[PR #1953] [CLOSED] Bump the prod-patch-updates group across 1 directory with 5 updates #7582

New Issue

Closed

opened 2026-04-25 16:18:51 -05:00 by GiteaMirror · 0 comments

GiteaMirror commented 2026-04-25 16:18:51 -05:00

Owner

Copy Link

📋 Pull Request Information

Original PR: https://github.com/fosrl/pangolin/pull/1953
Author: @dependabot[bot]
Created: 12/1/2025
Status: ❌ Closed

Base: main ← Head: dependabot/npm_and_yarn/prod-patch-updates-ade788a5c4

---

📝 Commits (1)

• 873a611 Bump the prod-patch-updates group across 1 directory with 5 updates

📊 Changes

2 files changed (+71 additions, -48 deletions)

View changed files

📝 package-lock.json (+65 -42)
📝 package.json (+6 -6)

📄 Description

Bumps the prod-patch-updates group with 5 updates in the / directory:

Package	From	To
eslint-config-next	16.0.3	16.0.6
http-errors	2.0.0	2.0.1
nodemailer	7.0.10	7.0.11
react-day-picker	9.11.1	9.11.3
yaml	2.8.1	2.8.2

Updates eslint-config-next from 16.0.3 to 16.0.6

Release notes

Sourced from eslint-config-next's releases.

v16.0.6

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• bump the browserslist version to silence a warning in CI (#86625)

Credits

Huge thanks to @​lukesandberg for helping!

v16.0.5

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• fix(nodejs-middleware): await for body cloning to be properly finalized (#85418)

Credits

Huge thanks to @​lucasadrianof for helping!

v16.0.4

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• fix: Rename proxy.js to middleware.js in NFT file (#86214)
• fix: prevent fetch abort errors propagating to user error boundaries (#86277)
• Turbopack: fix passing project options from napi (#86256)

Credits

Huge thanks to @​devjiwonchoi, @​sokra and @​ztanner for helping!

Commits

• aab1edc v16.0.6
• 89ccb9f v16.0.5
• d440c75 v16.0.4
• See full diff in compare view

Updates http-errors from 2.0.0 to 2.0.1

Release notes

Sourced from http-errors's releases.

v2.0.1

What's Changed

• Add support for OSSF scorecard reporting by @​carpasse in jshttp/http-errors#107
• refactor: improve toClassName function readability and JSDoc completeness by @​Ayoub-Mabrouk in jshttp/http-errors#112
• chore: upgrade scorecard workflow pinned action versions by @​carpasse in jshttp/http-errors#113
• Add test for extending native errors w/o altering prototype by @​jonchurch in jshttp/http-errors#106
• remove --bail from test script by @​jonchurch in jshttp/http-errors#114
• [StepSecurity] Apply security best practices by @​step-security-bot in jshttp/http-errors#116
• build(deps): bump actions/checkout from 2.7.0 to 4.2.2 by @​dependabot[bot] in jshttp/http-errors#117
• build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.2 by @​dependabot[bot] in jshttp/http-errors#118
• build(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 by @​dependabot[bot] in jshttp/http-errors#119
• build(deps): bump actions/upload-artifact from 4.5.0 to 4.6.2 by @​dependabot[bot] in jshttp/http-errors#121
• build(deps): bump github/codeql-action from 3.27.9 to 3.28.18 by @​dependabot[bot] in jshttp/http-errors#123
• fix: use ubuntu-latest as ci runner by @​UlisesGascon in jshttp/http-errors#124
• remove --bail by @​jonchurch in jshttp/http-errors#125
• deps: update statuses and switch fixed versions to tilde (~) by @​Phillip9587 in jshttp/http-errors#126
• chore: add funding to package.json by @​Phillip9587 in jshttp/http-errors#130
• build(deps): bump github/codeql-action from 3.28.18 to 3.29.5 by @​dependabot[bot] in jshttp/http-errors#131
• ci: add nodejs v18 - v24 to test matrix by @​Phillip9587 in jshttp/http-errors#127
• build(deps-dev): bump eslint-plugin-import from 2.25.3 to 2.32.0 by @​dependabot[bot] in jshttp/http-errors#129
• build(deps): bump github/codeql-action from 3.29.7 to 3.29.11 by @​dependabot[bot] in jshttp/http-errors#133
• build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @​dependabot[bot] in jshttp/http-errors#132
• build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by @​dependabot[bot] in jshttp/http-errors#138
• build(deps): bump github/codeql-action from 3.29.11 to 4.31.2 by @​dependabot[bot] in jshttp/http-errors#137
• build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by @​dependabot[bot] in jshttp/http-errors#134
• Release: 2.0.1 by @​UlisesGascon in jshttp/http-errors#140

New Contributors

• @​Ayoub-Mabrouk made their first contribution in jshttp/http-errors#112
• @​jonchurch made their first contribution in jshttp/http-errors#106
• @​step-security-bot made their first contribution in jshttp/http-errors#116
• @​dependabot[bot] made their first contribution in jshttp/http-errors#117
• @​UlisesGascon made their first contribution in jshttp/http-errors#124
• @​Phillip9587 made their first contribution in jshttp/http-errors#126

Full Changelog: https://github.com/jshttp/http-errors/compare/v2.0.0...v2.0.1

Changelog

Sourced from http-errors's changelog.

