Skip to content

fix(deps): update all non-major dependencies #69

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 18 commits into
base: main
Choose a base branch
from
Open

fix(deps): update all non-major dependencies #69

wants to merge 18 commits into from

Conversation

a-klos
Copy link
Member

@a-klos a-klos commented Aug 3, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Confidence Type Update Pending
@semantic-release/github 11.0.3 -> 11.0.4 age confidence devDependencies patch 11.0.5
@types/node (source) 18.19.120 -> 18.19.123 age confidence devDependencies patch
atlassian-python-api 4.0.4 -> 4.0.7 age confidence dependencies patch
boto3 1.39.17 -> 1.40.16 age confidence dependencies minor 1.40.21 (+4)
botocore 1.39.17 -> 1.40.16 age confidence dependencies minor 1.40.21 (+4)
camelot-py (changelog) 1.0.0 -> 1.0.9 age confidence dependencies patch
coverage 7.9.2 -> 7.10.5 age confidence dev minor 7.10.6
coverage 7.10.1 -> 7.10.5 age confidence dev patch 7.10.6
debugpy (source) 1.8.15 -> 1.8.16 age confidence dev patch
debugpy (source) 1.8.15 -> 1.8.16 age confidence dependencies patch
fastmcp 2.10.6 -> 2.11.3 age confidence dependencies minor
langchain (changelog) 0.3.26 -> 0.3.27 age confidence dependencies patch
langchain-core (changelog) 0.3.72 -> 0.3.74 age confidence dependencies patch 0.3.75
langchain-ollama (changelog) 0.3.6 -> 0.3.7 age confidence dependencies patch
langchain-openai (changelog) 0.3.28 -> 0.3.31 age confidence dependencies patch 0.3.32
langfuse 3.2.1 -> 3.3.0 age confidence dependencies minor 3.3.2 (+1)
langfuse (source) 1.3.4 -> 1.5.0 age confidence minor
langfuse/langfuse 3.88.1 -> 3.102.0 age confidence minor 3.106.1 (+3)
langfuse/langfuse-worker 3.88.1 -> 3.102.0 age confidence minor 3.106.1 (+3)
langgraph ^0.5.0 -> ^0.6.0 age confidence dependencies minor
markdownify 1.1.0 -> 1.2.0 age confidence dependencies minor
node 22.17.1 -> 22.18.0 age confidence uses-with minor 22.19.0
numpy (changelog) 2.2.6 -> 2.3.2 age confidence dependencies minor
ollama (source) 1.24.0 -> 1.27.0 age confidence minor 1.28.0
openai 1.98.0 -> 1.101.0 age confidence dependencies minor 1.102.0
pandas 2.3.1 -> 2.3.2 age confidence dependencies patch
poetry (changelog) 2.1.3 -> 2.1.4 age confidence dependencies patch
python 3.13.5 -> 3.13.7 age confidence patch
python 3.13.5-bookworm -> 3.13.7-bookworm age confidence final patch
python 3.13.5-bookworm -> 3.13.7-bookworm age confidence stage patch
qdrant (source) 1.15.0 -> 1.15.3 age confidence patch 1.15.4
qdrant-client 1.15.0 -> 1.15.1 age confidence dependencies patch
ragas 0.3.0 -> 0.3.2 age confidence dependencies patch
redis (changelog) 6.2.0 -> 6.4.0 age confidence dependencies minor
renovatebot/github-action v43.0.5 -> v43.0.8 age confidence action patch v43.0.9
requests (source, changelog) 2.32.4 -> 2.32.5 age confidence dependencies patch
stackit (source) ~> 0.58.0 -> ~> 0.61.0 age confidence required_provider minor 0.62.0
typescript (source) ~5.8.0 -> ~5.9.0 age confidence devDependencies minor
unstructured 0.18.11 -> 0.18.13 age confidence dependencies patch 0.18.14
vue (source) 3.5.18 -> 3.5.19 age confidence dependencies patch 3.5.20

Release Notes

semantic-release/github (@​semantic-release/github)

v11.0.4

Compare Source

Bug Fixes
atlassian-api/atlassian-python-api (atlassian-python-api)

v4.0.7: : Bugfix release notes

Compare Source

What's Changed

New Contributors

Full Changelog: atlassian-api/atlassian-python-api@4.0.6...4.0.7

v4.0.6: : Confluence, Jira Cloud and BB

Compare Source

Hi!
in that path release, adjustments for Confluence, Jira Cloud and Bitbucket

Confluence: get_all_pages_from_space add workaround #​1547
Bitbucket: Add AppUser enrollments for User class appears #​1570
[Jira Cloud]: adjustment of jql search](b090c2e)
Full Changelog: atlassian-api/atlassian-python-api@4.0.5...4.0.6

v4.0.5: Confluence next step for cloud, BB and Jira bugfixes

Compare Source

What's Changed

New Contributors

Full Changelog: atlassian-api/atlassian-python-api@4.0.4...4.0.5

boto/boto3 (boto3)

v1.40.16

Compare Source

=======

  • api-change:clouddirectory: [botocore] Remove incorrect endpoint tests
  • api-change:cognito-sync: [botocore] Remove incorrect endpoint tests
  • api-change:docdb: [botocore] Remove incorrect endpoint tests
  • api-change:elb: [botocore] Remove incorrect endpoint tests
  • api-change:endpoint-rules: [botocore] Update endpoint-rules client to latest version
  • api-change:healthlake: [botocore] Remove incorrect endpoint tests
  • api-change:iotanalytics: [botocore] Remove incorrect endpoint tests
  • api-change:macie2: [botocore] Remove incorrect endpoint tests
  • api-change:marketplacecommerceanalytics: [botocore] Remove incorrect endpoint tests
  • api-change:medialive: [botocore] AWS Elemental MediaLive now has a field called "SubtitleRows" for controlling subtitle row count for DVB-Sub and Burn-In captions outputs
  • api-change:memorydb: [botocore] Remove incorrect endpoint tests
  • api-change:proton: [botocore] Remove incorrect endpoint tests
  • api-change:qconnect: [botocore] Releasing model ID support for UpdateAIPrompt
  • api-change:qldb: [botocore] Remove incorrect endpoint tests
  • api-change:rds: [botocore] Updates Amazon RDS documentation for Db2 read-only replicas.
  • api-change:route53-recovery-readiness: [botocore] Remove incorrect endpoint tests
  • api-change:sagemaker: [botocore] Launch SageMaker Notebook Instances support for AL2023 along with P6-B200 instance type and Rootless Docker support for SageMaker Studio.
  • api-change:sagemaker-a2i-runtime: [botocore] Remove incorrect endpoint tests
  • api-change:simspaceweaver: [botocore] Remove incorrect endpoint tests
  • api-change:synthetics: [botocore] Added multi browser support for synthetics canaries, Increased ephemeral storage limit from 5GB to 10GB
  • api-change:wafv2: [botocore] test and verified, safe to release

v1.40.15

Compare Source

=======

  • api-change:apigatewaymanagementapi: [botocore] Remove incorrect endpoint tests
  • api-change:appfabric: [botocore] Remove incorrect endpoint tests
  • api-change:backup-gateway: [botocore] Remove incorrect endpoint tests
  • api-change:cloudhsm: [botocore] Remove incorrect endpoint tests
  • api-change:cognito-identity: [botocore] Remove incorrect endpoint tests
  • api-change:comprehend: [botocore] Remove incorrect endpoint tests
  • api-change:ebs: [botocore] Remove incorrect endpoint tests
  • api-change:ecr-public: [botocore] Remove incorrect endpoint tests
  • api-change:ecs: [botocore] This is a documentation only release that adds additional information for the update-service request parameters.
  • api-change:elasticbeanstalk: [botocore] Remove incorrect endpoint tests
  • api-change:endpoint-rules: [botocore] Update endpoint-rules client to latest version
  • api-change:es: [botocore] Remove incorrect endpoint tests
  • api-change:forecastquery: [botocore] Remove incorrect endpoint tests
  • api-change:gameliftstreams: [botocore] The default application in a stream group can now be changed at any time using UpdateStreamGroup to update the DefaultApplicationIdentifier.
  • api-change:glue: [botocore] Added support for preprocessing queries in Data Quality operations through new DataQualityGlueTable structure.
  • api-change:greengrassv2: [botocore] Remove incorrect endpoint tests
  • api-change:guardduty: [botocore] Remove Pattern trait from email field
  • api-change:iotdeviceadvisor: [botocore] Remove incorrect endpoint tests
  • api-change:iotevents: [botocore] Remove incorrect endpoint tests
  • api-change:iotevents-data: [botocore] Remove incorrect endpoint tests
  • api-change:iotthingsgraph: [botocore] Remove incorrect endpoint tests
  • api-change:kinesis-video-signaling: [botocore] Remove incorrect endpoint tests
  • api-change:lexv2-runtime: [botocore] Remove incorrect endpoint tests
  • api-change:lookoutmetrics: [botocore] Remove incorrect endpoint tests
  • api-change:managedblockchain: [botocore] Remove incorrect endpoint tests
  • api-change:mediapackage: [botocore] Remove incorrect endpoint tests
  • api-change:panorama: [botocore] Remove incorrect endpoint tests
  • api-change:pinpoint-email: [botocore] Remove incorrect endpoint tests
  • api-change:resource-groups: [botocore] Remove incorrect endpoint tests
  • api-change:s3outposts: [botocore] Remove incorrect endpoint tests
  • api-change:ssm-contacts: [botocore] Doc-only updates for Incident Manager Contacts August 2025

v1.40.14

Compare Source

=======

  • api-change:bedrock-runtime: [botocore] Launch CountTokens API to allow token counting
  • api-change:billing: [botocore] Clarify IPv4 and IPv6 endpoints
  • api-change:cognito-idp: [botocore] This release adds support for the new Terms APIs which allow displaying Terms of Use and Privacy Policy on the Managed Login user-registration page.
  • api-change:datazone: [botocore] This release supports policy grant identifier for cloud formation integration
  • api-change:detective: [botocore] Remove incorrect endpoint tests
  • api-change:dynamodb: [botocore] Remove incorrect endpoint tests
  • api-change:eks: [botocore] EKS Add-ons Custom Namespace Support
  • api-change:endpoint-rules: [botocore] Update endpoint-rules client to latest version
  • api-change:kinesisanalyticsv2: [botocore] Adds Key Management Service (KMS) support allowing customer-managed key (CMK) encryption for Flink application data.
  • api-change:pinpoint-sms-voice-v2: [botocore] This change added InternationalSendingEnbaled as part of describe/Update/Request phone number API response, and as part of update/Request phone number API request
  • api-change:route53-recovery-control-config: [botocore] Remove incorrect endpoint tests
  • api-change:sagemaker: [botocore] This release adds 1/ Launch ml.p5.4xlarge instance in Processing jobs, Training jobs and Training Plan 2/ Makes S3Uri to be required for S3FileSystem and S3FileSystemConfig.

v1.40.13

Compare Source

=======

  • api-change:cleanrooms: [botocore] Support error message configuration for analysis templates
  • api-change:ec2: [botocore] Add support for "warning" volume status.
  • api-change:polly: [botocore] Added support for new output format - Opus.

v1.40.12

Compare Source

=======

  • api-change:batch: [botocore] Added default_x86_64 and default_arm64 as values to the instanceTypes field.
  • api-change:bcm-dashboards: [botocore] Billing and Cost Management Dashboards enables users to create dashboards that combine multiple visualizations of cost and usage data. Users can create, manage, and share dashboards. Tags are also available for dashboards.
  • api-change:connect: [botocore] Amazon Connect Service Feature: Add support to enable multi-user in-app, web, and video calling.
  • api-change:connectparticipant: [botocore] Amazon Connect Service Feature: Add support to enable multi-user in-app, web, and video calling.
  • api-change:endpoint-rules: [botocore] Update endpoint-rules client to latest version
  • api-change:s3control: [botocore] Adds support for Compute checksum functionality in Amazon S3 Batch Operations. You can now calculate checksums for a list of objects using supported algorithms in Amazon S3, without requiring a restore or download
  • api-change:sagemaker: [botocore] Customer managed keys now available for volume encryption of SageMaker HyperPod clusters.
  • enhancement:AWSCRT: [botocore] Update awscrt version to 0.27.6

v1.40.11

Compare Source

=======

  • api-change:amp: [botocore] Add Resource-based Policy APIs for Amazon Prometheus
  • api-change:bedrock-agent: [botocore] This release adds support for saving Bedrock Flows while node configuration is still in progress, even if the Flow is not yet able to be invoked
  • api-change:glue: [botocore] AWS Glue Zero ETL now supports On-demand snapshot load

v1.40.10

Compare Source

=======

  • api-change:arc-region-switch: [botocore] Endpoint rule test and documentation update.
  • api-change:bcm-recommended-actions: [botocore] Initial SDK release for AWS Billing and Cost Management Recommended Actions.
  • api-change:directconnect: [botocore] Added pagination support for DescribeHostedConnections, DescribeVirtualInterfaces, DescribeConnections, DescribeInterconnects, DescribeLags. Added asnLong support for BGP peer operations which supports a large range.
  • api-change:dynamodb: [botocore] This release 1/ Adds support for throttled keys mode for CloudWatch Contributor Insights, 2/ Adds throttling reasons to exceptions across dataplane APIs. 3/ Explicitly models ThrottlingException as a class in statically typed languages. Refer to the launch day blog post for more details.
  • api-change:ec2: [botocore] This release adds ModifyInstanceConnectEndpoint API to update configurations on existing EC2 Instance Connect Endpoints and improves IPv6 support through dualstack DNS names for EC2 Instance Connect Endpoints.
  • api-change:endpoint-rules: [botocore] Update endpoint-rules client to latest version
  • api-change:fsx: [botocore] Amazon FSx for NetApp ONTAP 2nd generation file systems now support decreasing SSD storage capacity.
  • api-change:glue: [botocore] AWS Glue now supports Trusted Identity Propagation.
  • api-change:guardduty: [botocore] Added support for entity lists.
  • api-change:medialive: [botocore] CMAF Ingest output groups in MediaLive can now accept one additional destination url for single pipeline channels and up to two additional destination urls for standard channels.
  • api-change:pcs: [botocore] Updated the regex pattern and description of iamInstanceProfileArn in the CreateComputeNodeGroup and UpdateComputeNodeGroup API actions. Name and path requirements apply to the ARN of the IAM role associated with the instance profile and not the ARN of the instance profile.
  • api-change:qapps: [botocore] Documentation update for Amazon Q Apps API Reference
  • api-change:servicediscovery: [botocore] Added support for cross account through Id parameter overloading with ARN and allow owner account for some APIs instead of ARN
  • api-change:workspaces: [botocore] New APIs introduced to import WorkSpaces BYOL image using a new process that leveraged EC2 Image Builder. WorkSpaces tests and fixes your image's compatibility issues and supports customized VM images.

v1.40.9

Compare Source

======

  • api-change:braket: [botocore] Add support for Braket program sets.
  • api-change:datazone: [botocore] Adds support for account pools and project profile account decoupling
  • api-change:fsx: [botocore] Add Dual-Stack support for Amazon FSx for OpenZFS file systems
  • api-change:partnercentral-selling: [botocore] Add Tagging Support for Opportunity resources
  • api-change:sagemaker: [botocore] This release introduces compute quota for GPU, Trainium accelerators, vCPU, and vCPU memory utilization across teams in HyperPod clusters
  • api-change:security-ir: [botocore] Added support for Organizational Unit-level Membership configuration and the ability to resume a cancelled membership.

v1.40.8

Compare Source

======

  • api-change:backupsearch: [botocore] Using recommended smithy trait to generate regional endpoints for Backup Search
  • api-change:codebuild: [botocore] AWS CodeBuild now supports PullRequestBuildPolicy in webhook object.
  • api-change:ec2: [botocore] Release to allow route table association with a PublicIpv4Pool.
  • api-change:organizations: [botocore] This release introduces 2 new APIs in Organizations: 1. ListAccountsWithInvalidEffectivePolicy 2. ListEffectivePolicyValidationErrors
  • api-change:sagemaker: [botocore] IAM Identity Center trusted identity propagation is now supported in SageMaker Studio.
  • api-change:transcribe: [botocore] AWS HealthScribe now supports specifying preferred patient pronouns through the MedicalScribeContext parameter for use in the generated clinical notes.

v1.40.7

Compare Source

======

  • api-change:bedrock: [botocore] This release includes model updates and enhanced SDK documentation for union fields in automated reasoning policy components. Added docs cover policy definitions, mutations (add/update for rules/types/variables), build assets, workflow sources, test results, and tag exception handling.
  • api-change:cognito-idp: [botocore] Remove SigV4 auth requirement for GetTokensFromRefreshToken
  • api-change:connect: [botocore] Updating SearchUserHierarchyGroups API
  • api-change:deadline: [botocore] Adds support for Wait and Save feature in service-managed fleets
  • api-change:ec2: [botocore] This release adds AvailabilityZoneId support for CreateVolume, DescribeVolume, LaunchTemplates, RunInstances, DescribeInstances, CreateDefaultSubnet, SpotInstances, and CreateDefaultSubnet APIs.
  • api-change:evs: [botocore] Update for general availability of Amazon Elastic VMware Service (EVS).
  • api-change:lambda: [botocore] Doc-only update for Lambda that updates the maximum payload size for response streaming invocations to 200 MB.
  • api-change:quicksight: [botocore] Add RowAxisDisplayOptions and ColumnAxisDisplayOptions to HeatMapConfiguration, add Actions to PluginVisual, increase limit for CalculatedFields list
  • api-change:sso-admin: [botocore] Added support for managing user background session for applications

v1.40.6

Compare Source

======

  • api-change:connect: [botocore] This release adds a new API GetContactMetrics for Amazon Connect.
  • api-change:inspector2: [botocore] Add CVSSV4 to Vulnerability Search API and update enable/disable account id list length to 5
  • api-change:iot-data: [botocore] Adding DeleteConnection API to IoT Data Plane
  • api-change:sagemaker: [botocore] Adds support for GB200 UltraServers in Amazon SageMaker training jobs, training plans, and HyperPod clusters
  • api-change:transcribe: [botocore] Update documentation to use key ARN only in OutputEncryptionKMSKeyId request parameter
  • bugfix:stub: [botocore] Fixes a bug which causes the stubber to begin failing for DynamoDB when SSO or AssumeRole credentials fail to load

v1.40.5

Compare Source

======

  • api-change:batch: [botocore] This feature allows customers to use AWS Batch with Linux with ARM64 CPU Architecture with Fargate Spot compute support.
  • api-change:cloudfront: [botocore] Added new viewer security policy, TLSv1.3_2025, for CloudFront.
  • api-change:codebuild: [botocore] AWS CodeBuild now supports comment-based pull request control.
  • api-change:gameliftstreams: [botocore] Adds Proton 9.0-2 to the list of runtime environment options available when creating an Amazon GameLift Streams application
  • api-change:glue: [botocore] AWS Glue Data Catalog now supports Iceberg Optimization settings at the Catalog level, and supports new options to control the optimization job run rate.
  • api-change:guardduty: [botocore] Added support for VPC owner account ID associated with DNS request in the GuardDuty finding.

