Bump the npm_and_yarn group across 1 directory with 2 updates

[dependabot]

Bumps the npm_and_yarn group with 2 updates in the / directory: koa and puppeteer.

Updates koa from 2.16.1 to 3.0.1

Release notes

Sourced from koa's releases.

v3.0.1

What's Changed

• fix(security): only allow same origin referer on response back koajs/koa@422c551
• chore: adds initial doc text refresh; migration guide [CHORE-1870] by @​yowainwright in koajs/koa#1877
• build(deps-dev): bump formidable from 3.5.2 to 3.5.4 by @​dependabot[bot] in koajs/koa#1878
• chore: removes done callbacks in tests [CHORE-1870] by @​yowainwright in koajs/koa#1875
• build(deps-dev): bump supertest from 7.1.0 to 7.1.1 by @​dependabot[bot] in koajs/koa#1879
• build(deps): bump debug from 4.4.0 to 4.4.1 by @​dependabot[bot] in koajs/koa#1880
• feat: replace debug module with pure node:util::debuglog by @​3imed-jaberi in koajs/koa#1885
• feat: replace cache-content-type with mime-types directly by @​3imed-jaberi in koajs/koa#1886
• build(deps): bump statuses from 2.0.1 to 2.0.2 by @​dependabot[bot] in koajs/koa#1888
• build(deps-dev): bump supertest from 7.1.1 to 7.1.4 by @​dependabot[bot] in koajs/koa#1895
• build(deps-dev): bump form-data from 4.0.3 to 4.0.4 by @​dependabot[bot] in koajs/koa#1894

Full Changelog: koajs/koa@v3.0.0...v3.0.1

v3.0.0

This is a major release.

Breaking

• Minimum node v18
• Removes .redirect('back'), adds .back(fallback_url) @​fl0w koajs/koa#1115
• For .redirect(), don't render redirect values in anchor ref koajs/koa@ff25eb4
• req.origin should display the origin header if it exists, not the current hostname koajs/koa#1008. origin now aligns with the Origin header as used in CORS.
• .body=<json> should not overwrite type if type already json koajs/koa#1120
• Remove special ENOENT support koajs/koa#1861 - this is a big change and will require any file servers to adapt to this change for handling 404s / files not found
• Removes generator deprecation messages. Generators are no longer supported. Koa no longer asserts if generators are used. Set content-length: 0 if body is explicitly set to null @​ognjenjevremovic #1528 Remove obsolete createAsyncCtxStorageMiddleware koajs/koa#1817
• ctx.throw now requires a format of ctx.throw(status, error, properties). See: https://www.npmjs.com/package/http-errors

New

• Support custom streams @​KristapsR koajs/koa#1825
• Support WHATWG response bodies koajs/koa#1830 @​kravorkid
• Use asyncLocalStorage to get current context from app, e.g.: const ctx = app.currentContext.

Fixes

• Handle responses when socket is no longer writable @​titanism @​azlond koajs/koa#1593
• fix: Do not response Content-Length if Transfer-Encoding is defined #1562 @​charlyzeng
• fix: Set body to 'null' if ctx.type = 'json' and ctx.body = null #1059 @​likegun
• fix: can not get currentContext in error handler (#1758) (Gxkl <gxkl203@gmail.com>)
• Fix exports.defaults in package.json koajs/koa#1630
• Fix leaky handles in tests koajs/koa#1838
• Fix body null checks koajs/koa#1814
• Fix reformatting redirect URLs koajs/koa#1805 koajs/koa#1804
• Fix passing ctx in error handler koajs/koa#1758

... (truncated)

Changelog

Sourced from koa's changelog.

[!IMPORTANT] Moving forwards we are using the GitHub releases page at https://github.com/koajs/koa/releases in combination with np for publishing releases and their changelogs.

---

3.0.0-alpha.3 / 2025-02-11

fixes

• Avoid redos on host and protocol getter

3.0.0-alpha.2 / 2024-11-04

breaking changes

• Update http-errors to v2.0.0 #1486
  • ctx.throw now requires a format of ctx.throw(status, error, properties). See: https://www.npmjs.com/package/http-errors
• Remove res.redirect('back'), add back() method to ctx #1115
• Replace node querystring with URLSearchParams #1828
• Remove obsolete createAsyncCtxStorageMiddleware #1817

features

• Add support for web WHATWG #1830

updates

• Update cookies to ~0.9.1 #1846
• Update statuses to ^2.0.1
• Update supertest to ^7.0.0 #1841

fixes

• Fix exports.defaults in package.json #1630
• Fix leaky handles in tests #1838
• Fix body null checks #1814
• Fix reformatting redirect URLs #1805 #1804
• Fix passing ctx in error handler #1758

migrations

• Migrate from jest to the native node test runner #1845

3.0.0-alpha.1 / 2023-04-12

fixes

• [e98b8d1] - fix: can not get currentContext in error handler (#1758) (Gxkl <gxkl203@gmail.com>)

3.0.0-alpha.0 / 2023-01-02

Breaking Changes

... (truncated)

Commits

• 1ddb048 3.0.1
• 422c551 Merge commit from fork
• 6e51eb1 build(deps-dev): bump form-data from 4.0.3 to 4.0.4 (#1894)
• d378e5c build(deps-dev): bump supertest from 7.1.1 to 7.1.4 (#1895)
• cb22d8d build(deps): bump statuses from 2.0.1 to 2.0.2 (#1888)
• 0acad8f feat: replace cache-content-type with mime-types directly (#1886)
• 2f6e814 feat: replace debug module with pure node:util::debuglog (#1885)
• 8620ced build(deps): bump debug from 4.4.0 to 4.4.1 (#1880)
• dec1ffc build(deps-dev): bump supertest from 7.1.0 to 7.1.1 (#1879)
• 9057541 chore: removes done callbacks in tests [CHORE-1870] (#1875)
• Additional commits viewable in compare view

Updates puppeteer from 0.12.0 to 24.15.0

Release notes

Sourced from puppeteer's releases.

puppeteer-core: v24.15.0

24.15.0 (2025-07-23)

Features

• emulateTimezone via BiDi (#14042) (e8768c9)
• roll to Firefox 141.0 (#14048) (f8853de)

Bug Fixes

• roll to Chrome 138.0.7204.168 (#14047) (4a89e96)

puppeteer: v24.15.0

24.15.0 (2025-07-23)

Miscellaneous Chores

• puppeteer: Synchronize puppeteer versions

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • puppeteer-core bumped from 24.14.0 to 24.15.0

puppeteer-core: v24.14.0

24.14.0 (2025-07-16)

Features

• add debugging highlight to ElementHandle.click() (#14024) (8c4d87a)

Bug Fixes

• roll to Chrome 138.0.7204.157 (#14029) (2a733b4)
• webdriver: provide proper exception while accessing response in BiDi (#14031) (9150473)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​puppeteer/browsers bumped from 2.10.5 to 2.10.6

... (truncated)

Changelog

Sourced from puppeteer's changelog.

24.15.0 (2025-07-23)

Miscellaneous Chores

• puppeteer: Synchronize puppeteer versions

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • puppeteer-core bumped from 24.14.0 to 24.15.0

Features

• emulateTimezone via BiDi (#14042) (e8768c9)
• roll to Firefox 141.0 (#14048) (f8853de)

Bug Fixes

• roll to Chrome 138.0.7204.168 (#14047) (4a89e96)

24.14.0 (2025-07-16)

Miscellaneous Chores

• puppeteer: Synchronize puppeteer versions

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​puppeteer/browsers bumped from 2.10.5 to 2.10.6

Features

• add debugging highlight to ElementHandle.click() (#14024) (8c4d87a)

Bug Fixes

• roll to Chrome 138.0.7204.157 (#14029) (2a733b4)
• webdriver: provide proper exception while accessing response in BiDi (#14031) (9150473)

... (truncated)

Commits

• d5faf22 chore: release main (#14044)
• f8853de feat: roll to Firefox 141.0 (#14048)
• 4a89e96 fix: roll to Chrome 138.0.7204.168 (#14047)
• e8768c9 feat: emulateTimezone via BiDi (#14042)
• d05fac0 chore: bump chromium-bidi to 7.2.0 (#14041)
• e969654 chore: update renamed package (#14040)
• 4e65506 chore(deps-dev): Bump the dev-dependencies group with 10 updates (#14039)
• 0491a71 fix: add manual trigger for Docker (#14038)
• bf83992 chore: fix Dockerfile (#14037)
• 610c8ba chore(deps): Bump node from 2fa6c97 to 9e6918e in /docker in the all grou...
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by google-wombot, a new releaser for puppeteer since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.