2.0.1 / 2025-11-20

• deps: use tilde notation for dependencies
• deps: update statuses to 2.0.2

Commits

• 61aee57 2.0.1 (#140)
• 6acba1f build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 (#134)
• d2dcbbf build(deps): bump github/codeql-action from 3.29.11 to 4.31.2 (#137)
• fa47a60 build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 (#138)
• 09b3881 build(deps): bump actions/checkout from 4.2.2 to 5.0.0 (#132)
• f1ad322 build(deps): bump github/codeql-action from 3.29.7 to 3.29.11 (#133)
• 109fe03 build(deps-dev): bump eslint-plugin-import from 2.25.3 to 2.32.0 (#129)
• 7a05446 ci: add nodejs v18 - v24 to test matrix (#127)
• 6dfaf49 build(deps): bump github/codeql-action from 3.28.18 to 3.29.5 (#131)
• 535aebf chore: add funding to package.json (#130)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for http-errors since your current version.

Updates nodemailer from 7.0.10 to 7.0.11

Release notes

Sourced from nodemailer's releases.

v7.0.11

7.0.11 (2025-11-26)

Bug Fixes

• prevent stack overflow DoS in addressparser with deeply nested groups (b61b9c0)

Changelog

Sourced from nodemailer's changelog.

7.0.11 (2025-11-26)

Bug Fixes

• prevent stack overflow DoS in addressparser with deeply nested groups (b61b9c0)

Commits

• 3d17dbe chore(master): release 7.0.11 (#1783)
• 15879f8 Bumped dev dependencies
• b61b9c0 fix: prevent stack overflow DoS in addressparser with deeply nested groups
• See full diff in compare view

Updates react-day-picker from 9.11.1 to 9.11.3

Release notes

Sourced from react-day-picker's releases.

v9.11.3

Rendered HTML now includes empty cells in grids when endMonth is set, and fixes the v9.11.2 regression where JSDOM tests could fail when focusing disabled days.

Possible low impact breaking change: The grid markup changed, so brittle snapshot tests or custom CSS that depended on the old structure may need updates. Adjust snapshots/CSS accordingly.

What's Changed

• fix: ensure final week renders when endMonth clips the calendar by @​gpbl in gpbl/react-day-picker#2856
• fix: prevent selecting disabled focused days by @​gpbl in gpbl/react-day-picker#2860

Full Changelog: https://github.com/gpbl/react-day-picker/compare/v9.11.2...v9.11.3

v9.11.2

What's Changed

• fix: ensure modifiers honor the timeZone prop by @​gpbl in gpbl/react-day-picker#2849
• fix: allow focused disabled days to remain focusable by @​gpbl in gpbl/react-day-picker#2851
• chore(performance): cache resolved today across helpers for better performance by @​gpbl in gpbl/react-day-picker#2848
• chore(performance): memoize calendar and reuse ISO date ids in day rendering by @​gpbl in gpbl/react-day-picker#2850

Full Changelog: https://github.com/gpbl/react-day-picker/compare/v9.11.1...v9.11.2

Commits

• 567cc8a Merge branch 'main' of https://github.com/gpbl/react-day-picker
• 26fdd03 build: bump v9.11.3
• 16191b2 fix: prevent selecting disabled focused days (#2860)
• e166841 fix: ensure final week renders when endMonth clips the calendar (#2856)
• 98bc3ee website: update style and README (#2859)
• ce8c3bb build: update dev dependencies (#2857)
• f6d34e0 website: fix playground month props sync and display (#2854)
• 9ee9bbf build: bump 9.11.2
• f5c0425 test: add setTestTime helper and safe user timers (#2852)
• 3308e05 chore(performance): memoize calendar and reuse ISO date ids in day rendering ...
• Additional commits viewable in compare view

Updates yaml from 2.8.1 to 2.8.2

Release notes

Sourced from yaml's releases.

v2.8.2

• Serialize -0 as -0 (#638)
• Do not double newlines for empty map values (#642)