v1.40.4

Compare Source

======

  • api-change:appstream: [botocore] Added support for G6 instances
  • api-change:budgets: [botocore] Adds support for billing views. Billing views let you control access to cost and usage data through an AWS resource, streamlining the process of sharing cost and usage data across account boundaries. With this release, you can now create and view budgets based on billing views.
  • api-change:ec2: [botocore] Mark Elastic Inference Accelerators and Elastic Graphics Processor parameters as deprecated on the RunInstances and LaunchTemplate APIs.
  • api-change:opensearchserverless: [botocore] Features: add Index APIs in OpenSearchServerless to support managed semantic enrichment
  • api-change:qbusiness: [botocore] Amazon Q Business now supports the GetDocumentContent() API that enables customers to securely access the source documents through clickable citation links at query time

v1.40.3

Compare Source

======

  • api-change:bedrock: [botocore] This release introduces Automated Reasoning checks for Amazon Bedrock Guardrails. The feature adds new APIs for policy building, refinement, version management, and testing. Guardrail APIs now support Automated Reasoning policy configuration and validation output.
  • api-change:bedrock-runtime: [botocore] This release adds support for Automated Reasoning checks output models for the Amazon Bedrock Guardrails ApplyGuardrail API.
  • api-change:eks: [botocore] Add support for deletion protection on EKS clusters
  • api-change:rds: [botocore] Adds a new Aurora Serverless v2 attribute to the DBCluster resource to expose the platform version. Also updates the attribute to be part of both the engine version and platform version descriptions.
  • api-change:sagemaker: [botocore] Add support for SageMaker Hyperpod continuous scaling and custom AMI; Introduce new APIs: ListClusterEvents, DescribeClusterEvent, BatchAddClusterNodes

v1.40.2

Compare Source

=======

  • api-change:bedrock-runtime: [botocore] Fixed stop sequence limit for converse API.
  • api-change:ec2: [botocore] Release shows new route types such as filtered and advertisement.
  • api-change:xray: [botocore] AWS X-Ray Features: Support Sampling Rate Boost On Anomaly

v1.40.1

Compare Source

=======

  • api-change:amplifybackend: [botocore] Remove incorrect endpoint tests
  • api-change:application-insights: [botocore] Remove incorrect endpoint tests
  • api-change:batch: [botocore] Added ECS_AL2023_NVIDIA as an option for Ec2Configuration.imageType.
  • api-change:chime: [botocore] Remove incorrect endpoint tests
  • api-change:chime-sdk-identity: [botocore] Remove incorrect endpoint tests
  • api-change:chime-sdk-meetings: [botocore] Remove incorrect endpoint tests
  • api-change:chime-sdk-voice: [botocore] Remove incorrect endpoint tests
  • api-change:codeguruprofiler: [botocore] Remove incorrect endpoint tests
  • api-change:datapipeline: [botocore] Remove incorrect endpoint tests
  • api-change:discovery: [botocore] Remove incorrect endpoint tests
  • api-change:ds: [botocore] Add APIs for CA AutoEnrollment support: DescribeCAEnrollmentPolicy, EnableCAEnrollmentPolicy and DisableCAEnrollmentPolicy.
  • api-change:eks: [botocore] Add support for on-demand refresh of EKS cluster insights
  • api-change:elasticache: [botocore] Remove incorrect endpoint tests
  • api-change:endpoint-rules: [botocore] Update endpoint-rules client to latest version
  • api-change:evidently: [botocore] Remove incorrect endpoint tests
  • api-change:frauddetector: [botocore] Remove incorrect endpoint tests
  • api-change:inspector: [botocore] Remove incorrect endpoint tests
  • api-change:kinesisvideo: [botocore] Remove incorrect endpoint tests
  • api-change:kinesis-video-media: [botocore] Remove incorrect endpoint tests
  • api-change:lakeformation: [botocore] Remove incorrect endpoint tests
  • api-change:lex-models: [botocore] Remove incorrect endpoint tests
  • api-change:migrationhub-config: [botocore] Remove incorrect endpoint tests
  • api-change:neptune-graph: [botocore] Add StartGraph and StopGraph operations to Neptune Analytics
  • api-change:opsworks: [botocore] The opsworks client has been removed following the deprecation of the service.
  • api-change:opsworkscm: [botocore] The opsworkscm client has been removed following the deprecation of the service.
  • api-change:personalize: [botocore] Remove incorrect endpoint tests
  • api-change:pi: [botocore] Remove incorrect endpoint tests
  • api-change:qldb-session: [botocore] Remove incorrect endpoint tests
  • api-change:redshift: [botocore] Remove incorrect endpoint tests
  • api-change:robomaker: [botocore] Remove incorrect endpoint tests
  • api-change:sagemaker: [botocore] This release adds support for AutoScaling on SageMaker HyperPod.
  • api-change:schemas: [botocore] Remove incorrect endpoint tests
  • api-change:snow-device-management: [botocore] Remove incorrect endpoint tests
  • api-change:timestream-write: [botocore] Remove incorrect endpoint tests
  • api-change:voice-id: [botocore] Remove incorrect endpoint tests
  • api-change:workdocs: [botocore] Remove incorrect endpoint tests
  • api-change:workmail: [botocore] Remove incorrect endpoint tests

v1.40.0

Compare Source

======

  • api-change:customer-profiles: [botocore] The release updates standard profile with 2 new fields that supports account-level engagement. Updated APIs include CreateProfile, UpdateProfile, MergeProfiles, SearchProfiles, BatchGetProfile, GetSegmentMembership, CreateSegmentDefinition, CreateSegmentEstimate.
  • api-change:ec2: [botocore] Added support for the force option for the EC2 instance terminate command. This feature enables customers to recover resources associated with an instance stuck in the shutting-down state as a result of rare issues caused by a frozen operating system or an underlying hardware problem.
  • api-change:elbv2: [botocore] This release enables secondary IP addresses for Network Load Balancers.
  • api-change:entityresolution: [botocore] Add support for creating advanced rule-based matching workflows in AWS Entity Resolution.
  • api-change:glue: [botocore] Added support for Route node, S3 Iceberg sources/targets, catalog Iceberg sources, DynamoDB ELT connector, AutoDataQuality evaluation, enhanced PII detection with redaction, Kinesis fan-out support, and new R-series worker types.
  • api-change:inspector2: [botocore] Extend usage to include agentless hours and add CODE_REPOSITORY to aggregation resource type
  • api-change:iot: [botocore] This release allows AWS IoT Core users to use their own AWS KMS keys for data protection
  • api-change:opensearch: [botocore] Granular access control support for NEO-SAML with IAMFederation for AOS data source
  • api-change:quicksight: [botocore] Added Impala connector support
  • api-change:s3control: [botocore] Add Tags field to CreateAccessPoint
  • api-change:sesv2: [botocore] This release introduces support for Multi-tenant management
  • api-change:workspaces-web: [botocore] Added ability to log session activity on a portal to an S3 bucket.
  • feature:sts: [botocore] Updated the default sts service endpoint from legacy to regional. This behavior can be overridden using the sts_regional_endpoints setting in the shared AWS config file or the AWS_STS_REGIONAL_ENDPOINTS environment variable.
boto/botocore (botocore)

v1.40.16

Compare Source

=======

  • api-change:clouddirectory: Remove incorrect endpoint tests
  • api-change:cognito-sync: Remove incorrect endpoint tests
  • api-change:docdb: Remove incorrect endpoint tests
  • api-change:elb: Remove incorrect endpoint tests
  • api-change:endpoint-rules: Update endpoint-rules client to latest version
  • api-change:healthlake: Remove incorrect endpoint tests
  • api-change:iotanalytics: Remove incorrect endpoint tests
  • api-change:macie2: Remove incorrect endpoint tests
  • api-change:marketplacecommerceanalytics: Remove incorrect endpoint tests
  • api-change:medialive: AWS Elemental MediaLive now has a field called "SubtitleRows" for controlling subtitle row count for DVB-Sub and Burn-In captions outputs
  • api-change:memorydb: Remove incorrect endpoint tests
  • api-change:proton: Remove incorrect endpoint tests
  • api-change:qconnect: Releasing model ID support for UpdateAIPrompt
  • api-change:qldb: Remove incorrect endpoint tests
  • api-change:rds: Updates Amazon RDS documentation for Db2 read-only replicas.
  • api-change:route53-recovery-readiness: Remove incorrect endpoint tests
  • api-change:sagemaker: Launch SageMaker Notebook Instances support for AL2023 along with P6-B200 instance type and Rootless Docker support for SageMaker Studio.
  • api-change:sagemaker-a2i-runtime: Remove incorrect endpoint tests
  • api-change:simspaceweaver: Remove incorrect endpoint tests
  • api-change:synthetics: Added multi browser support for synthetics canaries, Increased ephemeral storage limit from 5GB to 10GB
  • api-change:wafv2: test and verified, safe to release

v1.40.15

Compare Source

=======

  • api-change:apigatewaymanagementapi: Remove incorrect endpoint tests
  • api-change:appfabric: Remove incorrect endpoint tests
  • api-change:backup-gateway: Remove incorrect endpoint tests
  • api-change:cloudhsm: Remove incorrect endpoint tests
  • api-change:cognito-identity: Remove incorrect endpoint tests
  • api-change:comprehend: Remove incorrect endpoint tests
  • api-change:ebs: Remove incorrect endpoint tests
  • api-change:ecr-public: Remove incorrect endpoint tests
  • api-change:ecs: This is a documentation only release that adds additional information for the update-service request parameters.
  • api-change:elasticbeanstalk: Remove incorrect endpoint tests
  • api-change:endpoint-rules: Update endpoint-rules client to latest version
  • api-change:es: Remove incorrect endpoint tests
  • api-change:forecastquery: Remove incorrect endpoint tests
  • api-change:gameliftstreams: The default application in a stream group can now be changed at any time using UpdateStreamGroup to update the DefaultApplicationIdentifier.
  • api-change:glue: Added support for preprocessing queries in Data Quality operations through new DataQualityGlueTable structure.
  • api-change:greengrassv2: Remove incorrect endpoint tests
  • api-change:guardduty: Remove Pattern trait from email field
  • api-change:iotdeviceadvisor: Remove incorrect endpoint tests
  • api-change:iotevents: Remove incorrect endpoint tests
  • api-change:iotevents-data: Remove incorrect endpoint tests
  • api-change:iotthingsgraph: Remove incorrect endpoint tests
  • api-change:kinesis-video-signaling: Remove incorrect endpoint tests
  • api-change:lexv2-runtime: Remove incorrect endpoint tests
  • api-change:lookoutmetrics: Remove incorrect endpoint tests
  • api-change:managedblockchain: Remove incorrect endpoint tests
  • api-change:mediapackage: Remove incorrect endpoint tests
  • api-change:panorama: Remove incorrect endpoint tests
  • api-change:pinpoint-email: Remove incorrect endpoint tests
  • api-change:resource-groups: Remove incorrect endpoint tests
  • api-change:s3outposts: Remove incorrect endpoint tests
  • api-change:ssm-contacts: Doc-only updates for Incident Manager Contacts August 2025

v1.40.14

Compare Source

=======

  • api-change:bedrock-runtime: Launch CountTokens API to allow token counting
  • api-change:billing: Clarify IPv4 and IPv6 endpoints
  • api-change:cognito-idp: This release adds support for the new Terms APIs which allow displaying Terms of Use and Privacy Policy on the Managed Login user-registration page.
  • api-change:datazone: This release supports policy grant identifier for cloud formation integration
  • api-change:detective: Remove incorrect endpoint tests
  • api-change:dynamodb: Remove incorrect endpoint tests
  • api-change:eks: EKS Add-ons Custom Namespace Support
  • api-change:endpoint-rules: Update endpoint-rules client to latest version
  • api-change:kinesisanalyticsv2: Adds Key Management Service (KMS) support allowing customer-managed key (CMK) encryption for Flink application data.
  • api-change:pinpoint-sms-voice-v2: This change added InternationalSendingEnbaled as part of describe/Update/Request phone number API response, and as part of update/Request phone number API request
  • api-change:route53-recovery-control-config: Remove incorrect endpoint tests
  • api-change:sagemaker: This release adds 1/ Launch ml.p5.4xlarge instance in Processing jobs, Training jobs and Training Plan 2/ Makes S3Uri to be required for S3FileSystem and S3FileSystemConfig.

v1.40.13

Compare Source

=======

  • api-change:cleanrooms: Support error message configuration for analysis templates
  • api-change:ec2: Add support for "warning" volume status.
  • api-change:polly: Added support for new output format - Opus.

v1.40.12

Compare Source

=======

  • api-change:batch: Added default_x86_64 and default_arm64 as values to the instanceTypes field.
  • api-change:bcm-dashboards: Bil

Configuration

📅 Schedule: Branch creation - "before 4am" in timezone UTC, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

a-klos and others added 7 commits July 31, 2025 10:08
@a-klos @renovate-bot
chore(deps): update dependency vite to v5.4.19 [security] (#62)
6377bda 
This PR contains the following updates:

| Package | Change | Age | Confidence |
|---|---|---|---|
| [vite](https://vite.dev)
([source](https://redirect.github.com/vitejs/vite/tree/HEAD/packages/vite))
| [`5.4.7` ->
`5.4.19`](https://renovatebot.com/diffs/npm/vite/5.4.7/5.4.19) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/vite/5.4.19?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/vite/5.4.7/5.4.19?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

### GitHub Vulnerability Alerts

####
[CVE-2025-24010](https://redirect.github.com/vitejs/vite/security/advisories/GHSA-vg6x-rcgg-rjx6)

### Summary
Vite allowed any websites to send any requests to the development server
and read the response due to default CORS settings and lack of
validation on the Origin header for WebSocket connections.

> [!WARNING]
> This vulnerability even applies to users that only run the Vite dev
server on the local machine and does not expose the dev server to the
network.

### Upgrade Path
Users that does not match either of the following conditions should be
able to upgrade to a newer version of Vite that fixes the vulnerability
without any additional configuration.

- Using the backend integration feature
- Using a reverse proxy in front of Vite
- Accessing the development server via a domain other than `localhost`
or `*.localhost`
- Using a plugin / framework that connects to the WebSocket server on
their own from the browser

#### Using the backend integration feature
If you are using the backend integration feature and not setting
[`server.origin`](https://vite.dev/config/server-options.html#server-origin),
you need to add the origin of the backend server to the
[`server.cors.origin`](https://redirect.github.com/expressjs/cors#configuration-options)
option. Make sure to set a specific origin rather than `*`, otherwise
any origin can access your development server.

#### Using a reverse proxy in front of Vite
If you are using a reverse proxy in front of Vite and sending requests
to Vite with a hostname other than `localhost` or `*.localhost`, you
need to add the hostname to the new
[`server.allowedHosts`](https://vite.dev/config/server-options.html#server-allowedhosts)
option. For example, if the reverse proxy is sending requests to
`http://vite:5173`, you need to add `vite` to the `server.allowedHosts`
option.

#### Accessing the development server via a domain other than
`localhost` or `*.localhost`
You need to add the hostname to the new
[`server.allowedHosts`](https://vite.dev/config/server-options.html#server-allowedhosts)
option. For example, if you are accessing the development server via
`http://foo.example.com:8080`, you need to add `foo.example.com` to the
`server.allowedHosts` option.

#### Using a plugin / framework that connects to the WebSocket server on
their own from the browser
If you are using a plugin / framework, try upgrading to a newer version
of Vite that fixes the vulnerability. If the WebSocket connection
appears not to be working, the plugin / framework may have a code that
connects to the WebSocket server on their own from the browser.

In that case, you can either:

- fix the plugin / framework code to the make it compatible with the new
version of Vite
- set `legacy.skipWebSocketTokenCheck: true` to opt-out the fix for [2]
while the plugin / framework is incompatible with the new version of
Vite
- When enabling this option, **make sure that you are aware of the
security implications** described in the impact section of [2] above.

### Mitigation without upgrading Vite

#### [1]: Permissive default CORS settings
Set `server.cors` to `false` or limit `server.cors.origin` to trusted
origins.

#### [2]: Lack of validation on the Origin header for WebSocket
connections
There aren't any mitigations for this.

#### [3]: Lack of validation on the Host header for HTTP requests
Use Chrome 94+ or use HTTPS for the development server.

### Details

There are three causes that allowed malicious websites to send any
requests to the development server:

#### [1]: Permissive default CORS settings

Vite sets the
[`Access-Control-Allow-Origin`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin)
header depending on
[`server.cors`](https://vite.dev/config/server-options.html#server-cors)
option. The default value was `true` which sets
`Access-Control-Allow-Origin: *`. This allows websites on any origin to
`fetch` contents served on the development server.

Attack scenario:

1. The attacker serves a malicious web page
(`http://malicious.example.com`).
2. The user accesses the malicious web page.
3. The attacker sends a `fetch('http://127.0.0.1:5173/main.js')` request
by JS in that malicious web page. This request is normally blocked by
same-origin policy, but that's not the case for the reasons above.
4. The attacker gets the content of `http://127.0.0.1:5173/main.js`.

#### [2]: Lack of validation on the Origin header for WebSocket
connections

Vite starts a WebSocket server to handle HMR and other functionalities.
This WebSocket server [did not perform validation on the Origin
header](https://redirect.github.com/vitejs/vite/blob/v6.0.7/packages/vite/src/node/server/ws.ts#L145-L157)
and was vulnerable to Cross-Site WebSocket Hijacking (CSWSH) attacks.
With that attack, an attacker can read and write messages on the
WebSocket connection. Vite only sends some information over the
WebSocket connection ([list of the file paths that changed, the file
content where the errored happened,
etc.](https://redirect.github.com/vitejs/vite/blob/v6.0.7/packages/vite/types/hmrPayload.d.ts#L12-L72)),
but plugins can send arbitrary messages and may include more sensitive
information.

Attack scenario:

1. The attacker serves a malicious web page
(`http://malicious.example.com`).
2. The user accesses the malicious web page.
3. The attacker runs `new WebSocket('http://127.0.0.1:5173',
'vite-hmr')` by JS in that malicious web page.
4. The user edits some files.
5. Vite sends some HMR messages over WebSocket.
6. The attacker gets the content of the HMR messages.

