Skip to content

Bump the npm_and_yarn group across 3 directories with 4 updates#18

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/nodejs/npm_and_yarn-556124fe51
Open

Bump the npm_and_yarn group across 3 directories with 4 updates#18
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/nodejs/npm_and_yarn-556124fe51

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jan 7, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm_and_yarn group with 1 update in the /nodejs directory: axios.
Bumps the npm_and_yarn group with 2 updates in the /nodejs/pay-api-app/backend directory: axios and qs.
Bumps the npm_and_yarn group with 3 updates in the /nodejs/pay-api-app/frontend directory: axios, vite and js-yaml.

Updates axios from 1.7.4 to 1.12.0

Release notes

Sourced from axios's releases.

Release v1.12.0

Release notes:

Bug Fixes

Features

  • adapter: surface low‑level network error details; attach original error via cause (#6982) (78b290c)
  • fetch: add fetch, Request, Response env config variables for the adapter; (#7003) (c959ff2)
  • support reviver on JSON.parse (#5926) (2a97634), closes #5924
  • types: extend AxiosResponse interface to include custom headers type (#6782) (7960d34)

Contributors to this release

Release v1.11.0

Release notes:

Bug Fixes

  • form-data npm pakcage (#6970) (e72c193)
  • prevent RangeError when using large Buffers (#6961) (a2214ca)
  • types: resolve type discrepancies between ESM and CJS TypeScript declaration files (#6956) (8517aa1)

Contributors to this release

... (truncated)

Changelog

Sourced from axios's changelog.

1.12.0 (2025-09-11)

Bug Fixes

Features

  • adapter: surface low‑level network error details; attach original error via cause (#6982) (78b290c)
  • fetch: add fetch, Request, Response env config variables for the adapter; (#7003) (c959ff2)
  • support reviver on JSON.parse (#5926) (2a97634), closes #5924
  • types: extend AxiosResponse interface to include custom headers type (#6782) (7960d34)

Contributors to this release

1.11.0 (2025-07-22)

Bug Fixes

  • form-data npm pakcage (#6970) (e72c193)
  • prevent RangeError when using large Buffers (#6961) (a2214ca)
  • types: resolve type discrepancies between ESM and CJS TypeScript declaration files (#6956) (8517aa1)

Contributors to this release

... (truncated)

Commits
  • 0d8ad6e chore(release): v1.12.0 (#7013)
  • fd7f404 fix: release pr run
  • a2edc36 fix: dont add dist on release
  • 9ec86de fix: adding build artifacts
  • 945435f fix(node): enforce maxContentLength for data: URLs (#7011)
  • 28e5e30 chore(sponsor): update sponsor block (#7005)
  • d03f245 chore(CI): fixed release info script to use npm registry instead of git as fi...
  • a0bc911 chore: removing dist files from src (#7002)
  • c959ff2 feat(fetch): add fetch, Request, Response env config variables for the adapte...
  • a9f47af fix(fetch-adapter): set correct Content-Type for Node FormData (#6998)
  • Additional commits viewable in compare view

Updates axios from 1.7.5 to 1.12.0

Release notes

Sourced from axios's releases.

Release v1.12.0

Release notes:

Bug Fixes

Features

  • adapter: surface low‑level network error details; attach original error via cause (#6982) (78b290c)
  • fetch: add fetch, Request, Response env config variables for the adapter; (#7003) (c959ff2)
  • support reviver on JSON.parse (#5926) (2a97634), closes #5924
  • types: extend AxiosResponse interface to include custom headers type (#6782) (7960d34)

Contributors to this release

Release v1.11.0

Release notes:

Bug Fixes

  • form-data npm pakcage (#6970) (e72c193)
  • prevent RangeError when using large Buffers (#6961) (a2214ca)
  • types: resolve type discrepancies between ESM and CJS TypeScript declaration files (#6956) (8517aa1)

Contributors to this release

... (truncated)

Changelog

Sourced from axios's changelog.

1.12.0 (2025-09-11)

Bug Fixes

Features

  • adapter: surface low‑level network error details; attach original error via cause (#6982) (78b290c)
  • fetch: add fetch, Request, Response env config variables for the adapter; (#7003) (c959ff2)
  • support reviver on JSON.parse (#5926) (2a97634), closes #5924
  • types: extend AxiosResponse interface to include custom headers type (#6782) (7960d34)

Contributors to this release

1.11.0 (2025-07-22)

Bug Fixes

  • form-data npm pakcage (#6970) (e72c193)
  • prevent RangeError when using large Buffers (#6961) (a2214ca)
  • types: resolve type discrepancies between ESM and CJS TypeScript declaration files (#6956) (8517aa1)