Commits

• 086fa6b 2.8.2
• 95f01e9 chore: Add funding to package.json
• 152e204 style: Apply updated Prettier rules & satisfy updated ESLint
• 3f3378c chore: Drop unused dependency cross-env
• f0b9af7 chore: Update to @​rollup/plugin-replace v6
• e3cafc7 chore: Update to eslint-config-prettier v10
• 553c1b5 chore: Refresh lockfile
• 70a8db3 fix: Do not double newlines for empty map values (#642)
• 92821f2 ci: Limit action permissions to minimum required
• 95285f8 fix: Serialize -0 as -0 (fixes #638)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/fosrl/pangolin/pull/1953 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 12/1/2025 **Status:** ❌ Closed **Base:** `main` ← **Head:** `dependabot/npm_and_yarn/prod-patch-updates-ade788a5c4` --- ### 📝 Commits (1) - [`873a611`](https://github.com/fosrl/pangolin/commit/873a6115aa58e9bc0acb29a7ad82b38125449792) Bump the prod-patch-updates group across 1 directory with 5 updates ### 📊 Changes **2 files changed** (+71 additions, -48 deletions) <details> <summary>View changed files</summary> 📝 `package-lock.json` (+65 -42) 📝 `package.json` (+6 -6) </details> ### 📄 Description Bumps the prod-patch-updates group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next) | `16.0.3` | `16.0.6` | | [http-errors](https://github.com/jshttp/http-errors) | `2.0.0` | `2.0.1` | | [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.10` | `7.0.11` | | [react-day-picker](https://github.com/gpbl/react-day-picker) | `9.11.1` | `9.11.3` | | [yaml](https://github.com/eemeli/yaml) | `2.8.1` | `2.8.2` | Updates `eslint-config-next` from 16.0.3 to 16.0.6 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vercel/next.js/releases">eslint-config-next's releases</a>.</em></p> <blockquote> <h2>v16.0.6</h2> <blockquote> <p>[!NOTE] This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>bump the browserslist version to silence a warning in CI (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/86625">#86625</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/lukesandberg"><code>@​lukesandberg</code></a> for helping!</p> <h2>v16.0.5</h2> <blockquote> <p>[!NOTE] This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>fix(nodejs-middleware): await for body cloning to be properly finalized (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/85418">#85418</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/lucasadrianof"><code>@​lucasadrianof</code></a> for helping!</p> <h2>v16.0.4</h2> <blockquote> <p>[!NOTE] This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>fix: Rename proxy.js to middleware.js in NFT file (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/86214">#86214</a>)</li> <li>fix: prevent fetch abort errors propagating to user error boundaries (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/86277">#86277</a>)</li> <li>Turbopack: fix passing project options from napi (<a href="https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next/issues/86256">#86256</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/devjiwonchoi"><code>@​devjiwonchoi</code></a>, <a href="https://github.com/sokra"><code>@​sokra</code></a> and <a href="https://github.com/ztanner"><code>@​ztanner</code></a> for helping!</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vercel/next.js/commit/aab1edcb8d7a57a6f7a1637d0f87be84ea62edc8"><code>aab1edc</code></a> v16.0.6</li> <li><a href="https://github.com/vercel/next.js/commit/89ccb9fc86c13ca6aaaa5eb0e61c02c309abf1a3"><code>89ccb9f</code></a> v16.0.5</li> <li><a href="https://github.com/vercel/next.js/commit/d440c75650c79b8be450df5fd434afbfe230506a"><code>d440c75</code></a> v16.0.4</li> <li>See full diff in <a href="https://github.com/vercel/next.js/commits/v16.0.6/packages/eslint-config-next">compare view</a></li> </ul> </details> <br /> Updates `http-errors` from 2.0.0 to 2.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jshttp/http-errors/releases">http-errors's releases</a>.