#### [3]: Lack of validation on the Host header for HTTP requests

Unless
[`server.https`](https://vite.dev/config/server-options.html#server-https)
is set, Vite starts the development server on HTTP. Non-HTTPS servers
are vulnerable to DNS rebinding attacks without validation on the Host
header. But Vite did not perform validation on the Host header. By
exploiting this vulnerability, an attacker can send arbitrary requests
to the development server bypassing the same-origin policy.

1. The attacker serves a malicious web page that is served on **HTTP**
(`http://malicious.example.com:5173`) (HTTPS won't work).
2. The user accesses the malicious web page.
3. The attacker changes the DNS to point to 127.0.0.1 (or other private
addresses).
4. The attacker sends a `fetch('/main.js')` request by JS in that
malicious web page.
5. The attacker gets the content of `http://127.0.0.1:5173/main.js`
bypassing the same origin policy.

### Impact

#### [1]: Permissive default CORS settings
Users with the default `server.cors` option may:

- get the source code stolen by malicious websites
- give the attacker access to functionalities that are not supposed to
be exposed externally
- Vite core does not have any functionality that causes changes
somewhere else when receiving a request, but plugins may implement those
functionalities and servers behind `server.proxy` may have those
functionalities.

#### [2]: Lack of validation on the Origin header for WebSocket
connections
All users may get the file paths of the files that changed and the file
content where the error happened be stolen by malicious websites.

For users that is using a plugin that sends messages over WebSocket,
that content may be stolen by malicious websites.

For users that is using a plugin that has a functionality that is
triggered by messages over WebSocket, that functionality may be
exploited by malicious websites.

#### [3]: Lack of validation on the Host header for HTTP requests
Users using HTTP for the development server and using a browser that is
not Chrome 94+ may:

- get the source code stolen by malicious websites
- give the attacker access to functionalities that are not supposed to
be exposed externally
- Vite core does not have any functionality that causes changes
somewhere else when receiving a request, but plugins may implement those
functionalities and servers behind `server.proxy` may have those
functionalities.

Chrome 94+ users are not affected for [3], because [sending a request to
a private network page from public non-HTTPS page is
forbidden](https://developer.chrome.com/blog/private-network-access-update#chrome_94)
since Chrome 94.

### Related Information
Safari has [a bug that blocks requests to loopback addresses from HTTPS
origins](https://bugs.webkit.org/show_bug.cgi?id=171934). This means
when the user is using Safari and Vite is listening on lookback
addresses, there's another condition of "the malicious web page is
served on HTTP" to make [1] and [2] to work.

### PoC

#### [2]: Lack of validation on the Origin header for WebSocket
connections
1. I used the `react` template which utilizes HMR functionality.

```
npm create vite@latest my-vue-app-react -- --template react
```

2. Then on a malicious server, serve the following POC html:
```html
<!doctype html>
<html lang="en">
    <head>
        <meta charset="utf-8" />
        <title>vite CSWSH</title>
    </head>
    <body>
        <div id="logs"></div>
        <script>
            const div = document.querySelectorAll('#logs')[0];
            const ws = new WebSocket('ws://localhost:5173','vite-hmr');
            ws.onmessage = event => {
                const logLine = document.createElement('p');
                logLine.innerHTML = event.data;
                div.append(logLine);
            };
        </script>
    </body>
</html>
```

3. Kick off Vite 

```
npm run dev
```

4. Load the development server (open `http://localhost:5173/`) as well
as the malicious page in the browser.
5. Edit `src/App.jsx` file and intentionally place a syntax error
6. Notice how the malicious page can view the websocket messages and a
snippet of the source code is exposed

Here's a video demonstrating the POC:


https://github.com/user-attachments/assets/a4ad05cd-0b34-461c-9ff6-d7c8663d6961

####
[CVE-2025-30208](https://redirect.github.com/vitejs/vite/security/advisories/GHSA-x574-m823-4x7w)

### Summary
The contents of arbitrary files can be returned to the browser.

### Impact
Only apps explicitly exposing the Vite dev server to the network (using
`--host` or [`server.host` config
option](https://vitejs.dev/config/server-options.html#server-host)) are
affected.

### Details
`@fs` denies access to files outside of Vite serving allow list. Adding
`?raw??` or `?import&raw??` to the URL bypasses this limitation and
returns the file content if it exists. This bypass exists because
trailing separators such as `?` are removed in several places, but are
not accounted for in query string regexes.

### PoC
```bash
$ npm create vite@latest
$ cd vite-project/
$ npm install
$ npm run dev

$ echo "top secret content" > /tmp/secret.txt

# expected behaviour
$ curl "http://localhost:5173/@&#8203;fs/tmp/secret.txt"

    <body>
      <h1>403 Restricted</h1>
      <p>The request url &quot;/tmp/secret.txt&quot; is outside of Vite serving allow list.

# security bypassed
$ curl "http://localhost:5173/@&#8203;fs/tmp/secret.txt?import&raw??"
export default "top secret content\n"
//# sourceMappingURL=data:application/json;base64,eyJ2...
```

####
[CVE-2025-31125](https://redirect.github.com/vitejs/vite/security/advisories/GHSA-4r4m-qw57-chr8)

### Summary

The contents of arbitrary files can be returned to the browser.

### Impact
Only apps explicitly exposing the Vite dev server to the network (using
`--host` or [`server.host` config
option](https://vitejs.dev/config/server-options.html#server-host)) are
affected.

### Details

- base64 encoded content of non-allowed files is exposed using
`?inline&import` (originally reported as `?import&?inline=1.wasm?init`)
- content of non-allowed files is exposed using `?raw?import`

`/@&#8203;fs/` isn't needed to reproduce the issue for files inside the
project root.

### PoC

Original report (check details above for simplified cases):

The ?import&?inline=1.wasm?init ending allows attackers to read
arbitrary files and returns the file content if it exists. Base64
decoding needs to be performed twice
```
$ npm create vite@latest
$ cd vite-project/
$ npm install
$ npm run dev
```

Example full URL
`http://localhost:5173/@&#8203;fs/C:/windows/win.ini?import&?inline=1.wasm?init`

####
[CVE-2025-31486](https://redirect.github.com/vitejs/vite/security/advisories/GHSA-xcj6-pq6g-qj4x)

### Summary

The contents of arbitrary files can be returned to the browser.

### Impact

Only apps explicitly exposing the Vite dev server to the network (using
--host or [server.host config
option](https://vitejs.dev/config/server-options.html#server-host)) are
affected.

### Details

#### `.svg`

Requests ending with `.svg` are loaded at this line.

https://github.com/vitejs/vite/blob/037f801075ec35bb6e52145d659f71a23813c48f/packages/vite/src/node/plugins/asset.ts#L285-L290
By adding `?.svg` with `?.wasm?init` or with `sec-fetch-dest: script`
header, the restriction was able to bypass.

This bypass is only possible if the file is smaller than
[`build.assetsInlineLimit`](https://vite.dev/config/build-options.html#build-assetsinlinelimit)
(default: 4kB) and when using Vite 6.0+.

#### relative paths

The check was applied before the id normalization. This allowed requests
to bypass with relative paths (e.g. `../../`).

### PoC

```bash
npm create vite@latest
cd vite-project/
npm install
npm run dev
```

send request to read `etc/passwd`

```bash
curl 'http://127.0.0.1:5173/etc/passwd?.svg?.wasm?init'
```

```bash
curl 'http://127.0.0.1:5173/@&#8203;fs/x/x/x/vite-project/?/../../../../../etc/passwd?import&?raw'
```

####
[CVE-2025-32395](https://redirect.github.com/vitejs/vite/security/advisories/GHSA-356w-63v5-8wf4)

### Summary
The contents of arbitrary files can be returned to the browser if the
dev server is running on Node or Bun.

### Impact
Only apps with the following conditions are affected.

- explicitly exposing the Vite dev server to the network (using --host
or [server.host config
option](https://vitejs.dev/config/server-options.html#server-host))
- running the Vite dev server on runtimes that are not Deno (e.g. Node,
Bun)

### Details

[HTTP 1.1 spec (RFC 9112) does not allow `#` in
`request-target`](https://datatracker.ietf.org/doc/html/rfc9112#section-3.2).
Although an attacker can send such a request. For those requests with an
invalid `request-line` (it includes `request-target`), the spec
[recommends to reject them with 400 or
301](https://datatracker.ietf.org/doc/html/rfc9112#section-3.2-4). The
same can be said for HTTP 2
([ref1](https://datatracker.ietf.org/doc/html/rfc9113#section-8.3.1-2.4.1),
[ref2](https://datatracker.ietf.org/doc/html/rfc9113#section-8.3.1-3),
[ref3](https://datatracker.ietf.org/doc/html/rfc9113#section-8.1.1-3)).

On Node and Bun, those requests are not rejected internally and is
passed to the user land. For those requests, the value of
[`http.IncomingMessage.url`](https://nodejs.org/docs/latest-v22.x/api/http.html#messageurl)
contains `#`. Vite assumed `req.url` won't contain `#` when checking
`server.fs.deny`, allowing those kinds of requests to bypass the check.

On Deno, those requests are not rejected internally and is passed to the
user land as well. But for those requests, the value of
`http.IncomingMessage.url` did not contain `#`.

### PoC
```
npm create vite@latest
cd vite-project/
npm install
npm run dev
```
send request to read `/etc/passwd`
```
curl --request-target /@&#8203;fs/Users/doggy/Desktop/vite-project/#/../../../../../etc/passwd http://127.0.0.1:5173
```

####
[CVE-2025-46565](https://redirect.github.com/vitejs/vite/security/advisories/GHSA-859w-5945-r5v3)

### Summary
The contents of files in [the project
`root`](https://vite.dev/config/shared-options.html#root) that are
denied by a file matching pattern can be returned to the browser.

### Impact

Only apps explicitly exposing the Vite dev server to the network (using
--host or [server.host config
option](https://vitejs.dev/config/server-options.html#server-host)) are
affected.
Only files that are under [project
`root`](https://vite.dev/config/shared-options.html#root) and are denied
by a file matching pattern can be bypassed.

- Examples of file matching patterns: `.env`, `.env.*`, `*.{crt,pem}`,
`**/.env`
- Examples of other patterns: `**/.git/**`, `.git/**`, `.git/**/*`

### Details

[`server.fs.deny`](https://vite.dev/config/server-options.html#server-fs-deny)
can contain patterns matching against files (by default it includes
`.env`, `.env.*`, `*.{crt,pem}` as such patterns).
These patterns were able to bypass for files under `root` by using a
combination of slash and dot (`/.`).

### PoC
```
npm create vite@latest
cd vite-project/
cat "secret" > .env
npm install
npm run dev
curl --request-target /.env/. http://localhost:5173
```


![image](https://redirect.github.com/user-attachments/assets/822f4416-aa42-461f-8c95-a88d155e674b)

![image](https://redirect.github.com/user-attachments/assets/42902144-863a-4afb-ac5b-fc16effa37cc)

---

### Release Notes

<details>
<summary>vitejs/vite (vite)</summary>

###
[`v5.4.19`](https://redirect.github.com/vitejs/vite/releases/tag/v5.4.19)

[Compare
Source](https://redirect.github.com/vitejs/vite/compare/v5.4.18...v5.4.19)

Please refer to
[CHANGELOG.md](https://redirect.github.com/vitejs/vite/blob/v5.4.19/packages/vite/CHANGELOG.md)
for details.

###
[`v5.4.18`](https://redirect.github.com/vitejs/vite/releases/tag/v5.4.18)

[Compare
Source](https://redirect.github.com/vitejs/vite/compare/v5.4.17...v5.4.18)

Please refer to
[CHANGELOG.md](https://redirect.github.com/vitejs/vite/blob/v5.4.18/packages/vite/CHANGELOG.md)
for details.

###
[`v5.4.17`](https://redirect.github.com/vitejs/vite/releases/tag/v5.4.17)

[Compare
Source](https://redirect.github.com/vitejs/vite/compare/v5.4.16...v5.4.17)

Please refer to
[CHANGELOG.md](https://redirect.github.com/vitejs/vite/blob/v5.4.17/packages/vite/CHANGELOG.md)
for details.

###
[`v5.4.16`](https://redirect.github.com/vitejs/vite/releases/tag/v5.4.16)

[Compare
Source](https://redirect.github.com/vitejs/vite/compare/v5.4.15...v5.4.16)

Please refer to
[CHANGELOG.md](https://redirect.github.com/vitejs/vite/blob/v5.4.16/packages/vite/CHANGELOG.md)
for details.

###
[`v5.4.15`](https://redirect.github.com/vitejs/vite/releases/tag/v5.4.15)

[Compare
Source](https://redirect.github.com/vitejs/vite/compare/v5.4.14...v5.4.15)

Please refer to
[CHANGELOG.md](https://redirect.github.com/vitejs/vite/blob/v5.4.15/packages/vite/CHANGELOG.md)
for details.

###
[`v5.4.14`](https://redirect.github.com/vitejs/vite/releases/tag/v5.4.14)

[Compare
Source](https://redirect.github.com/vitejs/vite/compare/v5.4.13...v5.4.14)

Please refer to
[CHANGELOG.md](https://redirect.github.com/vitejs/vite/blob/v5.4.14/packages/vite/CHANGELOG.md)
for details.

###
[`v5.4.13`](https://redirect.github.com/vitejs/vite/releases/tag/v5.4.13)

[Compare
Source](https://redirect.github.com/vitejs/vite/compare/v5.4.12...v5.4.13)

Please refer to
[CHANGELOG.md](https://redirect.github.com/vitejs/vite/blob/v5.4.13/packages/vite/CHANGELOG.md)
for details.

###
[`v5.4.12`](https://redirect.github.com/vitejs/vite/releases/tag/v5.4.12)

[Compare
Source](https://redirect.github.com/vitejs/vite/compare/v5.4.11...v5.4.12)

This version contains a breaking change due to security fixes. See
https://github.com/vitejs/vite/security/advisories/GHSA-vg6x-rcgg-rjx6
for more details.

Please refer to
[CHANGELOG.md](https://redirect.github.com/vitejs/vite/blob/v5.4.12/packages/vite/CHANGELOG.md)
for details.

###
[`v5.4.11`](https://redirect.github.com/vitejs/vite/blob/HEAD/packages/vite/CHANGELOG.md#600-2024-11-26)

[Compare
Source](https://redirect.github.com/vitejs/vite/compare/v5.4.10...v5.4.11)

![Vite 6 is out!](../../docs/public/og-image-announcing-vite6.png)

Today, we're taking another big step in Vite's story. The Vite
[team](https://vite.dev/team),
[contributors](https://redirect.github.com/vitejs/vite/graphs/contributors),
and ecosystem partners are excited to announce the release of the next
Vite major:

- **[Vite 6.0 announcement blog
post](https://vite.dev/blog/announcing-vite6.html)**
- [Docs](https://vite.dev/)
- Translations: [简体中文](https://cn.vite.dev/),
[日本語](https://ja.vite.dev/), [Español](https://es.vite.dev/),
[Português](https://pt.vite.dev/), [한국어](https://ko.vite.dev/),
[Deutsch](https://de.vite.dev/)
- [Migration Guide](https://vite.dev/guide/migration.html)

We want to thank the more than [1K contributors to Vite
Core](https://redirect.github.com/vitejs/vite/graphs/contributors) and
the maintainers and contributors of Vite plugins, integrations, tools,
and translations that have helped us craft this new major. We invite you
to get involved and help us improve Vite for the whole ecosystem. Learn
more at our [Contributing
Guide](https://redirect.github.com/vitejs/vite/blob/main/CONTRIBUTING.md).

##### ⚠ BREAKING CHANGES

- drop node 21 support in version ranges
([#&#8203;18729](https://redirect.github.com/vitejs/vite/issues/18729))
- **deps:** update dependency dotenv-expand to v12
([#&#8203;18697](https://redirect.github.com/vitejs/vite/issues/18697))
- **resolve:** allow removing conditions
([#&#8203;18395](https://redirect.github.com/vitejs/vite/issues/18395))
- **html:** support more asset sources
([#&#8203;11138](https://redirect.github.com/vitejs/vite/issues/11138))
- remove fs.cachedChecks option
([#&#8203;18493](https://redirect.github.com/vitejs/vite/issues/18493))
- proxy bypass with WebSocket
([#&#8203;18070](https://redirect.github.com/vitejs/vite/issues/18070))
- **css:** remove default import in ssr dev
([#&#8203;17922](https://redirect.github.com/vitejs/vite/issues/17922))
- **lib:** use package name for css output file name
([#&#8203;18488](https://redirect.github.com/vitejs/vite/issues/18488))
- update to chokidar v4
([#&#8203;18453](https://redirect.github.com/vitejs/vite/issues/18453))
- support `file://` resolution
([#&#8203;18422](https://redirect.github.com/vitejs/vite/issues/18422))
- **deps:** update postcss-load-config to v6
([#&#8203;15235](https://redirect.github.com/vitejs/vite/issues/15235))
- **css:** change default sass api to modern/modern-compiler
([#&#8203;17937](https://redirect.github.com/vitejs/vite/issues/17937))
- **css:** load postcss config within workspace root only
([#&#8203;18440](https://redirect.github.com/vitejs/vite/issues/18440))
- default `build.cssMinify` to `'esbuild'` for SSR
([#&#8203;15637](https://redirect.github.com/vitejs/vite/issues/15637))
- **json:** add `json.stringify: 'auto'` and make that the default
([#&#8203;18303](https://redirect.github.com/vitejs/vite/issues/18303))
- bump minimal terser version to 5.16.0
([#&#8203;18209](https://redirect.github.com/vitejs/vite/issues/18209))
- **deps:** migrate `fast-glob` to `tinyglobby`
([#&#8203;18243](https://redirect.github.com/vitejs/vite/issues/18243))