Contributors to this release

... (truncated)

Commits
  • 0d8ad6e chore(release): v1.12.0 (#7013)
  • fd7f404 fix: release pr run
  • a2edc36 fix: dont add dist on release
  • 9ec86de fix: adding build artifacts
  • 945435f fix(node): enforce maxContentLength for data: URLs (#7011)
  • 28e5e30 chore(sponsor): update sponsor block (#7005)
  • d03f245 chore(CI): fixed release info script to use npm registry instead of git as fi...
  • a0bc911 chore: removing dist files from src (#7002)
  • c959ff2 feat(fetch): add fetch, Request, Response env config variables for the adapte...
  • a9f47af fix(fetch-adapter): set correct Content-Type for Node FormData (#6998)
  • Additional commits viewable in compare view

Updates qs from 6.13.0 to 6.14.1

Changelog

Sourced from qs's changelog.

6.14.1

  • [Fix] ensure arrayLength applies to [] notation as well
  • [Fix] parse: when a custom decoder returns null for a key, ignore that key
  • [Refactor] parse: extract key segment splitting helper
  • [meta] add threat model
  • [actions] add workflow permissions
  • [Tests] stringify: increase coverage
  • [Dev Deps] update eslint, @ljharb/eslint-config, npmignore, es-value-fixtures, for-each, object-inspect

6.14.0

  • [New] parse: add throwOnParameterLimitExceeded option (#517)
  • [Refactor] parse: use utils.combine more
  • [patch] parse: add explicit throwOnLimitExceeded default
  • [actions] use shared action; re-add finishers
  • [meta] Fix changelog formatting bug
  • [Deps] update side-channel
  • [Dev Deps] update es-value-fixtures, has-bigints, has-proto, has-symbols
  • [Tests] increase coverage

6.13.1

  • [Fix] stringify: avoid a crash when a filter key is null
  • [Fix] utils.merge: functions should not be stringified into keys
  • [Fix] parse: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset
  • [Fix] stringify: ensure a non-string filter does not crash
  • [Refactor] use __proto__ syntax instead of Object.create for null objects
  • [Refactor] misc cleanup
  • [Tests] utils.merge: add some coverage
  • [Tests] fix a test case
  • [actions] split out node 10-20, and 20+
  • [Dev Deps] update es-value-fixtures, mock-property, object-inspect, tape
Commits
  • 3fa11a5 v6.14.1
  • a626704 [Dev Deps] update npmignore
  • 3086902 [Fix] ensure arrayLength applies to [] notation as well
  • fc7930e [Dev Deps] update eslint, @ljharb/eslint-config
  • 0b06aac [Dev Deps] update @ljharb/eslint-config
  • 64951f6 [Refactor] parse: extract key segment splitting helper
  • e1bd259 [Dev Deps] update @ljharb/eslint-config
  • f4b3d39 [eslint] add eslint 9 optional peer dep
  • 6e94d95 [Dev Deps] update eslint, @ljharb/eslint-config, npmignore
  • 973dc3c [actions] add workflow permissions
  • Additional commits viewable in compare view

Updates axios from 1.7.5 to 1.12.0

Release notes

Sourced from axios's releases.

Release v1.12.0

Release notes:

Bug Fixes

Features

  • adapter: surface low‑level network error details; attach original error via cause (#6982) (78b290c)
  • fetch: add fetch, Request, Response env config variables for the adapter; (#7003) (c959ff2)
  • support reviver on JSON.parse (#5926) (2a97634), closes #5924
  • types: extend AxiosResponse interface to include custom headers type (#6782) (7960d34)

Contributors to this release

Release v1.11.0

Release notes:

Bug Fixes

  • form-data npm pakcage (#6970) (e72c193)
  • prevent RangeError when using large Buffers (#6961) (a2214ca)
  • types: resolve type discrepancies between ESM and CJS TypeScript declaration files (#6956) (8517aa1)

Contributors to this release

... (truncated)

Changelog

Sourced from axios's changelog.