</em></p> <blockquote> <h2>v2.0.1</h2> <h2>What's Changed</h2> <ul> <li>Add support for OSSF scorecard reporting by <a href="https://github.com/carpasse"><code>@​carpasse</code></a> in <a href="https://redirect.github.com/jshttp/http-errors/pull/107">jshttp/http-errors#107</a></li> <li>refactor: improve <code>toClassName</code> function readability and JSDoc completeness by <a href="https://github.com/Ayoub-Mabrouk"><code>@​Ayoub-Mabrouk</code></a> in <a href="https://redirect.github.com/jshttp/http-errors/pull/112">jshttp/http-errors#112</a></li> <li>chore: upgrade scorecard workflow pinned action versions by <a href="https://github.com/carpasse"><code>@​carpasse</code></a> in <a href="https://redirect.github.com/jshttp/http-errors/pull/113">jshttp/http-errors#113</a></li> <li>Add test for extending native errors w/o altering prototype by <a href="https://github.com/jonchurch"><code>@​jonchurch</code></a> in <a href="https://redirect.github.com/jshttp/http-errors/pull/106">jshttp/http-errors#106</a></li> <li>remove --bail from test script by <a href="https://github.com/jonchurch"><code>@​jonchurch</code></a> in <a href="https://redirect.github.com/jshttp/http-errors/pull/114">jshttp/http-errors#114</a></li> <li>[StepSecurity] Apply security best practices by <a href="https://github.com/step-security-bot"><code>@​step-security-bot</code></a> in <a href="https://redirect.github.com/jshttp/http-errors/pull/116">jshttp/http-errors#116</a></li> <li>build(deps): bump actions/checkout from 2.7.0 to 4.2.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/jshttp/http-errors/pull/117">jshttp/http-errors#117</a></li> <li>build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/jshttp/http-errors/pull/118">jshttp/http-errors#118</a></li> <li>build(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/jshttp/http-errors/pull/119">jshttp/http-errors#119</a></li> <li>build(deps): bump actions/upload-artifact from 4.5.0 to 4.6.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/jshttp/http-errors/pull/121">jshttp/http-errors#121</a></li> <li>build(deps): bump github/codeql-action from 3.27.9 to 3.28.18 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/jshttp/http-errors/pull/123">jshttp/http-errors#123</a></li> <li>fix: use <code>ubuntu-latest</code> as ci runner by <a href="https://github.com/UlisesGascon"><code>@​UlisesGascon</code></a> in <a href="https://redirect.github.com/jshttp/http-errors/pull/124">jshttp/http-errors#124</a></li> <li>remove --bail by <a href="https://github.com/jonchurch"><code>@​jonchurch</code></a> in <a href="https://redirect.github.com/jshttp/http-errors/pull/125">jshttp/http-errors#125</a></li> <li>deps: update statuses and switch fixed versions to tilde (~) by <a href="https://github.com/Phillip9587"><code>@​Phillip9587</code></a> in <a href="https://redirect.github.com/jshttp/http-errors/pull/126">jshttp/http-errors#126</a></li> <li>chore: add funding to package.json by <a href="https://github.com/Phillip9587"><code>@​Phillip9587</code></a> in <a href="https://redirect.github.com/jshttp/http-errors/pull/130">jshttp/http-errors#130</a></li> <li>build(deps): bump github/codeql-action from 3.28.18 to 3.29.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/jshttp/http-errors/pull/131">jshttp/http-errors#131</a></li> <li>ci: add nodejs v18 - v24 to test matrix by <a href="https://github.com/Phillip9587"><code>@​Phillip9587</code></a> in <a href="https://redirect.github.com/jshttp/http-errors/pull/127">jshttp/http-errors#127</a></li> <li>build(deps-dev): bump eslint-plugin-import from 2.25.3 to 2.32.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/jshttp/http-errors/pull/129">jshttp/http-errors#129</a></li> <li>build(deps): bump github/codeql-action from 3.29.7 to 3.29.11 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/jshttp/http-errors/pull/133">jshttp/http-errors#133</a></li> <li>build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/jshttp/http-errors/pull/132">jshttp/http-errors#132</a></li> <li>build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/jshttp/http-errors/pull/138">jshttp/http-errors#138</a></li> <li>build(deps): bump github/codeql-action from 3.29.11 to 4.31.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/jshttp/http-errors/pull/137">jshttp/http-errors#137</a></li> <li>build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/jshttp/http-errors/pull/134">jshttp/http-errors#134</a></li> <li>Release: 2.0.1 by <a href="https://github.com/UlisesGascon"><code>@​UlisesGascon</code></a> in <a href="https://redirect.github.com/jshttp/http-errors/pull/140">jshttp/http-errors#140</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Ayoub-Mabrouk"><code>@​Ayoub-Mabrouk</code></a> made their first contribution in <a href="https://redirect.github.com/jshttp/http-errors/pull/112">jshttp/http-errors#112</a></li> <li><a href="https://github.com/jonchurch"><code>@​jonchurch</code></a> made their first contribution in <a href="https://redirect.github.com/jshttp/http-errors/pull/106">jshttp/http-errors#106</a></li> <li><a href="https://github.com/step-security-bot"><code>@​step-security-bot</code></a> made their first contribution in <a href="https://redirect.github.com/jshttp/http-errors/pull/116">jshttp/http-errors#116</a></li> <li><a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] made their first contribution in <a href="https://redirect.github.com/jshttp/http-errors/pull/117">jshttp/http-errors#117</a></li> <li><a href="https://github.com/UlisesGascon"><code>@​UlisesGascon</code></a> made their first contribution in <a href="https://redirect.github.com/jshttp/http-errors/pull/124">jshttp/http-errors#124</a></li> <li><a href="https://github.com/Phillip9587"><code>@​Phillip9587</code></a> made their first contribution in <a href="https://redirect.github.com/jshttp/http-errors/pull/126">jshttp/http-errors#126</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/jshttp/http-errors/compare/v2.0.0...v2.0.1">https://github.com/jshttp/http-errors/compare/v2.0.0...v2.0.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jshttp/http-errors/blob/master/HISTORY.md">http-errors's changelog</a>.</em></p> <blockquote> <h1>2.0.1 / 2025-11-20</h1> <ul> <li>deps: use tilde notation for dependencies</li> <li>deps: update statuses to 2.0.2</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jshttp/http-errors/commit/61aee5769e92678ff25a2da8e3a2dd1504762432"><code>61aee57</code></a> 2.0.1 (<a href="https://redirect.github.com/jshttp/http-errors/issues/140">#140</a>)</li> <li><a href="https://github.com/jshttp/http-errors/commit/6acba1ff0cd71a97a913a7f6baa89788d477c462"><code>6acba1f</code></a> build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 (<a href="https://redirect.github.com/jshttp/http-errors/issues/134">#134</a>)</li> <li><a href="https://github.com/jshttp/http-errors/commit/d2dcbbffb34dc45baf30d9186cf89bd20b689d04"><code>d2dcbbf</code></a> build(deps): bump github/codeql-action from 3.29.11 to 4.31.2 (<a href="https://redirect.github.com/jshttp/http-errors/issues/137">#137</a>)</li> <li><a href="https://github.com/jshttp/http-errors/commit/fa47a60e96e774b176f81ef1d9f4ca0239607c87"><code>fa47a60</code></a> build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 (<a href="https://redirect.github.com/jshttp/http-errors/issues/138">#138</a>)</li> <li><a href="https://github.com/jshttp/http-errors/commit/09b3881c43ed0e7579f4e76e1bf7a77e23d86c06"><code>09b3881</code></a> build(deps): bump actions/checkout from 4.2.2 to 5.0.0 (<a href="https://redirect.github.com/jshttp/http-errors/issues/132">#132</a>)</li> <li><a href="https://github.com/jshttp/http-errors/commit/f1ad32238afb63cdd0e4ab935cdae6b4728c71aa"><code>f1ad322</code></a> build(deps): bump github/codeql-action from 3.29.7 to 3.29.11 (<a href="https://redirect.github.com/jshttp/http-errors/issues/133">#133</a>)</li> <li><a href="https://github.com/jshttp/http-errors/commit/109fe03f60a8c4ce911785927fe7388fe69025c7"><code>109fe03</code></a> build(deps-dev): bump eslint-plugin-import from 2.25.3 to 2.32.0 (<a href="https://redirect.github.com/jshttp/http-errors/issues/129">#129</a>)</li> <li><a href="https://github.com/jshttp/http-errors/commit/7a0544616f7e708a536c28ef5f936d20030215b8"><code>7a05446</code></a> ci: add nodejs v18 - v24 to test matrix (<a href="https://redirect.github.com/jshttp/http-errors/issues/127">#127</a>)</li> <li><a href="https://github.com/jshttp/http-errors/commit/6dfaf4983d8814aab2f216e8ec73c566f6ca8003"><code>6dfaf49</code></a> build(deps): bump github/codeql-action from 3.28.18 to 3.29.5 (<a href="https://redirect.github.com/jshttp/http-errors/issues/131">#131</a>)</li> <li><a href="https://github.com/jshttp/http-errors/commit/535aebf128ec21e23053c05c5a2d98b981147b2d"><code>535aebf</code></a> chore: add funding to package.json (<a href="https://redirect.github.com/jshttp/http-errors/issues/130">#130</a>)</li> <li>Additional commits viewable in <a href="https://github.com/jshttp/http-errors/compare/v2.0.0...v2.0.1">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~ulisesgascon">ulisesgascon</a>, a new releaser for http-errors since your current version.</p> </details> <br /> Updates `nodemailer` from 7.0.10 to 7.0.11 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nodemailer/nodemailer/releases">nodemailer's releases</a>.</em></p> <blockquote> <h2>v7.0.11</h2> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v7.0.10...v7.0.11">7.0.11</a> (2025-11-26)</h2> <h3>Bug Fixes</h3> <ul> <li>prevent stack overflow DoS in addressparser with deeply nested groups (<a href="https://github.com/nodemailer/nodemailer/commit/b61b9c0cfd682b6f647754ca338373b68336a150">b61b9c0</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md">nodemailer's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/nodemailer/nodemailer/compare/v7.0.10...v7.0.11">7.0.11</a> (2025-11-26)</h2> <h3>Bug Fixes</h3> <ul> <li>prevent stack overflow DoS in addressparser with deeply nested groups (<a href="https://github.com/nodemailer/nodemailer/commit/b61b9c0cfd682b6f647754ca338373b68336a150">b61b9c0</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nodemailer/nodemailer/commit/3d17dbec49ab3e3f0e13e62871e5534be5b99994"><code>3d17dbe</code></a> chore(master): release 7.0.11 (<a href="https://redirect.github.com/nodemailer/nodemailer/issues/1783">#1783</a>)</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/15879f8bd5a94fe608fd7cf1d3142de14527eadf"><code>15879f8</code></a> Bumped dev dependencies</li> <li><a href="https://github.com/nodemailer/nodemailer/commit/b61b9c0cfd682b6f647754ca338373b68336a150"><code>b61b9c0</code></a> fix: prevent stack overflow DoS in addressparser with deeply nested groups</li> <li>See full diff in <a href="https://github.com/nodemailer/nodemailer/compare/v7.0.10...v7.0.11">compare view</a></li> </ul> </details> <br /> Updates `react-day-picker` from 9.11.1 to 9.11.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gpbl/react-day-picker/releases">react-day-picker's releases</a>.</em></p> <blockquote> <h2>v9.11.3</h2> <p>Rendered HTML now includes empty cells in grids when <code>endMonth</code> is set, and fixes the v9.11.2 regression where JSDOM tests could fail when focusing disabled days.</p> <p><strong>Possible low impact breaking change:</strong> The grid markup changed, so brittle snapshot tests or custom CSS that depended on the old structure may need updates. Adjust snapshots/CSS accordingly.</p> <h2>What's Changed</h2> <ul> <li>fix: ensure final week renders when <code>endMonth</code> clips the calendar by <a href="https://github.com/gpbl"><code>@​gpbl</code></a> in <a href="https://redirect.github.com/gpbl/react-day-picker/pull/2856">gpbl/react-day-picker#2856</a></li> <li>fix: prevent selecting disabled focused days by <a href="https://github.com/gpbl"><code>@​gpbl</code></a> in <a href="https://redirect.github.com/gpbl/react-day-picker/pull/2860">gpbl/react-day-picker#2860</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/gpbl/react-day-picker/compare/v9.11.2...v9.11.3">https://github.com/gpbl/react-day-picker/compare/v9.11.2...v9.11.3</a></p> <h2>v9.11.2</h2> <h2>What's Changed</h2> <ul> <li>fix: ensure modifiers honor the <code>timeZone</code> prop by <a href="https://github.com/gpbl"><code>@​gpbl</code></a> in <a href="https://redirect.github.com/gpbl/react-day-picker/pull/2849">gpbl/react-day-picker#2849</a></li> <li>fix: allow focused disabled days to remain focusable by <a href="https://github.com/gpbl"><code>@​gpbl</code></a> in <a href="https://redirect.github.com/gpbl/react-day-picker/pull/2851">gpbl/react-day-picker#2851</a></li> <li>chore(performance): cache resolved today across helpers for better performance by <a href="https://github.com/gpbl"><code>@​gpbl</code></a> in <a href="https://redirect.github.com/gpbl/react-day-picker/pull/2848">gpbl/react-day-picker#2848</a></li> <li>chore(performance): memoize calendar and reuse ISO date ids in day rendering by <a href="https://github.com/gpbl"><code>@​gpbl</code></a> in <a href="https://redirect.github.com/gpbl/react-day-picker/pull/2850">gpbl/react-day-picker#2850</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/gpbl/react-day-picker/compare/v9.11.1...v9.11.2">https://github.com/gpbl/react-day-picker/compare/v9.11.1...v9.11.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gpbl/react-day-picker/commit/567cc8acacd943465bd4c4a76182b8e31f6c2c10"><code>567cc8a</code></a> Merge branch 'main' of <a href="https://github.com/gpbl/react-day-picker">https://github.com/gpbl/react-day-picker</a></li> <li><a href="https://github.com/gpbl/react-day-picker/commit/26fdd03df458deca8473e4cda4f1e4f3d0d38ee7"><code>26fdd03</code></a> build: bump v9.11.3</li> <li><a href="https://github.com/gpbl/react-day-picker/commit/16191b20d3ba844d4374b2a7a31da82bccf58c4a"><code>16191b2</code></a> fix: prevent selecting disabled focused days (<a href="https://redirect.github.com/gpbl/react-day-picker/issues/2860">#2860</a>)</li> <li><a href="https://github.com/gpbl/react-day-picker/commit/e16684152a76cf7a113be6c7d4ce2e3752dc7fe1"><code>e166841</code></a> fix: ensure final week renders when <code>endMonth</code> clips the calendar (<a href="https://redirect.github.com/gpbl/react-day-picker/issues/2856">#2856</a>)</li> <li><a href="https://github.com/gpbl/react-day-picker/commit/98bc3ee040b43b2c74f4d6a687031caeeab32eab"><code>98bc3ee</code></a> website: update style and README (<a href="https://redirect.github.com/gpbl/react-day-picker/issues/2859">#2859</a>)</li> <li><a href="https://github.com/gpbl/react-day-picker/commit/ce8c3bbf43d19ac7433b509786da3fc35bb50419"><code>ce8c3bb</code></a> build: update dev dependencies (<a href="https://redirect.github.com/gpbl/react-day-picker/issues/2857">#2857</a>)</li> <li><a href="https://github.com/gpbl/react-day-picker/commit/f6d34e095ee9100f5dc5964172a61c0707817766"><code>f6d34e0</code></a> website: fix playground month props sync and display (<a href="https://redirect.github.com/gpbl/react-day-picker/issues/2854">#2854</a>)</li> <li><a href="https://github.com/gpbl/react-day-picker/commit/9ee9bbf52aa1936f6e2f0ca4eabab130821c3f68"><code>9ee9bbf</code></a> build: bump 9.11.2</li> <li><a href="https://github.com/gpbl/react-day-picker/commit/f5c04251289cc1e33c411aa31efd0d804ed32691"><code>f5c0425</code></a> test: add setTestTime helper and safe user timers (<a href="https://redirect.github.com/gpbl/react-day-picker/issues/2852">#2852</a>)</li> <li><a href="https://github.com/gpbl/react-day-picker/commit/3308e05b76e2f9e45b50ba050412b7988f295bc1"><code>3308e05</code></a> chore(performance): memoize calendar and reuse ISO date ids in day rendering ...</li> <li>Additional commits viewable in <a href="https://github.com/gpbl/react-day-picker/compare/v9.11.1...v9.11.3">compare view</a></li> </ul> </details> <br /> Updates `yaml` from 2.8.1 to 2.8.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/eemeli/yaml/releases">yaml's releases</a>.</em></p> <blockquote> <h2>v2.8.2</h2> <ul> <li>Serialize -0 as -0 (<a href="https://redirect.github.com/eemeli/yaml/issues/638">#638</a>)</li> <li>Do not double newlines for empty map values (<a href="https://redirect.github.com/eemeli/yaml/issues/642">#642</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/eemeli/yaml/commit/086fa6b5bae325da18734750cddee231ce578930"><code>086fa6b</code></a> 2.8.2</li> <li><a href="https://github.com/eemeli/yaml/commit/95f01e98032ddf199b42bb3ba0737303b35ef752"><code>95f01e9</code></a> chore: Add funding to package.json</li> <li><a href="https://github.com/eemeli/yaml/commit/152e204a9255064cc0af4f70b7fa0ac25e324a42"><code>152e204</code></a> style: Apply updated Prettier rules &amp; satisfy updated ESLint</li> <li><a href="https://github.com/eemeli/yaml/commit/3f3378c3bff1663a41f413dbf3c65b9bbb292db7"><code>3f3378c</code></a> chore: Drop unused dependency cross-env</li> <li><a href="https://github.com/eemeli/yaml/commit/f0b9af7b6fba48e0fe4b4a85a64cb3339e5dd7aa"><code>f0b9af7</code></a> chore: Update to <code>@​rollup/plugin-replace</code> v6</li> <li><a href="https://github.com/eemeli/yaml/commit/e3cafc70ca0dfac449f25cfa60a426f68c23e061"><code>e3cafc7</code></a> chore: Update to eslint-config-prettier v10</li> <li><a href="https://github.com/eemeli/yaml/commit/553c1b56f1f3a6b23b6f0358322dfbacfc3e80cb"><code>553c1b5</code></a> chore: Refresh lockfile</li> <li><a href="https://github.com/eemeli/yaml/commit/70a8db37c3bd8d6db6e8dddd4a1e9e6fc5a9a3b0"><code>70a8db3</code></a> fix: Do not double newlines for empty map values (<a href="https://redirect.github.com/eemeli/yaml/issues/642">#642</a>)</li> <li><a href="https://github.com/eemeli/yaml/commit/92821f2b8164f9831ff5a51f6e5a575e06365742"><code>92821f2</code></a> ci: Limit action permissions to minimum required</li> <li><a href="https://github.com/eemeli/yaml/commit/95285f82a888781d4ff010b26f9beb6d13778422"><code>95285f8</code></a> fix: Serialize -0 as -0 (fixes <a href="https://redirect.github.com/eemeli/yaml/issues/638">#638</a>)</li> <li>Additional commits viewable in <a href="https://github.com/eemeli/yaml/compare/v2.8.1...v2.8.2">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