##### Features

- add support for .cur type
([#&#8203;18680](https://redirect.github.com/vitejs/vite/issues/18680))
([5ec9eed](https://redirect.github.com/vitejs/vite/commit/5ec9eedc80bbf39a33b498198ba07ed1bd9cacc7))
- drop node 21 support in version ranges
([#&#8203;18729](https://redirect.github.com/vitejs/vite/issues/18729))
([a384d8f](https://redirect.github.com/vitejs/vite/commit/a384d8fd39162190675abcfea31ba657383a3d03))
- enable HMR by default on ModuleRunner side
([#&#8203;18749](https://redirect.github.com/vitejs/vite/issues/18749))
([4d2abc7](https://redirect.github.com/vitejs/vite/commit/4d2abc7bba95cf516ce7341d5d8f349d61b75224))
- support `module-sync` condition when loading config if enabled
([#&#8203;18650](https://redirect.github.com/vitejs/vite/issues/18650))
([cf5028d](https://redirect.github.com/vitejs/vite/commit/cf5028d4bf0a0d59b4a98323beaadc268204056b))
- add `isSsrTargetWebWorker` flag to `configEnvironment` hook
([#&#8203;18620](https://redirect.github.com/vitejs/vite/issues/18620))
([3f5fab0](https://redirect.github.com/vitejs/vite/commit/3f5fab04aa64c0e9b45068e842f033583b365de0))
- add `ssr.resolve.mainFields` option
([#&#8203;18646](https://redirect.github.com/vitejs/vite/issues/18646))
([a6f5f5b](https://redirect.github.com/vitejs/vite/commit/a6f5f5baca7a5d2064f5f4cb689764ad939fab4b))
- expose default mainFields/conditions
([#&#8203;18648](https://redirect.github.com/vitejs/vite/issues/18648))
([c12c653](https://redirect.github.com/vitejs/vite/commit/c12c653ca5fab354e0f71394e2fbe636dccf6b2f))
- extended applyToEnvironment and perEnvironmentPlugin
([#&#8203;18544](https://redirect.github.com/vitejs/vite/issues/18544))
([8fa70cd](https://redirect.github.com/vitejs/vite/commit/8fa70cdfa65ce8254ab8da8be0d92614126764c0))
- **optimizer:** allow users to specify their esbuild `platform` option
([#&#8203;18611](https://redirect.github.com/vitejs/vite/issues/18611))
([0924879](https://redirect.github.com/vitejs/vite/commit/09248795ca79a7053b803af8977c3422f5cd5824))
- show error when accessing variables not exposed in CJS build
([#&#8203;18649](https://redirect.github.com/vitejs/vite/issues/18649))
([87c5502](https://redirect.github.com/vitejs/vite/commit/87c55022490d4710934c482abf5fbd4fcda9c3c9))
- **asset:** add `?inline` and `?no-inline` queries to control inlining
([#&#8203;15454](https://redirect.github.com/vitejs/vite/issues/15454))
([9162172](https://redirect.github.com/vitejs/vite/commit/9162172e039ae67ad4ee8dce18f04b7444f7d9de))
- **asset:** inline svg in dev if within limit
([#&#8203;18581](https://redirect.github.com/vitejs/vite/issues/18581))
([f08b146](https://redirect.github.com/vitejs/vite/commit/f08b1463db50f39b571faa871d05c92b10f3434c))
- use a single transport for fetchModule and HMR support
([#&#8203;18362](https://redirect.github.com/vitejs/vite/issues/18362))
([78dc490](https://redirect.github.com/vitejs/vite/commit/78dc4902ffef7f316e84d21648b04dc62dd0ae0a))
- **html:** support more asset sources
([#&#8203;11138](https://redirect.github.com/vitejs/vite/issues/11138))
([8a7af50](https://redirect.github.com/vitejs/vite/commit/8a7af50b5ddf72f21098406e9668bc609b323899))
- **resolve:** allow removing conditions
([#&#8203;18395](https://redirect.github.com/vitejs/vite/issues/18395))
([d002e7d](https://redirect.github.com/vitejs/vite/commit/d002e7d05a0f23110f9185b39222819bcdfffc16))
- **html:** support `vite-ignore` attribute to opt-out of processing
([#&#8203;18494](https://redirect.github.com/vitejs/vite/issues/18494))
([d951310](https://redirect.github.com/vitejs/vite/commit/d9513104e21175e1d23e0f614df55cd53291ab4e))
- **lib:** use package name for css output file name
([#&#8203;18488](https://redirect.github.com/vitejs/vite/issues/18488))
([61cbf6f](https://redirect.github.com/vitejs/vite/commit/61cbf6f2cfcd5afc91fe0a0ad56abfc36a32f1ab))
- log complete config in debug mode
([#&#8203;18289](https://redirect.github.com/vitejs/vite/issues/18289))
([04f6736](https://redirect.github.com/vitejs/vite/commit/04f6736fd7ac3da22141929c01a151f5a6fe4e45))
- proxy bypass with WebSocket
([#&#8203;18070](https://redirect.github.com/vitejs/vite/issues/18070))
([3c9836d](https://redirect.github.com/vitejs/vite/commit/3c9836d96f118ff5748916241bc3871a54247ad1))
- support `file://` resolution
([#&#8203;18422](https://redirect.github.com/vitejs/vite/issues/18422))
([6a7e313](https://redirect.github.com/vitejs/vite/commit/6a7e313754dce5faa5cd7c1e2343448cd7f3a2a2))
- update to chokidar v4
([#&#8203;18453](https://redirect.github.com/vitejs/vite/issues/18453))
([192d555](https://redirect.github.com/vitejs/vite/commit/192d555f88bba7576e8a40cc027e8a11e006079c))
- allow custom `console` in `createLogger`
([#&#8203;18379](https://redirect.github.com/vitejs/vite/issues/18379))
([0c497d9](https://redirect.github.com/vitejs/vite/commit/0c497d9cb63bd4a6bb8e01c0e3b843890a239d23))
- **css:** add more stricter typing of lightningcss
([#&#8203;18460](https://redirect.github.com/vitejs/vite/issues/18460))
([b9b925e](https://redirect.github.com/vitejs/vite/commit/b9b925eb3f911ab63972124dc8ab0455449b925d))
- **css:** change default sass api to modern/modern-compiler
([#&#8203;17937](https://redirect.github.com/vitejs/vite/issues/17937))
([d4e0442](https://redirect.github.com/vitejs/vite/commit/d4e0442f9d6adc70b72ea0713dc8abb4b1f75ae4))
- read `sec-fetch-dest` header to detect JS in transform
([#&#8203;9981](https://redirect.github.com/vitejs/vite/issues/9981))
([e51dc40](https://redirect.github.com/vitejs/vite/commit/e51dc40b5907cf14d7aefaaf01fb8865a852ef15))
- **css:** load postcss config within workspace root only
([#&#8203;18440](https://redirect.github.com/vitejs/vite/issues/18440))
([d23a493](https://redirect.github.com/vitejs/vite/commit/d23a493cc4b54a2e2b2c1337b3b1f0c9b1be311e))
- **json:** add `json.stringify: 'auto'` and make that the default
([#&#8203;18303](https://redirect.github.com/vitejs/vite/issues/18303))
([b80daa7](https://redirect.github.com/vitejs/vite/commit/b80daa7c0970645dca569d572892648f66c6799c))
- add .git to deny list by default
([#&#8203;18382](https://redirect.github.com/vitejs/vite/issues/18382))
([105ca12](https://redirect.github.com/vitejs/vite/commit/105ca12b34e466dc9de838643954a873ac1ce804))
- add `environment::listen`
([#&#8203;18263](https://redirect.github.com/vitejs/vite/issues/18263))
([4d5f51d](https://redirect.github.com/vitejs/vite/commit/4d5f51d13f92cc8224a028c27df12834a0667659))
- enable dependencies discovery and pre-bundling in ssr environments
([#&#8203;18358](https://redirect.github.com/vitejs/vite/issues/18358))
([9b21f69](https://redirect.github.com/vitejs/vite/commit/9b21f69405271f1b864fa934a96adcb0e1a2bc4d))
- restrict characters useable for environment name
([#&#8203;18255](https://redirect.github.com/vitejs/vite/issues/18255))
([9ab6180](https://redirect.github.com/vitejs/vite/commit/9ab6180d3a20be71eb7aedef000f8c4ae3591c40))
- support arbitrary module namespace identifier imports from cjs deps
([#&#8203;18236](https://redirect.github.com/vitejs/vite/issues/18236))
([4389a91](https://redirect.github.com/vitejs/vite/commit/4389a917f8f5e8e67222809fb7b166bb97f6d02c))
- introduce RunnableDevEnvironment
([#&#8203;18190](https://redirect.github.com/vitejs/vite/issues/18190))
([fb292f2](https://redirect.github.com/vitejs/vite/commit/fb292f226f988e80fee4f4aea878eb3d5d229022))
- support `this.environment` in `options` and `onLog` hook
([#&#8203;18142](https://redirect.github.com/vitejs/vite/issues/18142))
([7722c06](https://redirect.github.com/vitejs/vite/commit/7722c061646bc8587f55f560bfe06b2a9643639a))
- **css:** support es2023 build target for lightningcss
([#&#8203;17998](https://redirect.github.com/vitejs/vite/issues/17998))
([1a76300](https://redirect.github.com/vitejs/vite/commit/1a76300cd16827f0640924fdc21747ce140c35fb))
- Environment API
([#&#8203;16471](https://redirect.github.com/vitejs/vite/issues/16471))
([242f550](https://redirect.github.com/vitejs/vite/commit/242f550eb46c93896fca6b55495578921e29a8af))
- expose `EnvironmentOptions` type
([#&#8203;18080](https://redirect.github.com/vitejs/vite/issues/18080))
([35cf59c](https://redirect.github.com/vitejs/vite/commit/35cf59c9d53ef544eb5f2fe2f9ff4d6cb225e63b))

##### Bug Fixes

- `createRunnableDevEnvironment` returns `RunnableDevEnvironment`, not
`DevEnvironment`
([#&#8203;18673](https://redirect.github.com/vitejs/vite/issues/18673))
([74221c3](https://redirect.github.com/vitejs/vite/commit/74221c391bffd61b9ef39b7c0f9ea2e405913a6f))
- `getModulesByFile` should return a `serverModule`
([#&#8203;18715](https://redirect.github.com/vitejs/vite/issues/18715))
([b80d5ec](https://redirect.github.com/vitejs/vite/commit/b80d5ecbbcc374bd8f32b2ed5ceb3cbfffaae77b))
- catch error in full reload handler
([#&#8203;18713](https://redirect.github.com/vitejs/vite/issues/18713))
([a10e741](https://redirect.github.com/vitejs/vite/commit/a10e7410656d3614cbfd07ba772776ff334a8d60))
- **client:** overlay not appearing when multiple vite clients were
loaded
([#&#8203;18647](https://redirect.github.com/vitejs/vite/issues/18647))
([27d70b5](https://redirect.github.com/vitejs/vite/commit/27d70b5fa61f1c1a836d52809549cb57569f42a4))
- **deps:** update all non-major dependencies
([#&#8203;18691](https://redirect.github.com/vitejs/vite/issues/18691))
([f005461](https://redirect.github.com/vitejs/vite/commit/f005461ecce89ada21cb0c021f7af460b5479736))
- **deps:** update dependency dotenv-expand to v12
([#&#8203;18697](https://redirect.github.com/vitejs/vite/issues/18697))
([0c658de](https://redirect.github.com/vitejs/vite/commit/0c658de41f4c1576c526a8c48a8ea0a019c6311c))
- display pre-transform error details
([#&#8203;18764](https://redirect.github.com/vitejs/vite/issues/18764))
([554f45f](https://redirect.github.com/vitejs/vite/commit/554f45f4d820c57c0874ebe48ef2fddfafdd0750))
- exit code on `SIGTERM`
([#&#8203;18741](https://redirect.github.com/vitejs/vite/issues/18741))
([cc55e36](https://redirect.github.com/vitejs/vite/commit/cc55e36dd39fef134568f53acc66514cbb7175ea))
- expose missing `InterceptorOptions` type
([#&#8203;18766](https://redirect.github.com/vitejs/vite/issues/18766))
([6252c60](https://redirect.github.com/vitejs/vite/commit/6252c6035695365c93773fbe06a4b2a307e86368))
- **html:** fix inline proxy modules invalidation
([#&#8203;18696](https://redirect.github.com/vitejs/vite/issues/18696))
([8ab04b7](https://redirect.github.com/vitejs/vite/commit/8ab04b70ada119fbca2fc5a53c36f233423febbe))
- log error when send in module runner failed
([#&#8203;18753](https://redirect.github.com/vitejs/vite/issues/18753))
([ba821bb](https://redirect.github.com/vitejs/vite/commit/ba821bb63eca6d8a9199ee2253ef2607375f5702))
- **module-runner:** make evaluator optional
([#&#8203;18672](https://redirect.github.com/vitejs/vite/issues/18672))
([fd1283f](https://redirect.github.com/vitejs/vite/commit/fd1283fe27cc1a19b5c7d9d72664832e4daa1bbf))
- **optimizer:** detect npm / yarn / pnpm dependency changes correctly
([#&#8203;17336](https://redirect.github.com/vitejs/vite/issues/17336))
([#&#8203;18560](https://redirect.github.com/vitejs/vite/issues/18560))
([818cf3e](https://redirect.github.com/vitejs/vite/commit/818cf3e7bf1b6c2dc56e7cd8f056bc1d185c2cd7))
- **optimizer:** trigger onCrawlEnd after manual included deps are
registered
([#&#8203;18733](https://redirect.github.com/vitejs/vite/issues/18733))
([dc60410](https://redirect.github.com/vitejs/vite/commit/dc6041099ccd5767764fb8c99a169869bbd13f16))
- **optimizer:** workaround firefox's false warning for no sources
source map
([#&#8203;18665](https://redirect.github.com/vitejs/vite/issues/18665))
([473424e](https://redirect.github.com/vitejs/vite/commit/473424ee8d6b743c1565bf0749deb5d9fbedcea7))
- **ssr:** replace `__vite_ssr_identity__` with `(0, ...)` and inject
`;` between statements
([#&#8203;18748](https://redirect.github.com/vitejs/vite/issues/18748))
([94546be](https://redirect.github.com/vitejs/vite/commit/94546be18354a457bced5107aa31533b09e304ec))
- cjs build for perEnvironmentState et al
([#&#8203;18656](https://redirect.github.com/vitejs/vite/issues/18656))
([95c4b3c](https://redirect.github.com/vitejs/vite/commit/95c4b3c371dc7fb12c28cb1307f6f389887eb1e1))
- **html:** externalize `rollup.external` scripts correctly
([#&#8203;18618](https://redirect.github.com/vitejs/vite/issues/18618))
([55461b4](https://redirect.github.com/vitejs/vite/commit/55461b43329db6a5e737eab591163a8681ba9230))
- include more modules to prefix-only module list
([#&#8203;18667](https://redirect.github.com/vitejs/vite/issues/18667))
([5a2103f](https://redirect.github.com/vitejs/vite/commit/5a2103f0d486a7725c23c70710b11559c00e9b93))
- **ssr:** format `ssrTransform` parse error
([#&#8203;18644](https://redirect.github.com/vitejs/vite/issues/18644))
([d9be921](https://redirect.github.com/vitejs/vite/commit/d9be92187cb17d740856af27d0ab60c84e04d58c))
- **ssr:** preserve fetchModule error details
([#&#8203;18626](https://redirect.github.com/vitejs/vite/issues/18626))
([866a433](https://redirect.github.com/vitejs/vite/commit/866a433a34ab2f6d2910506e781b346091de1b9e))
- browser field should not be included by default for `consumer:
'server'`
([#&#8203;18575](https://redirect.github.com/vitejs/vite/issues/18575))
([87b2347](https://redirect.github.com/vitejs/vite/commit/87b2347a13ea8ae8282f0f1e2233212c040bfed8))
- **client:** detect ws close correctly
([#&#8203;18548](https://redirect.github.com/vitejs/vite/issues/18548))
([637d31b](https://redirect.github.com/vitejs/vite/commit/637d31bcc59d964e51f7969093cc369deee88ca1))
- **resolve:** run ensureVersionQuery for SSR
([#&#8203;18591](https://redirect.github.com/vitejs/vite/issues/18591))
([63207e5](https://redirect.github.com/vitejs/vite/commit/63207e5d0fbedc8ddddb7d1faaa8ea9a45a118d4))
- use `server.perEnvironmentStartEndDuringDev`
([#&#8203;18549](https://redirect.github.com/vitejs/vite/issues/18549))
([fe30349](https://redirect.github.com/vitejs/vite/commit/fe30349d350ef08bccd56404ccc3e6d6e0a2e156))
- allow nested dependency selector to be used for `optimizeDeps.include`
for SSR
([#&#8203;18506](https://redirect.github.com/vitejs/vite/issues/18506))
([826c81a](https://redirect.github.com/vitejs/vite/commit/826c81a40bb25914d55cd2e96b548f1a2c384a19))
- asset `new URL(,import.meta.url)` match
([#&#8203;18194](https://redirect.github.com/vitejs/vite/issues/18194))
([5286a90](https://redirect.github.com/vitejs/vite/commit/5286a90a3c1b693384f99903582a1f70b7b44945))
- close watcher if it's disabled
([#&#8203;18521](https://redirect.github.com/vitejs/vite/issues/18521))
([85bd0e9](https://redirect.github.com/vitejs/vite/commit/85bd0e9b0dc637c7645f2b56f93071d6e1ec149c))
- **config:** write temporary vite config to node\_modules
([#&#8203;18509](https://redirect.github.com/vitejs/vite/issues/18509))
([72eaef5](https://redirect.github.com/vitejs/vite/commit/72eaef5300d20b7163050461733c3208a4013e1e))
- **css:** `cssCodeSplit` uses the current environment configuration
([#&#8203;18486](https://redirect.github.com/vitejs/vite/issues/18486))
([eefe895](https://redirect.github.com/vitejs/vite/commit/eefe8957167681b85f0e1b07bc5feefa307cccb0))
- **json:** don't `json.stringify` arrays
([#&#8203;18541](https://redirect.github.com/vitejs/vite/issues/18541))
([fa50b03](https://redirect.github.com/vitejs/vite/commit/fa50b03390dae280293174f65f850522599b9ab7))
- **less:** prevent rebasing
`[@import](https://redirect.github.com/import) url(...)`
([#&#8203;17857](https://redirect.github.com/vitejs/vite/issues/17857))
([aec5fdd](https://redirect.github.com/vitejs/vite/commit/aec5fdd72e3aeb2aa26796001b98f3f330be86d1))
- **lib:** only resolve css bundle name if have styles
([#&#8203;18530](https://redirect.github.com/vitejs/vite/issues/18530))
([5d6dc49](https://redirect.github.com/vitejs/vite/commit/5d6dc491b6bb78613694eaf686e2e305b71af5e1))
- **scss:** improve error logs
([#&#8203;18522](https://redirect.github.com/vitejs/vite/issues/18522))
([3194a6a](https://redirect.github.com/vitejs/vite/commit/3194a6a60714a3978f5e4b39d6223f32a8dc01ef))
- `define` in environment config was not working
([#&#8203;18515](https://redirect.github.com/vitejs/vite/issues/18515))
([052799e](https://redirect.github.com/vitejs/vite/commit/052799e8939cfcdd7a7ff48daf45a766bf6cc546))
- **build:** apply resolve.external/noExternal to server environments
([#&#8203;18495](https://redirect.github.com/vitejs/vite/issues/18495))
([5a967cb](https://redirect.github.com/vitejs/vite/commit/5a967cb596c7c4b0548be1d9025bc1e34b36169a))
- **config:** remove error if require resolve to esm
([#&#8203;18437](https://redirect.github.com/vitejs/vite/issues/18437))
([f886f75](https://redirect.github.com/vitejs/vite/commit/f886f75396cdb5a43ec5377bbbaaffc0e8ae03e9))
- consider URLs with any protocol to be external
([#&#8203;17369](https://redirect.github.com/vitejs/vite/issues/17369))
([a0336bd](https://redirect.github.com/vitejs/vite/commit/a0336bd5197bb4427251be4c975e30fb596c658f))
- **css:** remove default import in ssr dev
([#&#8203;17922](https://redirect.github.com/vitejs/vite/issues/17922))
([eccf663](https://redirect.github.com/vitejs/vite/commit/eccf663e35a17458425860895bb30b3b0613ea96))
- use picomatch to align with tinyglobby
([#&#8203;18503](https://redirect.github.com/vitejs/vite/issues/18503))
([437795d](https://redirect.github.com/vitejs/vite/commit/437795db8307ce4491d066bcaaa5bd9432193773))
- **css:** `cssCodeSplit` in `environments.xxx.build` is invalid
([#&#8203;18464](https://redirect.github.com/vitejs/vite/issues/18464))
([993e71c](https://redirect.github.com/vitejs/vite/commit/993e71c4cb227bd8c347b918f52ccd83f85a645a))
- **css:** make sass types work with sass-embedded
([#&#8203;18459](https://redirect.github.com/vitejs/vite/issues/18459))
([89f8303](https://redirect.github.com/vitejs/vite/commit/89f8303e727791aa7be6f35833a708b6a50e9120))
- **deps:** update all non-major dependencies
([#&#8203;18484](https://redirect.github.com/vitejs/vite/issues/18484))
([2ec12df](https://redirect.github.com/vitejs/vite/commit/2ec12df98d07eb4c986737e86a4a9f8066724658))
- handle warmup glob hang
([#&#8203;18462](https://redirect.github.com/vitejs/vite/issues/18462))
([409fa5c](https://redirect.github.com/vitejs/vite/commit/409fa5c9dee0e394bcdc3b111f5b2e4261131ca0))
- **manifest:** non entry CSS chunk src was wrong
([#&#8203;18133](https://redirect.github.com/vitejs/vite/issues/18133))
([c148676](https://redirect.github.com/vitejs/vite/commit/c148676c90dc4823bc6bdeb8ba1e36386c5d9654))
- **module-runner:** delay function eval until module runner
instantiation
([#&#8203;18480](https://redirect.github.com/vitejs/vite/issues/18480))
([472afbd](https://redirect.github.com/vitejs/vite/commit/472afbd010db3f1c7a59826c7bf4067191b7f48a))
- **plugins:** noop if config hook returns same config reference
([#&#8203;18467](https://redirect.github.com/vitejs/vite/issues/18467))
([bd540d5](https://redirect.github.com/vitejs/vite/commit/bd540d52eb609ca12dad8e2f3fe8011821bda878))
- return the same instance of ModuleNode for the same
EnvironmentModuleNode
([#&#8203;18455](https://redirect.github.com/vitejs/vite/issues/18455))
([5ead461](https://redirect.github.com/vitejs/vite/commit/5ead461b374d76ceb134063477eaf3f97fe3da97))
- set scripts imported by HTML moduleSideEffects=true
([#&#8203;18411](https://redirect.github.com/vitejs/vite/issues/18411))
([2ebe4b4](https://redirect.github.com/vitejs/vite/commit/2ebe4b44430dd311028f72520ac977bb202ce50b))
- use websocket to test server liveness before client reload
([#&#8203;17891](https://redirect.github.com/vitejs/vite/issues/17891))
([7f9f8c6](https://redirect.github.com/vitejs/vite/commit/7f9f8c6851d1eb49a72dcb6c134873148a2e81eb))
- add typing to `CSSOptions.preprocessorOptions`
([#&#8203;18001](https://redirect.github.com/vitejs/vite/issues/18001))
([7eeb6f2](https://redirect.github.com/vitejs/vite/commit/7eeb6f2f97abf5dfc71c225b9cff9779baf2ed2f))
- default `build.cssMinify` to `'esbuild'` for SSR
([#&#8203;15637](https://redirect.github.com/vitejs/vite/issues/15637))
([f1d3bf7](https://redirect.github.com/vitejs/vite/commit/f1d3bf74cc7f12e759442fd7111d07e2c0262a67))
- **dev:** prevent double URL encoding in server.open on macOS
([#&#8203;18443](https://redirect.github.com/vitejs/vite/issues/18443))
([56b7176](https://redirect.github.com/vitejs/vite/commit/56b71768f3ee498962fba898804086299382bb59))
- **preview:** set resolvedUrls null after close
([#&#8203;18445](https://redirect.github.com/vitejs/vite/issues/18445))
([65014a3](https://redirect.github.com/vitejs/vite/commit/65014a32ef618619c5a34b729d67340d9253bdd5))
- **ssr:** inject identity function at the top
([#&#8203;18449](https://redirect.github.com/vitejs/vite/issues/18449))
([0ab20a3](https://redirect.github.com/vitejs/vite/commit/0ab20a3ee26eacf302415b3087732497d0a2f358))
- **ssr:** preserve source maps for hoisted imports (fix
[#&#8203;16355](https://redirect.github.com/vitejs/vite/issues/16355))
([#&#8203;16356](https://redirect.github.com/vitejs/vite/issues/16356))
([8e382a6](https://redirect.github.com/vitejs/vite/commit/8e382a6a1fed2cd41051b81f9cd9c94b484352a5))
- augment hash for CSS files to prevent chromium erroring by loading
previous files
([#&#8203;18367](https://redirect.github.com/vitejs/vite/issues/18367))
([a569f42](https://redirect.github.com/vitejs/vite/commit/a569f42ee93229308be7a327b7a71e79f3d58b01))
- **cli:** `--watch` should not override `build.watch` options
([#&#8203;18390](https://redirect.github.com/vitejs/vite/issues/18390))
([b2965c8](https://redirect.github.com/vitejs/vite/commit/b2965c8e9f74410bc8047a05528c74b68a3856d7))
- **css:** don't transform sass function calls with namespace
([#&#8203;18414](https://redirect.github.com/vitejs/vite/issues/18414))
([dbb2604](https://redirect.github.com/vitejs/vite/commit/dbb260499f894d495bcff3dcdf5635d015a2f563))
- **deps:** update `open` dependency to 10.1.0
([#&#8203;18349](https://redirect.github.com/vitejs/vite/issues/18349))
([5cca4bf](https://redirect.github.com/vitejs/vite/commit/5cca4bfd3202c7aea690acf63f60bfe57fa165de))
- **deps:** update all non-major dependencies
([#&#8203;18345](https://redirect.github.com/vitejs/vite/issues/18345))
([5552583](https://redirect.github.com/vitejs/vite/commit/5552583a2272cd4208b30ad60e99d984e34645f0))
- more robust plugin.sharedDuringBuild
([#&#8203;18351](https://redirect.github.com/vitejs/vite/issues/18351))
([47b1270](https://redirect.github.com/vitejs/vite/commit/47b12706ce2d0c009d6078a61e16e81a04c9f49c))
- **ssr:** `this` in exported function should be `undefined`
([#&#8203;18329](https://redirect.github.com/vitejs/vite/issues/18329))
([bae6a37](https://redirect.github.com/vitejs/vite/commit/bae6a37628c4870f3db92351e8af2a7b4a07e248))
- **worker:** rewrite rollup `output.format` with `worker.format` on
worker build error
([#&#8203;18165](https://redirect.github.com/vitejs/vite/issues/18165))
([dc82334](https://redirect.github.com/vitejs/vite/commit/dc823347bb857a9f63eee7e027a52236d7e331e0))
- `injectQuery` double encoding
([#&#8203;18246](https://redirect.github.com/vitejs/vite/issues/18246))
([2c5f948](https://redirect.github.com/vitejs/vite/commit/2c5f948d0646f6a0237570ab5d36b06d31cb94c9))
- add position to import analysis resolve exception
([#&#8203;18344](https://redirect.github.com/vitejs/vite/issues/18344))
([0fe95d4](https://redirect.github.com/vitejs/vite/commit/0fe95d4a71930cf55acd628efef59e6eae0f77f7))
- **assets:** make srcset parsing HTML spec compliant
([#&#8203;16323](https://redirect.github.com/vitejs/vite/issues/16323))
([#&#8203;18242](https://redirect.github.com/vitejs/vite/issues/18242))
([0e6d4a5](https://redirect.github.com/vitejs/vite/commit/0e6d4a5e23cdfb2ec433f687e455b9827269527c))
- **css:** dont remove JS chunk for pure CSS chunk when the export is
used
([#&#8203;18307](https://redirect.github.com/vitejs/vite/issues/18307))
([889bfc0](https://redirect.github.com/vitejs/vite/commit/889bfc0ada6d6cd356bb7a92efdce96298f82fef))
- **deps:** bump tsconfck
([#&#8203;18322](https://redirect.github.com/vitejs/vite/issues/18322))
([67783b2](https://redirect.github.com/vitejs/vite/commit/67783b2d5513e013bf74844186eb9b2b70d17d5c))
- **deps:** update all non-major dependencies
([#&#8203;18292](https://redirect.github.com/vitejs/vite/issues/18292))
([5cac054](https://redirect.github.com/vitejs/vite/commit/5cac0544dca2764f0114aac38e9922a0c13d7ef4))
- destroy the runner when runnable environment is closed
([#&#8203;18282](https://redirect.github.com/vitejs/vite/issues/18282))
([5212d09](https://redirect.github.com/vitejs/vite/commit/5212d09579a82bc09b149c77e996d0e5c3972455))
- handle yarn command fail when root does not exist
([#&#8203;18141](https://redirect.github.com/vitejs/vite/issues/18141))
([460aaff](https://redirect.github.com/vitejs/vite/commit/460aaffbf134a9eda6e092a564afc2eeebf8f935))
- **hmr:** don't try to rewrite imports for direct CSS soft invalidation
([#&#8203;18252](https://redirect.github.com/vitejs/vite/issues/18252))
([a03bb0e](https://redirect.github.com/vitejs/vite/commit/a03bb0e2ba35af314c57fc98600bb76566592239))
- make it easier to configure environment runner
([#&#8203;18273](https://redirect.github.com/vitejs/vite/issues/18273))
([fb35a78](https://redirect.github.com/vitejs/vite/commit/fb35a7800e21ed2c6f9d0f843898afa1fcc87795))
- **middleware-mode:** call all hot.listen when server restart
([#&#8203;18261](https://redirect.github.com/vitejs/vite/issues/18261))
([007773b](https://redirect.github.com/vitejs/vite/commit/007773b550e7c6bcaeb8d88970fd6dfe999d5a4a))
- **optimizer:** don't externalize transitive dep package name with
asset extension
([#&#8203;18152](https://redirect.github.com/vitejs/vite/issues/18152))
([fafc7e2](https://redirect.github.com/vitejs/vite/commit/fafc7e28d3395292fbc2f2355417dcc15871ab1e))
- **resolve:** fix resolve cache key for external conditions
([#&#8203;18332](https://redirect.github.com/vitejs/vite/issues/18332))
([93d286c](https://redirect.github.com/vitejs/vite/commit/93d286c4c1af0b379002a6ff495e82bb87acd65c))
- **resolve:** fix resolve cache to consider `conditions` and more
([#&#8203;18302](https://redirect.github.com/vitejs/vite/issues/18302))
([2017a33](https://redirect.github.com/vitejs/vite/commit/2017a330f5576dfc9db1538e0b899a1776cd100a))
- **types:** add more overload to `defineConfig`
([#&#8203;18299](https://redirect.github.com/vitejs/vite/issues/18299))
([94e34cf](https://redirect.github.com/vitejs/vite/commit/94e34cf1dfe6fdb331b6508e830b2cc446000aac))
- asset import should skip handling data URIs
([#&#8203;18163](https://redirect.github.com/vitejs/vite/issues/18163))
([70813c7](https://redirect.github.com/vitejs/vite/commit/70813c7f05fc9a45d102a53514ecac23831e6d6b))
- cache the runnable environment module runner
([#&#8203;18215](https://redirect.github.com/vitejs/vite/issues/18215))
([95020ab](https://redirect.github.com/vitejs/vite/commit/95020ab49e12d143262859e095025cf02423c1d9))
- call `this.hot.close` for non-ws HotChannel
([#&#8203;18212](https://redirect.github.com/vitejs/vite/issues/18212))
([bad0ccc](https://redirect.github.com/vitejs/vite/commit/bad0cccee80c02fa309f274220f6d324d03c3b19))
- close HotChannel on environment close
([#&#8203;18206](https://redirect.github.com/vitejs/vite/issues/18206))
([2d148e3](https://redirect.github.com/vitejs/vite/commit/2d148e347e8fbcc6f0e4e627a20acc81d9ced3e0))
- **config:** treat all files as ESM on deno
([#&#8203;18081](https://redirect.github.com/vitejs/vite/issues/18081))
([c1ed8a5](https://redirect.github.com/vitejs/vite/commit/c1ed8a595a02ec7f8f5a8d23f97b2f21d3834ab1))
- **css:** ensure sass compiler initialized only once
([#&#8203;18128](https://redirect.github.com/vitejs/vite/issues/18128))
([4cc5322](https://redirect.github.com/vitejs/vite/commit/4cc53224e9b207aa6a5a111e40ed0a0464cf37f4))
- **css:** fix lightningcss dep url resolution with custom root
([#&#8203;18125](https://redirect.github.com/vitejs/vite/issues/18125))
([eb08f60](https://redirect.github.com/vitejs/vite/commit/eb08f605ddadef99a5d68f55de143e3e47c91618))
- **css:** fix missing source file warning with sass modern api custom
importer
([#&#8203;18113](https://redirect.github.com/vitejs/vite/issues/18113))
([d7763a5](https://redirect.github.com/vitejs/vite/commit/d7763a5615a238cb1b5dceb7bdfc4aac7678fb0a))
- **data-uri:** only match ids starting with `data:`
([#&#8203;18241](https://redirect.github.com/vitejs/vite/issues/18241))
([ec0efe8](https://redirect.github.com/vitejs/vite/commit/ec0efe8a06d0271ef0154f38fb9beabcd4b1bd89))
- **deps:** update all non-major dependencies
([#&#8203;18170](https://redirect.github.com/vitejs/vite/issues/18170))
([c8aea5a](https://redirect.github.com/vitejs/vite/commit/c8aea5ae0af90dc6796ef3bdd612d1eb819f157b))
- **deps:** upgrade rollup 4.22.4+ to ensure avoiding XSS
([#&#8203;18180](https://redirect.github.com/vitejs/vite/issues/18180))
([ea1d0b9](https://redirect.github.com/vitejs/vite/commit/ea1d0b9af9b28b57166d4ca67bece21650221a04))
- **html:** make build-html plugin work with `sharedPlugins`
([#&#8203;18214](https://redirect.github.com/vitejs/vite/issues/18214))
([34041b9](https://redirect.github.com/vitejs/vite/commit/34041b9d8ea39aa9138d0c2417bfbe39cc9aabdc))
- **mixedModuleGraph:** handle undefined id in getModulesByFile
([#&#8203;18201](https://redirect.github.com/vitejs/vite/issues/18201))
([768a50f](https://redirect.github.com/vitejs/vite/commit/768a50f7ac668dbf876feef557d8c0f8ff32b8ff))
- **optimizer:** re-optimize when changing config `webCompatible`
([#&#8203;18221](https://redirect.github.com/vitejs/vite/issues/18221))
([a44b0a2](https://redirect.github.com/vitejs/vite/commit/a44b0a2690812788aaaba00fd3acd2c6fa36669b))
- require serialization for `HMRConnection.send` on implementation side
([#&#8203;18186](https://redirect.github.com/vitejs/vite/issues/18186))
([9470011](https://redirect.github.com/vitejs/vite/commit/9470011570503a917021915c47e6a2f36aae16b5))
- **ssr:** fix source map remapping with multiple sources
([#&#8203;18150](https://redirect.github.com/vitejs/vite/issues/18150))
([e003a2c](https://redirect.github.com/vitejs/vite/commit/e003a2ca73b04648e14ebf40f3616838e2da3d6d))
- use `config.consumer` instead of `options?.ssr` / `config.build.ssr`
([#&#8203;18140](https://redirect.github.com/vitejs/vite/issues/18140))
([21ec1ce](https://redirect.github.com/vitejs/vite/commit/21ec1ce7f041efa5cd781924f7bc536ab406a197))
- **vite:** refactor "module cache" to "evaluated modules", pass down
module to "runInlinedModule"
([#&#8203;18092](https://redirect.github.com/vitejs/vite/issues/18092))
([e83beff](https://redirect.github.com/vitejs/vite/commit/e83beff596072f9c7a42f6e2410f154668981d71))
- avoid DOM Clobbering gadget in `getRelativeUrlFromDocument`
([#&#8203;18115](https://redirect.github.com/vitejs/vite/issues/18115))
([ade1d89](https://redirect.github.com/vitejs/vite/commit/ade1d89660e17eedfd35652165b0c26905259fad))
- fs raw query
([#&#8203;18112](https://redirect.github.com/vitejs/vite/issues/18112))
([9d2413c](https://redirect.github.com/vitejs/vite/commit/9d2413c8b64bfb1dfd953340b4e1b5972d5440aa))
- **preload:** throw error preloading module as well
([#&#8203;18098](https://redirect.github.com/vitejs/vite/issues/18098))
([ba56cf4](https://redirect.github.com/vitejs/vite/commit/ba56cf43b5480f8519349f7d7fe60718e9af5f1a))
- allow scanning exports from `script module` in svelte
([#&#8203;18063](https://redirect.github.com/vitejs/vite/issues/18063))
([7d699aa](https://redirect.github.com/vitejs/vite/commit/7d699aa98155cbf281e3f7f6a8796dcb3b4b0fd6))
- **build:** declare `preload-helper` has no side effects
([#&#8203;18057](https://redirect.github.com/vitejs/vite/issues/18057))
([587ad7b](https://redirect.github.com/vitejs/vite/commit/587ad7b17beba50279eaf46b06c5bf5559c4f36e))
- **css:** fallback to mainthread if logger or pkgImporter option is set
for sass
([#&#8203;18071](https://redirect.github.com/vitejs/vite/issues/18071))
([d81dc59](https://redirect.github.com/vitejs/vite/commit/d81dc59473b1053bf48c45a9d45f87ee6ecf2c02))
- **dynamicImportVars:** correct glob pattern for paths with parentheses
([#&#8203;17940](https://redirect.github.com/vitejs/vite/issues/17940))
([2a391a7](https://redirect.github.com/vitejs/vite/commit/2a391a7df6e5b4a8d9e8313fba7ddf003df41e12))
- ensure req.url matches moduleByEtag URL to avoid incorrect 304
([#&#8203;17997](https://redirect.github.com/vitejs/vite/issues/17997))
([abf04c3](https://redirect.github.com/vitejs/vite/commit/abf04c3a84f4d9962a6f9697ca26cd639fa76e87))
- **html:** escape html attribute
([#&#8203;18067](https://redirect.github.com/vitejs/vite/issues/18067))
([5983f36](https://redirect.github.com/vitejs/vite/commit/5983f366d499f74d473097154bbbcc8e51476dc4))
- incorrect environment consumer option resolution
([#&#8203;18079](https://redirect.github.com/vitejs/vite/issues/18079))
([0e3467e](https://redirect.github.com/vitejs/vite/commit/0e3467e503aef45119260fe75b399b26f7a80b66))
- **preload:** allow ignoring dep errors
([#&#8203;18046](https://redirect.github.com/vitejs/vite/issues/18046))
([3fb2889](https://redirect.github.com/vitejs/vite/commit/3fb28896d916e03cef1b5bd6877ac184c7ec8003))
- store backwards compatible `ssrModule` and `ssrError`
([#&#8203;18031](https://redirect.github.com/vitejs/vite/issues/18031))
([cf8ced5](https://redirect.github.com/vitejs/vite/commit/cf8ced56ea4932e917e2c4ef3d04a87f0ab4f20b))