1.12.0 (2025-09-11)

Bug Fixes

Features

  • adapter: surface low‑level network error details; attach original error via cause (#6982) (78b290c)
  • fetch: add fetch, Request, Response env config variables for the adapter; (#7003) (c959ff2)
  • support reviver on JSON.parse (#5926) (2a97634), closes #5924
  • types: extend AxiosResponse interface to include custom headers type (#6782) (7960d34)

Contributors to this release

1.11.0 (2025-07-22)

Bug Fixes

  • form-data npm pakcage (#6970) (e72c193)
  • prevent RangeError when using large Buffers (#6961) (a2214ca)
  • types: resolve type discrepancies between ESM and CJS TypeScript declaration files (#6956) (8517aa1)

Contributors to this release

... (truncated)

Commits
  • 0d8ad6e chore(release): v1.12.0 (#7013)
  • fd7f404 fix: release pr run
  • a2edc36 fix: dont add dist on release
  • 9ec86de fix: adding build artifacts
  • 945435f fix(node): enforce maxContentLength for data: URLs (#7011)
  • 28e5e30 chore(sponsor): update sponsor block (#7005)
  • d03f245 chore(CI): fixed release info script to use npm registry instead of git as fi...
  • a0bc911 chore: removing dist files from src (#7002)
  • c959ff2 feat(fetch): add fetch, Request, Response env config variables for the adapte...
  • a9f47af fix(fetch-adapter): set correct Content-Type for Node FormData (#6998)
  • Additional commits viewable in compare view

Updates vite from 7.1.5 to 7.1.11

Release notes

Sourced from vite's releases.

v7.1.11

Please refer to CHANGELOG.md for details.

v7.1.10

Please refer to CHANGELOG.md for details.

v7.1.9

Please refer to CHANGELOG.md for details.

v7.1.8

Please refer to CHANGELOG.md for details.

v7.1.7

Please refer to CHANGELOG.md for details.

v7.1.6

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

7.1.11 (2025-10-20)

Bug Fixes

  • dev: trim trailing slash before server.fs.deny check (#20968) (f479cc5)

Miscellaneous Chores

Code Refactoring

  • use subpath imports for types module reference (#20921) (d0094af)

Build System

7.1.10 (2025-10-14)

Bug Fixes

  • css: avoid duplicate style for server rendered stylesheet link and client inline style during dev (#20767) (3a92bc7)
  • css: respect emitAssets when cssCodeSplit=false (#20883) (d3e7eee)
  • deps: update all non-major dependencies (879de86)
  • deps: update all non-major dependencies (#20894) (3213f90)
  • dev: allow aliases starting with // (#20760) (b95fa2a)
  • dev: remove timestamp query consistently (#20887) (6537d15)
  • esbuild: inject esbuild helpers correctly for esbuild 0.25.9+ (#20906) (446eb38)
  • normalize path before calling fileToBuiltUrl (#20898) (73b6d24)
  • preserve original sourcemap file field when combining sourcemaps (#20926) (c714776)

Documentation

Miscellaneous Chores

7.1.9 (2025-10-03)

Reverts

7.1.8 (2025-10-02)

Bug Fixes

... (truncated)

Commits
  • 8b69c9e release: v7.1.11
  • f479cc5 fix(dev): trim trailing slash before server.fs.deny check (#20968)
  • 6fb41a2 chore(deps): update all non-major dependencies (#20966)
  • a817307 build: remove hash from built filenames (#20946)
  • ef411ce build: remove cjs reference in files field (#20945)
  • d0094af refactor: use subpath imports for types module reference (#20921)
  • ed4a0dc release: v7.1.10
  • c714776 fix: preserve original sourcemap file field when combining sourcemaps (#20926)
  • 446eb38 fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (#20906)
  • 879de86 fix(deps): update all non-major dependencies
  • Additional commits viewable in compare view

Updates js-yaml from 4.1.0 to 4.1.1

Changelog

Sourced from js-yaml's changelog.

[4.1.1] - 2025-11-12

Security

  • Fix prototype pollution issue in yaml merge (<<) operator.
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific...

Description has been truncated

Bumps the npm_and_yarn group with 1 update in the /nodejs directory: [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 2 updates in the /nodejs/pay-api-app/backend directory: [axios](https://github.com/axios/axios) and [qs](https://github.com/ljharb/qs).
Bumps the npm_and_yarn group with 3 updates in the /nodejs/pay-api-app/frontend directory: [axios](https://github.com/axios/axios), [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) and [js-yaml](https://github.com/nodeca/js-yaml).


Updates `axios` from 1.7.4 to 1.12.0
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.7.4...v1.12.0)

Updates `axios` from 1.7.5 to 1.12.0
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.7.4...v1.12.0)

Updates `qs` from 6.13.0 to 6.14.1
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.13.0...v6.14.1)

Updates `axios` from 1.7.5 to 1.12.0
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.7.4...v1.12.0)

Updates `vite` from 7.1.5 to 7.1.11
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.1.11/packages/vite)

Updates `js-yaml` from 4.1.0 to 4.1.1
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](nodeca/js-yaml@4.1.0...4.1.1)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.12.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.12.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: qs
  dependency-version: 6.14.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.12.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: vite
  dependency-version: 7.1.11
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: js-yaml
  dependency-version: 4.1.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jan 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants