-hook-form/issues/13461">#13461</a>) 👝 save bundle size (<a href="https://redirect.github.com/react-hook-form/react-hook-form/issues/13468">#13468</a>)</p> <p>thanks to <a href="https://github.com/puneetdixit200"><code>@​puneetdixit200</code></a> &amp; <a href="https://github.com/dfedoryshchev"><code>@​dfedoryshchev</code></a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/react-hook-form/react-hook-form/blob/master/CHANGELOG.md">react-hook-form's changelog</a>.</em></p> <blockquote> <h2>[7.77.0] - 2026-05-31</h2> <h3>Added</h3> <ul> <li><code>resetDefaultValues</code> API</li> </ul> <h3>Fixed</h3> <ul> <li>Stale <code>isDirty</code> in <code>subscribe</code> payload after <code>reset(..., { keepValues: true })</code></li> <li>Preserve values with <code>shouldUnregister</code></li> <li>Inconsistent <code>reset({})</code> behavior requiring double-call to take effect</li> <li><code>FieldArray</code> errors overriding nested fields</li> </ul> <h3>Security</h3> <ul> <li>Harden <code>get()</code> against prototype-path traversal (<code>__proto__</code> / <code>constructor</code> / <code>prototype</code>)</li> </ul> <h3>Performance</h3> <ul> <li>Bundle size reduction</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/react-hook-form/react-hook-form/commit/5b2074157e342d0ecf2924bbd044196bfcc067fd"><code>5b20741</code></a> 7.77.0</li> <li><a href="https://github.com/react-hook-form/react-hook-form/commit/f1a02d3fb0b97b1f1abe68bc522ff00989e3d8d5"><code>f1a02d3</code></a> 🧪 add regression coverage for createFormControl + useController remount defau...</li> <li><a href="https://github.com/react-hook-form/react-hook-form/commit/ba88c3d5bbfdad726f79c028a9377f109c5edaf0"><code>ba88c3d</code></a> 📚 docs: fix JSDoc for UseFormWatch (<a href="https://redirect.github.com/react-hook-form/react-hook-form/issues/13486">#13486</a>)</li> <li><a href="https://github.com/react-hook-form/react-hook-form/commit/54198d9d807df801249ec0d33438643dcc77159d"><code>54198d9</code></a> 🥡 feat: add <code>resetDefaultValues</code> API (<a href="https://redirect.github.com/react-hook-form/react-hook-form/issues/13427">#13427</a>)</li> <li><a href="https://github.com/react-hook-form/react-hook-form/commit/fe8276e531f897ffcbc0c64d3d466ad49ceb072c"><code>fe8276e</code></a> 📚 docs: fix duplicate &quot;de&quot; in es-ES README image alt text (<a href="https://redirect.github.com/react-hook-form/react-hook-form/issues/13481">#13481</a>)</li> <li><a href="https://github.com/react-hook-form/react-hook-form/commit/6aa81f9e1835c85c1cba08fb929b16fbff7aa813"><code>6aa81f9</code></a> 🐚 harden <code>get()</code> against prototype-path traversal (<code>__proto__</code> / `constructor...</li> <li><a href="https://github.com/react-hook-form/react-hook-form/commit/645478be493ee2d992275db6bf7bb98d64de459b"><code>645478b</code></a> 🐞 fix FieldArray errors overriding nested fields (<a href="https://redirect.github.com/react-hook-form/react-hook-form/issues/13476">#13476</a>)</li> <li><a href="https://github.com/react-hook-form/react-hook-form/commit/889c7523d6c5c68bfc3c78142782cb0a3310729d"><code>889c752</code></a> 🧪 add regression coverage for dynamic nested names with useController and wat...</li> <li><a href="https://github.com/react-hook-form/react-hook-form/commit/581321c8ab8bfb5d3fe11ce7ed7004aa282f0976"><code>581321c</code></a> 🐞 fix inconsistent reset({}) behavior requiring double-call to take effect (#...</li> <li><a href="https://github.com/react-hook-form/react-hook-form/commit/f8eb2d7d237e290c42ec0785d2708cce942e7d54"><code>f8eb2d7</code></a> 🌭 upgrade deps (<a href="https://redirect.github.com/react-hook-form/react-hook-form/issues/13470">#13470</a>)</li> <li>Additional commits viewable in <a href="https://github.com/react-hook-form/react-hook-form/compare/v7.76.1...v7.77.0">compare view</a></li> </ul> </details> <br /> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-06-15 10:56:31 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/pangolin#33531