##### Performance Improvements

- reduce bundle size for `Object.keys(import.meta.glob(...))` /
`Object.values(import.meta.glob(...))`
([#&#8203;18666](https://redirect.github.com/vitejs/vite/issues/18666))
([ed99a2c](https://redirect.github.com/vitejs/vite/commit/ed99a2cd31e8d3c2b791885bcc4b188570539e45))
- **worker:** inline worker without base64
([#&#8203;18752](https://redirect.github.com/vitejs/vite/issues/18752))
([90c66c9](https://redirect.github.com/vitejs/vite/commit/90c66c95aba3d2edd86637a77adc699f3fd6c1ff))
- remove strip-ansi for a node built-in
([#&#8203;18630](https://redirect.github.com/vitejs/vite/issues/18630))
([5182272](https://redirect.github.com/vitejs/vite/commit/5182272d52fc092a6219c8efe73ecb3f8e65a0b5))
- **css:** skip style.css extraction if code-split css
([#&#8203;18470](https://redirect.github.com/vitejs/vite/issues/18470))
([34fdb6b](https://redirect.github.com/vitejs/vite/commit/34fdb6bef558724330d2411b9666facef669b3a0))
- call `module.enableCompileCache()`
([#&#8203;18323](https://redirect.github.com/vitejs/vite/issues/18323))
([18f1dad](https://redirect.github.com/vitejs/vite/commit/18f1daddd125b07dcb8c32056ee0cec61bd65971))
- use `crypto.hash` when available
([#&#8203;18317](https://redirect.github.com/vitejs/vite/issues/18317))
([2a14884](https://redirect.github.com/vitejs/vite/commit/2a148844cf2382a5377b75066351f00207843352))

##### Documentation

- rename `HotUpdateContext` to `HotUpdateOptions`
([#&#8203;18718](https://redirect.github.com/vitejs/vite/issues/18718))
([824c347](https://redirect.github.com/vitejs/vite/commit/824c347fa21aaf5bbf811994385b790db4287ab0))
- add jsdocs to flags in BuilderOptions
([#&#8203;18516](https://redirect.github.com/vitejs/vite/issues/18516))
([1507068](https://redirect.github.com/vitejs/vite/commit/1507068b6d460cf54336fe7e8d3539fdb4564bfb))
- missing changes guides
([#&#8203;18491](https://redirect.github.com/vitejs/v

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" in timezone UTC, Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS40Ni4zIiwidXBkYXRlZEluVmVyIjoiNDEuNDYuMyIsInRhcmdldEJyYW5jaCI6ImRlcHMtbWFpbiIsImxhYmVscyI6WyJub2RlanMiLCJyZW5vdmF0ZSJdfQ==-->

Co-authored-by: Renovate Bot <renovate@whitesourcesoftware.com>
@a-klos @renovate-bot
fix(deps): update dependency requests to v2.32.4 [security] (#63)
e104ac6 
This PR contains the following updates:

| Package | Change | Age | Confidence |
|---|---|---|---|
| [requests](https://requests.readthedocs.io)
([source](https://redirect.github.com/psf/requests),
[changelog](https://redirect.github.com/psf/requests/blob/master/HISTORY.md))
| `2.32.3` -> `2.32.4` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/requests/2.32.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/requests/2.32.3/2.32.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

### GitHub Vulnerability Alerts

####
[CVE-2024-47081](https://redirect.github.com/psf/requests/security/advisories/GHSA-9hjg-9r4m-mvj7)

### Impact

Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak
.netrc credentials to third parties for specific maliciously-crafted
URLs.

### Workarounds
For older versions of Requests, use of the .netrc file can be disabled
with `trust_env=False` on your Requests Session
([docs](https://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env)).

### References

[https://github.com/psf/requests/pull/6965](https://redirect.github.com/psf/requests/pull/6965)
https://seclists.org/fulldisclosure/2025/Jun/2

---

### Release Notes

<details>
<summary>psf/requests (requests)</summary>

###
[`v2.32.4`](https://redirect.github.com/psf/requests/blob/HEAD/HISTORY.md#2324-2025-06-10)

[Compare
Source](https://redirect.github.com/psf/requests/compare/v2.32.3...v2.32.4)

**Security**

- CVE-2024-47081 Fixed an issue where a maliciously crafted URL and
trusted
environment will retrieve credentials for the wrong hostname/machine
from a
  netrc file.

**Improvements**

- Numerous documentation improvements

**Deprecations**

- Added support for pypy 3.11 for Linux and macOS.
- Dropped support for pypy 3.9 following its end of support.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" in timezone UTC, Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS40Ni4zIiwidXBkYXRlZEluVmVyIjoiNDEuNDYuMyIsInRhcmdldEJyYW5jaCI6ImRlcHMtbWFpbiIsImxhYmVscyI6WyJweXRob24iLCJyZW5vdmF0ZSJdfQ==-->

Co-authored-by: Renovate Bot <renovate@whitesourcesoftware.com>
@a-klos @renovate-bot
fix(deps): update dependency vue-i18n to v9.14.5 [security] (#64)
2cb6c54 
This PR contains the following updates:

| Package | Change | Age | Confidence |
|---|---|---|---|
|
[vue-i18n](https://redirect.github.com/intlify/vue-i18n/tree/master/packages/vue-i18n#readme)
([source](https://redirect.github.com/intlify/vue-i18n/tree/HEAD/packages/vue-i18n))
| [`9.14.4` ->
`9.14.5`](https://renovatebot.com/diffs/npm/vue-i18n/9.14.4/9.14.5) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/vue-i18n/9.14.5?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/vue-i18n/9.14.4/9.14.5?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

### GitHub Vulnerability Alerts

####
[CVE-2025-53892](https://redirect.github.com/intlify/vue-i18n/security/advisories/GHSA-x8qp-wqqm-57ph)

### Summary
The escapeParameterHtml: true option in Vue I18n is designed to protect
against HTML/script injection by escaping interpolated parameters.
However, this setting fails to prevent execution of certain tag-based
payloads, such as `<img src=x onerror=...>`, if the interpolated value
is inserted inside an HTML context using v-html.

This may lead to a DOM-based XSS vulnerability, even when using
escapeParameterHtml: true, if a translation string includes minor HTML
and is rendered via v-html.

### Details

When escapeParameterHtml: true is enabled, it correctly escapes common
injection points.

However, it does not sanitize entire attribute contexts, which can be
used as XSS vectors via:

`<img src=x onerror=alert(1)>
`

### PoC
In your Vue I18n configuration:

```
const i18n = createI18n({
  escapeParameterHtml: true,
  messages: {
    en: {
      vulnerable: 'Caution: <img src=x onerror="{payload}">'
    }
  }
});
```
Use this interpolated payload:

`const payload = '<script>alert("xss")</script>';`
Render the translation using v-html (even not using v-html):

`<p v-html="$t('vulnerable', { payload })"></p>
`
Expected: escaped content should render as text, not execute.

Actual: script executes in some environments (or the payload is
partially parsed as HTML).

### Impact

This creates a DOM-based Cross-Site Scripting (XSS) vulnerability
despite enabling a security option (escapeParameterHtml) .

---

### Release Notes

<details>
<summary>intlify/vue-i18n (vue-i18n)</summary>

###
[`v9.14.5`](https://redirect.github.com/intlify/vue-i18n/releases/tag/v9.14.5)

[Compare
Source](https://redirect.github.com/intlify/vue-i18n/compare/v9.14.4...v9.14.5)

<!-- Release notes generated using configuration in .github/release.yml
at v9.14.5 -->

#### What's Changed

##### 🔒 Security Fixes

- fix: DOM-based XSS via tag attributes for escape parameter by
[@&#8203;kazupon](https://redirect.github.com/kazupon) in
[https://github.com/intlify/vue-i18n/pull/2230](https://redirect.github.com/intlify/vue-i18n/pull/2230)

**Full Changelog**:
intlify/vue-i18n@v9.14.4...v9.14.5

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" in timezone UTC, Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS40Ni4zIiwidXBkYXRlZEluVmVyIjoiNDEuNDYuMyIsInRhcmdldEJyYW5jaCI6ImRlcHMtbWFpbiIsImxhYmVscyI6WyJub2RlanMiLCJyZW5vdmF0ZSJdfQ==-->

Co-authored-by: Renovate Bot <renovate@whitesourcesoftware.com>
@a-klos @renovate-bot
fix(deps): update all non-major dependencies (#67)
818aeb3 
This PR contains the following updates:

| Package | Change | Age | Confidence | Type | Update | Pending |
|---|---|---|---|---|---|---|
| [@heroicons/vue](https://redirect.github.com/tailwindlabs/heroicons) |
[`2.1.5` ->
`2.2.0`](https://renovatebot.com/diffs/npm/@heroicons%2fvue/2.1.5/2.2.0)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@heroicons%2fvue/2.2.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@heroicons%2fvue/2.1.5/2.2.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | |
| [@nx/web](https://nx.dev)
([source](https://redirect.github.com/nrwl/nx/tree/HEAD/packages/web)) |
[`18.0.4` ->
`18.3.5`](https://renovatebot.com/diffs/npm/@nx%2fweb/18.0.4/18.3.5) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/@nx%2fweb/18.3.5?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@nx%2fweb/18.0.4/18.3.5?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor | |
| [@rushstack/eslint-patch](https://rushstack.io)
([source](https://redirect.github.com/microsoft/rushstack/tree/HEAD/eslint/eslint-patch))
| [`1.10.4` ->
`1.12.0`](https://renovatebot.com/diffs/npm/@rushstack%2feslint-patch/1.10.4/1.12.0)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@rushstack%2feslint-patch/1.12.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@rushstack%2feslint-patch/1.10.4/1.12.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor | |
|
[@semantic-release/github](https://redirect.github.com/semantic-release/github)
| [`11.0.1` ->
`11.0.3`](https://renovatebot.com/diffs/npm/@semantic-release%2fgithub/11.0.1/11.0.3)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@semantic-release%2fgithub/11.0.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@semantic-release%2fgithub/11.0.1/11.0.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | patch | |
|
[@tailwindcss/typography](https://redirect.github.com/tailwindlabs/tailwindcss-typography)
| [`0.5.15` ->
`0.5.16`](https://renovatebot.com/diffs/npm/@tailwindcss%2ftypography/0.5.15/0.5.16)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@tailwindcss%2ftypography/0.5.16?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@tailwindcss%2ftypography/0.5.15/0.5.16?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | patch | |
| [@tsconfig/node21](https://redirect.github.com/tsconfig/bases)
([source](https://redirect.github.com/tsconfig/bases/tree/HEAD/bases)) |
[`21.0.3` ->
`21.0.4`](https://renovatebot.com/diffs/npm/@tsconfig%2fnode21/21.0.3/21.0.4)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@tsconfig%2fnode21/21.0.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@tsconfig%2fnode21/21.0.3/21.0.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | patch | |
|
[@types/node](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node)
([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node))
| [`18.19.45` ->
`18.19.120`](https://renovatebot.com/diffs/npm/@types%2fnode/18.19.45/18.19.120)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@types%2fnode/18.19.120?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@types%2fnode/18.19.45/18.19.120?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | patch | `18.19.121` |
|
[@vitejs/plugin-vue](https://redirect.github.com/vitejs/vite-plugin-vue/tree/main/packages/plugin-vue#readme)
([source](https://redirect.github.com/vitejs/vite-plugin-vue/tree/HEAD/packages/plugin-vue))
| [`5.1.2` ->
`5.2.4`](https://renovatebot.com/diffs/npm/@vitejs%2fplugin-vue/5.1.2/5.2.4)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@vitejs%2fplugin-vue/5.2.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@vitejs%2fplugin-vue/5.1.2/5.2.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor | |
| [autoprefixer](https://redirect.github.com/postcss/autoprefixer) |
[`10.4.20` ->
`10.4.21`](https://renovatebot.com/diffs/npm/autoprefixer/10.4.20/10.4.21)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/autoprefixer/10.4.21?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/autoprefixer/10.4.20/10.4.21?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | patch | |
| [axios](https://axios-http.com)
([source](https://redirect.github.com/axios/axios)) | [`1.9.0` ->
`1.11.0`](https://renovatebot.com/diffs/npm/axios/1.9.0/1.11.0) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/axios/1.11.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/axios/1.9.0/1.11.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor | |
| [boto3](https://redirect.github.com/boto/boto3) | `1.39.3` ->
`1.39.12` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/boto3/1.39.12?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/boto3/1.39.3/1.39.12?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | patch | `1.39.17` (+4) |
| [botocore](https://redirect.github.com/boto/botocore) | `1.39.3` ->
`1.39.12` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/botocore/1.39.12?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/botocore/1.39.3/1.39.12?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | patch | `1.39.17` (+4) |
| [cert-manager](https://cert-manager.io)
([source](https://redirect.github.com/cert-manager/cert-manager)) |
`v1.12.3` -> `v1.18.2` |
[![age](https://developer.mend.io/api/mc/badges/age/helm/cert-manager/v1.18.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/helm/cert-manager/v1.12.3/v1.18.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| | minor | |
| [coverage](https://redirect.github.com/nedbat/coveragepy) | `7.8.0` ->
`7.9.2` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/coverage/7.9.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/coverage/7.8.0/7.9.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dev | minor | `7.10.1` (+1) |
| [cypress](https://cypress.io)
([source](https://redirect.github.com/cypress-io/cypress)) | [`13.13.3`
-> `13.17.0`](https://renovatebot.com/diffs/npm/cypress/13.13.3/13.17.0)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/cypress/13.17.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/cypress/13.13.3/13.17.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor | |
| [daisyui](https://daisyui.com)
([source](https://redirect.github.com/saadeghi/daisyui/tree/HEAD/packages/daisyui))
| [`4.12.10` ->
`4.12.24`](https://renovatebot.com/diffs/npm/daisyui/4.12.10/4.12.24) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/daisyui/4.12.24?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/daisyui/4.12.10/4.12.24?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | patch | |
| [debugpy](https://aka.ms/debugpy)
([source](https://redirect.github.com/microsoft/debugpy)) | `1.8.14` ->
`1.8.15` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/debugpy/1.8.15?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/debugpy/1.8.14/1.8.15?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dev | patch | |
| [debugpy](https://aka.ms/debugpy)
([source](https://redirect.github.com/microsoft/debugpy)) | `1.8.14` ->
`1.8.15` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/debugpy/1.8.15?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/debugpy/1.8.14/1.8.15?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | patch | |
|
[dependency-injector](https://redirect.github.com/ets-labs/python-dependency-injector)
| `4.46.0` -> `4.48.1` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/dependency-injector/4.48.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/dependency-injector/4.46.0/4.48.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | |
| [eslint](https://eslint.org)
([source](https://redirect.github.com/eslint/eslint)) | [`8.46.0` ->
`8.57.1`](https://renovatebot.com/diffs/npm/eslint/8.46.0/8.57.1) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/eslint/8.57.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/eslint/8.46.0/8.57.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor | |
|
[eslint-plugin-cypress](https://redirect.github.com/cypress-io/eslint-plugin-cypress)
| [`2.15.1` ->
`2.15.2`](https://renovatebot.com/diffs/npm/eslint-plugin-cypress/2.15.1/2.15.2)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/eslint-plugin-cypress/2.15.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/eslint-plugin-cypress/2.15.1/2.15.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | patch | |
|
[eslint-plugin-import](https://redirect.github.com/import-js/eslint-plugin-import)
| [`2.27.5` ->
`2.32.0`](https://renovatebot.com/diffs/npm/eslint-plugin-import/2.27.5/2.32.0)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/eslint-plugin-import/2.32.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/eslint-plugin-import/2.27.5/2.32.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor | |
| [eslint-plugin-vue](https://eslint.vuejs.org)
([source](https://redirect.github.com/vuejs/eslint-plugin-vue)) |
[`9.27.0` ->
`9.33.0`](https://renovatebot.com/diffs/npm/eslint-plugin-vue/9.27.0/9.33.0)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/eslint-plugin-vue/9.33.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/eslint-plugin-vue/9.27.0/9.33.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor | |
| [fastapi](https://redirect.github.com/fastapi/fastapi)
([changelog](https://fastapi.tiangolo.com/release-notes/)) | `^0.115.2`
-> `^0.116.0` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/fastapi/0.116.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/fastapi/0.115.14/0.116.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | |
| [fastapi](https://redirect.github.com/fastapi/fastapi)
([changelog](https://fastapi.tiangolo.com/release-notes/)) | `^0.115.12`
-> `^0.116.0` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/fastapi/0.116.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/fastapi/0.115.14/0.116.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | |
| [fastembed](https://redirect.github.com/qdrant/fastembed) | `^0.6.1`
-> `^0.7.0` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/fastembed/0.7.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/fastembed/0.6.1/0.7.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | |
| [fastmcp](https://redirect.github.com/jlowin/fastmcp) | `2.8.1` ->
`2.10.6` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/fastmcp/2.10.6?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/fastmcp/2.8.1/2.10.6?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | |
| fasttext | `main` -> `4a44513` |  |  | dependencies | digest |  |
| [flake8](https://redirect.github.com/pycqa/flake8)
([changelog](https://flake8.pycqa.org/en/latest/release-notes/index.html))
| `7.2.0` -> `7.3.0` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/flake8/7.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/flake8/7.2.0/7.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dev | minor | |
|
[flake8-annotations-complexity](https://redirect.github.com/best-doctor/flake8-annotations-complexity)
| `^0.0.8` -> `^0.1.0` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/flake8-annotations-complexity/0.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/flake8-annotations-complexity/0.0.8/0.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dev | minor | |
|
[flake8-simplify](https://redirect.github.com/MartinThoma/flake8-simplify)
| `^0.21.0` -> `^0.22.0` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/flake8-simplify/0.22.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/flake8-simplify/0.21.0/0.22.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dev | minor | |
|
[flake8-simplify](https://redirect.github.com/MartinThoma/flake8-simplify)
| `^0.21.0` -> `^0.22.0` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/flake8-simplify/0.22.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/flake8-simplify/0.21.0/0.22.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | |
|
[ghcr.io/langfuse/langfuse](https://redirect.github.com/langfuse/langfuse)
| `3.27.2` -> `3.88.1` |
[![age](https://developer.mend.io/api/mc/badges/age/docker/ghcr.io%2flangfuse%2flangfuse/3.88.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/ghcr.io%2flangfuse%2flangfuse/3.27.2/3.88.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| | minor | |
| ghcr.io/stackitcloud/rag-template/admin-backend | `v2.0.0` -> `v2.1.0`
|
[![age](https://developer.mend.io/api/mc/badges/age/docker/ghcr.io%2fstackitcloud%2frag-template%2fadmin-backend/v2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/ghcr.io%2fstackitcloud%2frag-template%2fadmin-backend/v2.0.0/v2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| | minor | |
| ghcr.io/stackitcloud/rag-template/admin-frontend | `v2.0.0` ->
`v2.1.0` |
[![age](https://developer.mend.io/api/mc/badges/age/docker/ghcr.io%2fstackitcloud%2frag-template%2fadmin-frontend/v2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/ghcr.io%2fstackitcloud%2frag-template%2fadmin-frontend/v2.0.0/v2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| | minor | |
| ghcr.io/stackitcloud/rag-template/document-extractor | `v2.0.0` ->
`v2.1.0` |
[![age](https://developer.mend.io/api/mc/badges/age/docker/ghcr.io%2fstackitcloud%2frag-template%2fdocument-extractor/v2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/ghcr.io%2fstackitcloud%2frag-template%2fdocument-extractor/v2.0.0/v2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| | minor | |
| ghcr.io/stackitcloud/rag-template/frontend | `v2.0.0` -> `v2.1.0` |
[![age](https://developer.mend.io/api/mc/badges/age/docker/ghcr.io%2fstackitcloud%2frag-template%2ffrontend/v2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/ghcr.io%2fstackitcloud%2frag-template%2ffrontend/v2.0.0/v2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| | minor | |
| ghcr.io/stackitcloud/rag-template/mcp-server | `v2.0.0` -> `v2.1.0` |
[![age](https://developer.mend.io/api/mc/badges/age/docker/ghcr.io%2fstackitcloud%2frag-template%2fmcp-server/v2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/ghcr.io%2fstackitcloud%2frag-template%2fmcp-server/v2.0.0/v2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| | minor | |
| ghcr.io/stackitcloud/rag-template/rag-backend | `v2.0.0` -> `v2.1.0` |
[![age](https://developer.mend.io/api/mc/badges/age/docker/ghcr.io%2fstackitcloud%2frag-template%2frag-backend/v2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/ghcr.io%2fstackitcloud%2frag-template%2frag-backend/v2.0.0/v2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| | minor | |
| [jsdom](https://redirect.github.com/jsdom/jsdom) | [`24.1.1` ->
`24.1.3`](https://renovatebot.com/diffs/npm/jsdom/24.1.1/24.1.3) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/jsdom/24.1.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/jsdom/24.1.1/24.1.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | patch | |
|
[langchain-community](https://redirect.github.com/langchain-ai/langchain-community)
([changelog](https://redirect.github.com/langchain-ai/langchain/releases?q=tag%3A%22langchain-community%3D%3D0%22&expanded=true))
| `0.3.23` -> `0.3.27` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/langchain-community/0.3.27?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/langchain-community/0.3.23/0.3.27?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | patch | |
|
[langchain-community](https://redirect.github.com/langchain-ai/langchain-community)
([changelog](https://redirect.github.com/langchain-ai/langchain/releases?q=tag%3A%22langchain-community%3D%3D0%22&expanded=true))
| `0.3.24` -> `0.3.27` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/langchain-community/0.3.27?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/langchain-community/0.3.24/0.3.27?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | patch | |
| [langchain-core](https://redirect.github.com/langchain-ai/langchain)
([changelog](https://redirect.github.com/langchain-ai/langchain/releases?q=tag%3A%22langchain-core%3D%3D0%22&expanded=true))
| `0.3.68` -> `0.3.72` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/langchain-core/0.3.72?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/langchain-core/0.3.68/0.3.72?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | patch | |
| [langchain-core](https://redirect.github.com/langchain-ai/langchain)
([changelog](https://redirect.github.com/langchain-ai/langchain/releases?q=tag%3A%22langchain-core%3D%3D0%22&expanded=true))
| `0.3.63` -> `0.3.72` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/langchain-core/0.3.72?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/langchain-core/0.3.63/0.3.72?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | patch | |
| [langchain-ollama](https://redirect.github.com/langchain-ai/langchain)
([changelog](https://redirect.github.com/langchain-ai/langchain/releases?q=tag%3A%22langchain-ollama%3D%3D0%22&expanded=true))
| `0.3.3` -> `0.3.6` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/langchain-ollama/0.3.6?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/langchain-ollama/0.3.3/0.3.6?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | patch | |
| [langchain-openai](https://redirect.github.com/langchain-ai/langchain)
([changelog](https://redirect.github.com/langchain-ai/langchain/releases?q=tag%3A%22langchain-openai%3D%3D0%22&expanded=true))
| `0.3.27` -> `0.3.28` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/langchain-openai/0.3.28?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/langchain-openai/0.3.27/0.3.28?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | patch | |
| langfuse | `3.0.0` -> `3.2.1` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/langfuse/3.2.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/langfuse/3.0.0/3.2.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | |
| [langfuse](https://langfuse.com/)
([source](https://redirect.github.com/langfuse/langfuse-k8s)) | `0.12.1`
-> `0.13.1` |
[![age](https://developer.mend.io/api/mc/badges/age/helm/langfuse/0.13.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/helm/langfuse/0.12.1/0.13.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| | minor | |
| [langgraph](https://redirect.github.com/langchain-ai/langgraph) |
`^0.4.2` -> `^0.5.0` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/langgraph/0.5.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/langgraph/0.4.10/0.5.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | `0.6.2` (+2) |
| [minio](https://bitnami.com)
([source](https://redirect.github.com/bitnami/charts/tree/HEAD/bitnami/minio))
| `15.0.3` -> `15.0.7` |
[![age](https://developer.mend.io/api/mc/badges/age/helm/minio/15.0.7?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/helm/minio/15.0.3/15.0.7?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| | patch | |
| [nginx-ingress-controller](https://bitnami.com)
([source](https://redirect.github.com/bitnami/charts/tree/HEAD/bitnami/nginx-ingress-controller))
| `11.4.1` -> `11.6.27` |
[![age](https://developer.mend.io/api/mc/badges/age/helm/nginx-ingress-controller/11.6.27?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/helm/nginx-ingress-controller/11.4.1/11.6.27?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| | minor | |
| [node](https://redirect.github.com/actions/node-versions) | `22.13.1`
-> `22.17.1` |
[![age](https://developer.mend.io/api/mc/badges/age/github-releases/actions%2fnode-versions/22.17.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/github-releases/actions%2fnode-versions/22.13.1/22.17.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| uses-with | minor | |
| [numpy](https://redirect.github.com/numpy/numpy)
([changelog](https://numpy.org/doc/stable/release)) | `2.2.6` -> `2.3.1`
|
[![age](https://developer.mend.io/api/mc/badges/age/pypi/numpy/2.3.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/numpy/2.2.6/2.3.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | `2.3.2` |
| [nx](https://nx.dev)
([source](https://redirect.github.com/nrwl/nx/tree/HEAD/packages/nx)) |
[`17.1.3` ->
`17.3.2`](https://renovatebot.com/diffs/npm/nx/17.1.3/17.3.2) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/nx/17.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/nx/17.1.3/17.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor | |
| [ollama](https://ollama.ai/)
([source](https://redirect.github.com/otwld/ollama-helm)) | `1.1.0` ->
`1.24.0` |
[![age](https://developer.mend.io/api/mc/badges/age/helm/ollama/1.24.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/helm/ollama/1.1.0/1.24.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| | minor | `1.25.0` |
| [openai](https://redirect.github.com/openai/openai-python) | `1.93.1`
-> `1.97.1` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/openai/1.97.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/openai/1.93.1/1.97.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | `1.98.0` (+1) |
| [opencv-python](https://redirect.github.com/opencv/opencv-python) |
`4.11.0.86` -> `4.12.0.88` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/opencv-python/4.12.0.88?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/opencv-python/4.11.0.86/4.12.0.88?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | |
| [pdfplumber](https://redirect.github.com/jsvine/pdfplumber) | `0.11.6`
-> `0.11.7` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/pdfplumber/0.11.7?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/pdfplumber/0.11.6/0.11.7?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | patch | |
| [pep8-naming](https://redirect.github.com/PyCQA/pep8-naming)
([changelog](https://redirect.github.com/PyCQA/pep8-naming/blob/main/CHANGELOG.rst))
| `^0.14.1` -> `^0.15.0` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/pep8-naming/0.15.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/pep8-naming/0.14.1/0.15.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dev | minor | |
| [pinia](https://pinia.vuejs.org)
([source](https://redirect.github.com/vuejs/pinia)) | [`2.2.2` ->
`2.3.1`](https://renovatebot.com/diffs/npm/pinia/2.2.2/2.3.1) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/pinia/2.3.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/pinia/2.2.2/2.3.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | |
| [postcss](https://postcss.org/)
([source](https://redirect.github.com/postcss/postcss)) | [`8.4.47` ->
`8.5.6`](https://renovatebot.com/diffs/npm/postcss/8.4.47/8.5.6) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/postcss/8.5.6?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/postcss/8.4.47/8.5.6?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor | |
|
[pydantic-settings](https://redirect.github.com/pydantic/pydantic-settings)
([changelog](https://redirect.github.com/pydantic/pydantic-settings/releases))
| `2.9.1` -> `2.10.1` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/pydantic-settings/2.10.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/pydantic-settings/2.9.1/2.10.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | |
| [pytest](https://redirect.github.com/pytest-dev/pytest)
([changelog](https://docs.pytest.org/en/stable/changelog.html)) |
`8.3.5` -> `8.4.1` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/pytest/8.4.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/pytest/8.3.5/8.4.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dev | minor | |
|
[pytest-asyncio](https://redirect.github.com/pytest-dev/pytest-asyncio)
([changelog](https://pytest-asyncio.readthedocs.io/en/latest/reference/changelog.html))
| `1.0.0` -> `1.1.0` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/pytest-asyncio/1.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/pytest-asyncio/1.0.0/1.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dev | minor | |
| python | `3.11.11` -> `3.13.5` |
[![age](https://developer.mend.io/api/mc/badges/age/docker/python/3.13.5?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/python/3.11.11/3.13.5?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| | minor | |
| python | `3.11.7-bookworm` -> `3.13.5-bookworm` |
[![age](https://developer.mend.io/api/mc/badges/age/docker/python/3.13.5?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/python/3.11.7/3.13.5?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| final | minor | |
| python | `3.11.7-bookworm` -> `3.13.5-bookworm` |
[![age](https://developer.mend.io/api/mc/badges/age/docker/python/3.13.5?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/python/3.11.7/3.13.5?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| stage | minor | |
| [qdrant](https://qdrant.tech)
([source](https://redirect.github.com/qdrant/qdrant-helm)) | `1.12.6` ->
`1.15.0` |
[![age](https://developer.mend.io/api/mc/badges/age/helm/qdrant/1.15.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/helm/qdrant/1.12.6/1.15.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| | minor | `1.15.1` |
| [qdrant-client](https://redirect.github.com/qdrant/qdrant-client) |
`1.14.3` -> `1.15.0` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/qdrant-client/1.15.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/qdrant-client/1.14.3/1.15.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | |
| ragas | `^0.2.15` -> `^0.3.0` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/ragas/0.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/ragas/0.2.15/0.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | |
|
[stackit](https://registry.terraform.io/providers/stackitcloud/stackit)
([source](https://redirect.github.com/stackitcloud/terraform-provider-stackit))
| `~> 0.50.0` -> `~> 0.58.0` |
[![age](https://developer.mend.io/api/mc/badges/age/terraform-provider/stackitcloud%2fstackit/0.58.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/terraform-provider/stackitcloud%2fstackit/0.50.0/0.58.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| required_provider | minor | `0.58.2` |
| [tailwindcss](https://tailwindcss.com)
([source](https://redirect.github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss))
| [`3.4.10` ->
`3.4.17`](https://renovatebot.com/diffs/npm/tailwindcss/3.4.10/3.4.17) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/tailwindcss/3.4.17?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/tailwindcss/3.4.10/3.4.17?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | patch | |
| [typescript](https://www.typescriptlang.org/)
([source](https://redirect.github.com/microsoft/TypeScript)) | [`~5.3.3`
-> `~5.8.0`](https://renovatebot.com/diffs/npm/typescript/5.3.3/5.8.3) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/typescript/5.8.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/typescript/5.3.3/5.8.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor | |
|
[unstructured](https://redirect.github.com/Unstructured-IO/unstructured)
| `0.17.2` -> `0.18.11` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/unstructured/0.18.11?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/unstructured/0.17.2/0.18.11?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | |
| [uvicorn](https://redirect.github.com/encode/uvicorn)
([changelog](https://www.uvicorn.org/release-notes)) | `^0.34.2` ->
`^0.35.0` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/uvicorn/0.35.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/uvicorn/0.34.3/0.35.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | |
|
[vite-tsconfig-paths](https://redirect.github.com/aleclarson/vite-tsconfig-paths)
| [`~4.2.0` ->
`~4.3.0`](https://renovatebot.com/diffs/npm/vite-tsconfig-paths/4.2.3/4.3.2)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/vite-tsconfig-paths/4.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/vite-tsconfig-paths/4.2.3/4.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor | |
|
[vue](https://redirect.github.com/vuejs/core/tree/main/packages/vue#readme)
([source](https://redirect.github.com/vuejs/core)) | [`3.4.38` ->
`3.5.18`](https://renovatebot.com/diffs/npm/vue/3.4.38/3.5.18) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/vue/3.5.18?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/vue/3.4.38/3.5.18?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | |
| [vue-router](https://redirect.github.com/vuejs/router) | [`4.4.3` ->
`4.5.1`](https://renovatebot.com/diffs/npm/vue-router/4.4.3/4.5.1) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/vue-router/4.5.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/vue-router/4.4.3/4.5.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | |

---

### Release Notes

<details>
<summary>tailwindlabs/heroicons (@&#8203;heroicons/vue)</summary>

###
[`v2.2.0`](https://redirect.github.com/tailwindlabs/heroicons/blob/HEAD/CHANGELOG.md#220---2024-11-18)

[Compare
Source](https://redirect.github.com/tailwindlabs/heroicons/compare/v2.1.5...v2.2.0)

##### Added

- Add React 19 support
([#&#8203;1247](https://redirect.github.com/tailwindlabs/heroicons/pull/1247))

##### Fixed

- Removed unnecessary clipping path from `solid/arrow-left-circle`
([#&#8203;1211](https://redirect.github.com/tailwindlabs/heroicons/pull/1211))

</details>

<details>
<summary>nrwl/nx (@&#8203;nx/web)</summary>

### [`v18.3.5`](https://redirect.github.com/nrwl/nx/releases/tag/18.3.5)

[Compare
Source](https://redirect.github.com/nrwl/nx/compare/18.3.4...18.3.5)

#### 18.3.5 (2024-05-15)

##### 🩹 Fixes

- **core:** fix affected detection for inputs after named inputs
([#&#8203;23354](https://redirect.github.com/nrwl/nx/pull/23354))

##### ❤️  Thank You

- Jason Jean
[@&#8203;FrozenPandaz](https://redirect.github.com/FrozenPandaz)

### [`v18.3.4`](https://redirect.github.com/nrwl/nx/releases/tag/18.3.4)

[Compare
Source](https://redirect.github.com/nrwl/nx/compare/18.3.3...18.3.4)

#### 18.3.4 (2024-04-25)

##### 🚀 Features

- **core:** add root level forwardAllArgs
([#&#8203;22753](https://redirect.github.com/nrwl/nx/pull/22753))

##### 🩹 Fixes

- **core:** different commands should not be considered compatible
targets
([#&#8203;22863](https://redirect.github.com/nrwl/nx/pull/22863))
- **core:** fix pnpm install order on ci workflows
([#&#8203;22580](https://redirect.github.com/nrwl/nx/pull/22580))
- **core:** workspace context glob respects exclude
([#&#8203;22939](https://redirect.github.com/nrwl/nx/pull/22939))
- **core:** handle events that do not have paths
([#&#8203;22947](https://redirect.github.com/nrwl/nx/pull/22947))
- **core:** fix exclude for empty array
([#&#8203;22951](https://redirect.github.com/nrwl/nx/pull/22951))
- **core:** move a few api points to return root maps directly
([#&#8203;22949](https://redirect.github.com/nrwl/nx/pull/22949))
- **core:** regression register ts transpiler for local plugin
([#&#8203;22964](https://redirect.github.com/nrwl/nx/pull/22964))
- **core:** handle created directories when watching on linux
([#&#8203;22980](https://redirect.github.com/nrwl/nx/pull/22980))
- **core:** ensure create nodes functions are properly parallelized
([#&#8203;23005](https://redirect.github.com/nrwl/nx/pull/23005))
- **gradle:** change gradle command to be relative path
([#&#8203;22963](https://redirect.github.com/nrwl/nx/pull/22963))
- **gradle:** should skip println in project report
([#&#8203;22862](https://redirect.github.com/nrwl/nx/pull/22862))
- **gradle:** get gradlew path with projectRoot joins workspaceRoot
([#&#8203;22988](https://redirect.github.com/nrwl/nx/pull/22988))
- **graph:** don't listen to system theme changes in console
([#&#8203;22938](https://redirect.github.com/nrwl/nx/pull/22938))
- **linter:** do not infer lint tasks for projects without files to lint
([#&#8203;22944](https://redirect.github.com/nrwl/nx/pull/22944))
- **misc:** fix publish script
([#&#8203;22981](https://redirect.github.com/nrwl/nx/pull/22981))
- **misc:** perf logging shouldn't be enabled twice
([#&#8203;23012](https://redirect.github.com/nrwl/nx/pull/23012))
- **node:** e2e target fails out of the box
([#&#8203;22987](https://redirect.github.com/nrwl/nx/pull/22987))
- **repo:** downgrade to macos-13 in publish workflow
([#&#8203;22961](https://redirect.github.com/nrwl/nx/pull/22961))
- **storybook:** handle inherited config correctly when identifying the
framework used for inferred tasks
([#&#8203;22953](https://redirect.github.com/nrwl/nx/pull/22953))