GiteaMirror added the pull-request label 2026-04-25 16:18:51 -05:00

GiteaMirror closed this issue 2026-04-25 16:18:51 -05:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dependabot/npm_and_yarn/fast-uri-3.1.2

crowdin_dev

dev

s3

dependabot/npm_and_yarn/fast-xml-builder-1.2.0

dependabot/npm_and_yarn/axios-1.15.2

dependabot/npm_and_yarn/next-intl-4.9.2

dependabot/npm_and_yarn/prod-patch-updates-64dd675a88

dependabot/npm_and_yarn/dev-minor-updates-10ef4f0f15

dependabot/docker/node-26-alpine

dependabot/docker/docker/library/node-26-slim

dependabot/npm_and_yarn/multi-7bdfbe8666

resource-policies

redis

newt-install-commands

dependabot/npm_and_yarn/multi-d2fd79378c

dependabot/npm_and_yarn/uuid-14.0.0

dependabot/npm_and_yarn/postcss-8.5.10

miloschwartz-patch-2

dependabot/github_actions/actions/setup-node-6.4.0

dependabot/npm_and_yarn/next-16.2.1

dependabot/npm_and_yarn/recharts-3.8.1

cross-org-idp

update-readme

miloschwartz-patch-1

breakout-sites-tables

revert-2766-feature/systemd-install-instructions

ssh

delete-account

msg-delivery

org-only-idp

cicd

patch

site-targets-auto-login

1.18.3-s.3

1.18.3-s.2

1.18.3

1.18.3-s.1

1.18.3-s.0

1.18.2-s.5

1.18.2-s.4

1.18.2-s.3

1.18.2-s.2

1.18.2-s.1

1.18.2

1.18.2-s.0

1.18.1-s.7

1.18.1-s.6

1.18.1-s.5

1.18.1-s.4

1.18.1-s.3

1.18.1-s.2

1.18.1

1.18.1-s.1

1.18.1-s.0

1.18.0-s.2

1.18.0-s.1

1.18.0

1.18.0-s.0

1.17.1-s.7

1.17.1-s.6

1.18.0-rc.0

1.17.1-s.5

1.17.1-s.4

1.17.1-s.3

1.17.1

1.17.1-s.2

1.17.1-s.1

1.17.1-s.0

1.17.0-s.4

1.17.0

1.17.0-s.3

1.17.0-s.2

1.17.0-s.1

1.17.0-s.0

1.17.0-rc.0

1.16.2-s.22

1.16.2-s.21

1.16.2-s.20

1.16.2-s.19

1.16.2-s.18

1.16.2-s.17

1.16.2-s.16

1.16.2-s.15

1.16.2-s.14

1.16.2-s.13

1.16.2-s.12

1.16.2-s.11

1.16.2-s.10

1.16.2-s.9

1.16.2-s.8

1.16.2-s.7

1.16.2-s.6

1.16.2-s.5

1.16.2-s.4

1.16.2-s.3

1.16.2-s.2

1.16.2-s.1

1.16.2

1.16.2-s.0

1.16.1-s.1

1.16.1

1.16.1-s.0

1.16.0

1.16.0-s.1

1.16.0-s.0

1.16.0-rc.0

1.15.4-s.10

1.15.4-s.9

1.15.4-s.8

1.15.4-s.7

1.15.4-s.6

1.15.4-s.5

1.15.4-s.4

1.15.4-s.3

1.15.4-s.2

1.15.4-s.1

1.15.4

1.15.4-s.0

1.15.3

1.15.3-s.1

1.15.3-s.0

1.15.2

1.15.1-s.1

1.15.1-s.0

1.15.1

1.15.0-s.5

1.15.0

1.15.0-s.4

1.15.0-s.3

1.15.0-s.2

1.15.0-s.1

1.15.0-s.0

1.15.0-rc.0

1.14.1-s.3

1.14.1-s.2

1.14.1-s.1

1.14.1-s.0

1.14.1

1.14.0-s.2

1.14.0

1.14.0-rc.0

1.13.1

1.13.1-s.0

1.13.0

1.13.0.s.0

1.13.0-rc.0

1.12.2-s.5

1.12.3

1.12.2-s.4

1.12.2-s.3

1.12.2-s.2

1.12.2-s.1

1.12.2

1.12.2-s.0

1.12.1

1.12.0

1.12.0-s.0

1.12.0-rc.0

1.11.1

1.11.1-s.0

1.11.0-s.5

1.11.0

1.11.0-s.4

1.11.0-s.3

1.11.0-s.2

1.11.0-s.1

1.11.0-s.0

1.10.3

1.10.2

1.10.1

1.10.0

1.9.4

1.9.3

1.9.2

1.9.1

1.9.0

1.8.0

1.7.3

1.7.2

1.7.1

1.7.0

1.6.2

1.6.1

1.6.0

1.5.1

1.5.0

1.4.0

1.3.2

1.3.1

1.3.0

1.2.0

1.1.0

1.0.1

1.0.0

1.0.0-beta.15

1.0.0-beta.14

1.0.0-beta.13

1.0.0-beta.12

1.0.0-beta.11

1.0.0-beta.10

1.0.0-beta.9

1.0.0-beta.8

1.0.0-beta.7

1.0.0-beta.6

1.0.0-beta.5

1.0.0-beta.4

1.0.0-beta.3

1.0.0-beta.2

1.0.0-beta.1

Labels

Clear labels

api

authentication

bug

config

dependencies

docker

documentation

enhancement

good first issue

help wanted

Improvement

Look Into

needs investigating

networking

new feature

non-critical bug

potential bug

pull-request

Mirrored from GitHub Pull Request

question

reverse proxy

Security

stale

ui

wontfix

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/pangolin#7582