##### ❤️  Thank You

- Colum Ferry [@&#8203;Coly010](https://redirect.github.com/Coly010)
- Craigory Coppola
[@&#8203;AgentEnder](https://redirect.github.com/AgentEnder)
- Emily Xiong [@&#8203;xiongemi](https://redirect.github.com/xiongemi)
- Jack Hsu [@&#8203;jaysoo](https://redirect.github.com/jaysoo)
- Jason Jean
[@&#8203;FrozenPandaz](https://redirect.github.com/FrozenPandaz)
- Jonathan Cammisuli
- Leosvel Pérez Espinosa
[@&#8203;leosvelperez](https://redirect.github.com/leosvelperez)
- MaxKless [@&#8203;MaxKless](https://redirect.github.com/MaxKless)
- Miroslav Jonaš
[@&#8203;meeroslav](https://redirect.github.com/meeroslav)
- Nicholas Cunningham
[@&#8203;ndcunningham](https://redirect.github.com/ndcunningham)
- Richard Roozenboom
[@&#8203;Roozenboom](https://redirect.github.com/Roozenboom)

### [`v18.3.3`](https://redirect.github.com/nrwl/nx/releases/tag/18.3.3)

[Compare
Source](https://redirect.github.com/nrwl/nx/compare/18.3.2...18.3.3)

#### 18.3.3 (2024-04-20)

##### 🩹 Fixes

- **angular:** fix loading postcss configuration in ng-packagr executors
([#&#8203;22900](https://redirect.github.com/nrwl/nx/pull/22900))
- **core:** group command exit listeners to avoid warning
([#&#8203;22892](https://redirect.github.com/nrwl/nx/pull/22892))
- **core:** handle plugin errors from isolation correctly
([#&#8203;22890](https://redirect.github.com/nrwl/nx/pull/22890))
- **core:** disable pty on windows until stable
([#&#8203;22910](https://redirect.github.com/nrwl/nx/pull/22910))
- **core:** fix cursor being hidden and process shutdown for ctrl c
([#&#8203;22895](https://redirect.github.com/nrwl/nx/pull/22895))
- **misc:** add --verbose support to nx graph
([#&#8203;22889](https://redirect.github.com/nrwl/nx/pull/22889))
- **misc:** mark migration for escaping env vars as skipped in nx repair
([#&#8203;22916](https://redirect.github.com/nrwl/nx/pull/22916))
- **misc:** don't clear node\_modules require cache
([#&#8203;22907](https://redirect.github.com/nrwl/nx/pull/22907))
- **testing:** bust require cache in jest plugin so configs reload
([#&#8203;22893](https://redirect.github.com/nrwl/nx/pull/22893))
- **vue:** do not add verbatimImportSyntax to tsconfig
([#&#8203;22905](https://redirect.github.com/nrwl/nx/pull/22905))

##### ❤️  Thank You

- Colum Ferry [@&#8203;Coly010](https://redirect.github.com/Coly010)
- Craigory Coppola
[@&#8203;AgentEnder](https://redirect.github.com/AgentEnder)
- Jason Jean
[@&#8203;FrozenPandaz](https://redirect.github.com/FrozenPandaz)
- Leosvel Pérez Espinosa
[@&#8203;leosvelperez](https://redirect.github.com/leosvelperez)

### [`v18.3.2`](https://redirect.github.com/nrwl/nx/releases/tag/18.3.2)

[Compare
Source](https://redirect.github.com/nrwl/nx/compare/18.3.1...18.3.2)

#### 18.3.2 (2024-04-18)

##### 🚀 Features

- **core:** load native files from tmp location instead of node\_modules
([#&#8203;22648](https://redirect.github.com/nrwl/nx/pull/22648))

##### 🩹 Fixes

- **bundling:** handle circular dependencies in
[@&#8203;nx/esbuild](https://redirect.github.com/nx/esbuild)
getExtraDependencies
([#&#8203;22644](https://redirect.github.com/nrwl/nx/pull/22644))
- **core:** load config util supports absolute paths on windows
([#&#8203;22837](https://redirect.github.com/nrwl/nx/pull/22837))
- **core:** keep plugin workers until main process shutdown
([#&#8203;22860](https://redirect.github.com/nrwl/nx/pull/22860))
- **core:** handle schema validation errors running commands directly
([#&#8203;22864](https://redirect.github.com/nrwl/nx/pull/22864))
- **core:** forward args provided to the nx add command to the invoked
init generator
([#&#8203;22855](https://redirect.github.com/nrwl/nx/pull/22855))
- **core:** fix hashing of external dependencies
([#&#8203;22865](https://redirect.github.com/nrwl/nx/pull/22865))
- **nx-cloud:** ensure root .env files are loaded during dte
([#&#8203;22859](https://redirect.github.com/nrwl/nx/pull/22859))
- **testing:** fix jest ci target names
([#&#8203;22858](https://redirect.github.com/nrwl/nx/pull/22858))

##### ❤️  Thank You

- Colum Ferry [@&#8203;Coly010](https://redirect.github.com/Coly010)
- Craigory Coppola
[@&#8203;AgentEnder](https://redirect.github.com/AgentEnder)
- Jason Jean
[@&#8203;FrozenPandaz](https://redirect.github.com/FrozenPandaz)
- Kyle Cannon
[@&#8203;kylecannon](https://redirect.github.com/kylecannon)
- Leosvel Pérez Espinosa
[@&#8203;leosvelperez](https://redirect.github.com/leosvelperez)
- MaxKless [@&#8203;MaxKless](https://redirect.github.com/MaxKless)

### [`v18.3.1`](https://redirect.github.com/nrwl/nx/releases/tag/18.3.1)

[Compare
Source](https://redirect.github.com/nrwl/nx/compare/18.3.0...18.3.1)

#### 18.3.1 (2024-04-17)

##### 🩹 Fixes

- **core:** repair sourcemap creation in createNodes
([#&#8203;22851](https://redirect.github.com/nrwl/nx/pull/22851))

##### ❤️  Thank You

- MaxKless [@&#8203;MaxKless](https://redirect.github.com/MaxKless)

### [`v18.3.0`](https://redirect.github.com/nrwl/nx/releases/tag/18.3.0)

[Compare
Source](https://redirect.github.com/nrwl/nx/compare/18.2.4...18.3.0)

#### 18.3.0 (2024-04-16)

##### 🚀 Features

- **core:** add metadata to targets
([#&#8203;22655](https://redirect.github.com/nrwl/nx/pull/22655))
- **core:** list crystal plugins with nx report
([#&#8203;22649](https://redirect.github.com/nrwl/nx/pull/22649))
- **core:** re-enable running plugins in isolation
([#&#8203;22527](https://redirect.github.com/nrwl/nx/pull/22527))
- **core:** load root .env files on daemon
([#&#8203;22786](https://redirect.github.com/nrwl/nx/pull/22786))
- **js:** add swc cli options --strip-leading-paths
([#&#8203;22193](https://redirect.github.com/nrwl/nx/pull/22193))
- **js:** add swc cli options --strip-leading-paths "
([#&#8203;22193](https://redirect.github.com/nrwl/nx/pull/22193),
[#&#8203;22832](https://redirect.github.com/nrwl/nx/pull/22832))
- **misc:** non conflicting init/add flow
([#&#8203;22791](https://redirect.github.com/nrwl/nx/pull/22791))
- **nuxt:** update
[@&#8203;nuxt/eslint-config](https://redirect.github.com/nuxt/eslint-config)
to a stable version
([#&#8203;22804](https://redirect.github.com/nrwl/nx/pull/22804))
- **nx-dev:** link Nx Launch Conf videos
([#&#8203;22690](https://redirect.github.com/nrwl/nx/pull/22690))
- **nx-dev:** remember selected tabs
([#&#8203;22699](https://redirect.github.com/nrwl/nx/pull/22699))
- **nx-dev:** add contact pages
([#&#8203;22815](https://redirect.github.com/nrwl/nx/pull/22815))
- **nx-dev:** banner for webinar
([#&#8203;22824](https://redirect.github.com/nrwl/nx/pull/22824))
- **testing:** add ability to split jest tests
([#&#8203;22662](https://redirect.github.com/nrwl/nx/pull/22662))
- **testing:** add metadata to playwright targets
([#&#8203;22768](https://redirect.github.com/nrwl/nx/pull/22768))
- **vite:** migrate to latest vite-plugin-dts
([#&#8203;22614](https://redirect.github.com/nrwl/nx/pull/22614))

##### 🩹 Fixes

- **angular:** prevent false positive validation due to option default
value in dev-server executor
([#&#8203;22606](https://redirect.github.com/nrwl/nx/pull/22606))
- **angular:** respect skipPackageJson correctly in library generator
([#&#8203;22608](https://redirect.github.com/nrwl/nx/pull/22608))
- **angular:** fix @&#8203;nx/angular/src/utils entry point
([#&#8203;22609](https://redirect.github.com/nrwl/nx/pull/22609))
- **angular:** fix dynamic module federation generation
([#&#8203;22724](https://redirect.github.com/nrwl/nx/pull/22724))
- **angular:** respect skipPackageJson correctly across generators
([#&#8203;22777](https://redirect.github.com/nrwl/nx/pull/22777))
- **angular:** execute wrapped schematics post tasks and log messages
([#&#8203;22780](https://redirect.github.com/nrwl/nx/pull/22780))
- **bundling:** support exported array of options for rollup
([#&#8203;22703](https://redirect.github.com/nrwl/nx/pull/22703))
- **bundling:** print errors from rollup build
([#&#8203;22707](https://redirect.github.com/nrwl/nx/pull/22707))
- **bundling:** show codeframes for Rollup build errors
([#&#8203;22845](https://redirect.github.com/nrwl/nx/pull/22845))
- **core:** do not assume workspace inputs cause all projects to be af…
([#&#8203;22573](https://redirect.github.com/nrwl/nx/pull/22573))
- **core:** write terminal output to cache folder
([#&#8203;22673](https://redirect.github.com/nrwl/nx/pull/22673))
- **core:** errors from create dependencies should show properly
([#&#8203;22695](https://redirect.github.com/nrwl/nx/pull/22695))
- **core:** not passing props of run-commands to underlying command
([#&#8203;22595](https://redirect.github.com/nrwl/nx/pull/22595))
- **core:** update pty version to add windows specific flags
([#&#8203;22711](https://redirect.github.com/nrwl/nx/pull/22711))
- **core:** detect imports from template literals in dynamic imports
([#&#8203;22749](https://redirect.github.com/nrwl/nx/pull/22749))
- **core:** attach cli args from target options explicitly with '='
([#&#8203;22756](https://redirect.github.com/nrwl/nx/pull/22756))
- **core:** fix plugin exclude option
([#&#8203;22738](https://redirect.github.com/nrwl/nx/pull/22738))
- **core:** improve `isCI` to better detect other providers
([#&#8203;22694](https://redirect.github.com/nrwl/nx/pull/22694))
- **core:** errors thrown when creating projects should prevent running
targets
([#&#8203;22807](https://redirect.github.com/nrwl/nx/pull/22807))
- **core:** use name instead of .prototype.name when comparing errors
([#&#8203;22840](https://redirect.github.com/nrwl/nx/pull/22840))
- **core:** fix init logging and package.json updates
([#&#8203;22843](https://redirect.github.com/nrwl/nx/pull/22843))
- **devkit:** update peer dependency on nx to include Nx 19
([#&#8203;22811](https://redirect.github.com/nrwl/nx/pull/22811))
- **js:** update jest snapshot after vite-plugin-dts bump
([#&#8203;22621](https://redirect.github.com/nrwl/nx/pull/22621))
- **js:** append target when generating tmp tsconfig to prevent
conflicts
[#&#8203;21396](https://redirect.github.com/nrwl/nx/issues/21396)
([#&#8203;22671](https://redirect.github.com/nrwl/nx/pull/22671),
[#&#8203;21396](https://redirect.github.com/nrwl/nx/issues/21396))
- **js:** propagate error from child process to
[@&#8203;nx/js](https://redirect.github.com/nx/js):node executor
([#&#8203;22705](https://redirect.github.com/nrwl/nx/pull/22705))
- **js:** do not default to commonjs type field in package.json
([#&#8203;22819](https://redirect.github.com/nrwl/nx/pull/22819))
- **misc:** fix optional branch tracking on ci pipeline
([#&#8203;22652](https://redirect.github.com/nrwl/nx/pull/22652))
- **module-federation:** serve dynamic remotes statically in their own
processes
([#&#8203;22688](https://redirect.github.com/nrwl/nx/pull/22688))
- **nextjs:** Adding tailwind should work when creating an app OOTB
([#&#8203;22709](https://redirect.github.com/nrwl/nx/pull/22709))
- **nuxt:** use loadConfigFile from devkit rather than
[@&#8203;nuxt/kit](https://redirect.github.com/nuxt/kit)
([#&#8203;22571](https://redirect.github.com/nrwl/nx/pull/22571))
- **nx-dev:** Update urls that are 404
([#&#8203;22653](https://redirect.github.com/nrwl/nx/pull/22653))
- **react-native:** storybook relative paths
([#&#8203;22031](https://redirect.github.com/nrwl/nx/pull/22031))
- **react-native:** should ask for app name when preset is react native
([#&#8203;22761](https://redirect.github.com/nrwl/nx/pull/22761))
- **react-native:** fix unable to resolve on windows
([#&#8203;22759](https://redirect.github.com/nrwl/nx/pull/22759))
- **release:** respect root .npmrc registry settings for publishing
([12afa20210](https://redirect.github.com/nrwl/nx/commit/12afa20210))
- **release:** do not try to interpolate packageRoot for root project
([#&#8203;22771](https://redirect.github.com/nrwl/nx/pull/22771))
- **testing:** fix playwright executor uiPort option schema
([#&#8203;22610](https://redirect.github.com/nrwl/nx/pull/22610))
- **testing:** app generators should create correct e2e config at
generation time
([#&#8203;22565](https://redirect.github.com/nrwl/nx/pull/22565))
- **vite:** ensure cache is created correctly for separate vite and
vitest config files
[#&#8203;22244](https://redirect.github.com/nrwl/nx/issues/22244)
([#&#8203;22618](https://redirect.github.com/nrwl/nx/pull/22618),
[#&#8203;22244](https://redirect.github.com/nrwl/nx/issues/22244))
- **vite:** pass cli arguments as options to vitest
([#&#8203;22355](https://redirect.github.com/nrwl/nx/pull/22355))
- **webpack:** bring back previous SVG and SVGR behavior for React
projects
([#&#8203;22628](https://redirect.github.com/nrwl/nx/pull/22628))
- **webpack:** support standard webpack config with
[@&#8203;nx/webpack](https://redirect.github.com/nx/webpack):dev-server
([#&#8203;22660](https://redirect.github.com/nrwl/nx/pull/22660))
- **webpack:** remove url-loader from dependencies since it is replaced
by asset modules
([#&#8203;22698](https://redirect.github.com/nrwl/nx/pull/22698))
- **webpack:** typo for outputPath
([#&#8203;22734](https://redirect.github.com/nrwl/nx/pull/22734))
- **webpack:** Should work when absolute paths are supplied as output
([#&#8203;22736](https://redirect.github.com/nrwl/nx/pull/22736))

##### ❤️  Thank You

- Altan Stalker
- arekkubaczkowski
[@&#8203;arekkubaczkowski](https://redirect.github.com/arekkubaczkowski)
- Austin Fahsl [@&#8203;fahslaj](https://redirect.github.com/fahslaj)
- Benjamin Cabanes
[@&#8203;bcabanes](https://redirect.github.com/bcabanes)
- Colum Ferry [@&#8203;Coly010](https://redirect.github.com/Coly010)
- Craigory Coppola
[@&#8203;AgentEnder](https://redirect.github.com/AgentEnder)
- Emily Xiong [@&#8203;xiongemi](https://redirect.github.com/xiongemi)
- Every [@&#8203;hongxuWei](https://redirect.github.com/hongxuWei)
- Isaac Mann
[@&#8203;isaacplmann](https://redirect.github.com/isaacplmann)
- Jack Hsu [@&#8203;jaysoo](https://redirect.github.com/jaysoo)
- Jason Jean
[@&#8203;FrozenPandaz](https://redirect.github.com/FrozenPandaz)
- Juri Strumpflohner
[@&#8203;juristr](https://redirect.github.com/juristr)
- Leosvel Pérez Espinosa
[@&#8203;leosvelperez](https://redirect.github.com/leosvelperez)
- Lucca Miranda [@&#8203;luckened](https://redirect.github.com/luckened)
- MaxKless [@&#8203;MaxKless](https://redirect.github.com/MaxKless)
- Miroslav Jonaš
[@&#8203;meeroslav](https://redirect.github.com/meeroslav)
- Nicholas Cunningham
[@&#8203;ndcunningham](https://redirect.github.com/ndcunningham)
- Thomas Dekiere
- Younes Jaaidi

### [`v18.2.4`](https://redirect.github.com/nrwl/nx/releases/tag/18.2.4)

[Compare
Source](https://redirect.github.com/nrwl/nx/compare/18.2.3...18.2.4)

#### 18.2.4 (2024-04-09)

##### 🩹 Fixes

- **angular:** fix dynamic module federation generation
([#&#8203;22724](https://redirect.github.com/nrwl/nx/pull/22724))
- **core:** update pty version to add windows specific flags
([#&#8203;22711](https://redirect.github.com/nrwl/nx/pull/22711))
- **nextjs:** Adding tailwind should work when creating an app OOTB
([#&#8203;22709](https://redirect.github.com/nrwl/nx/pull/22709))

##### ❤️  Thank You

- Craigory Coppola
[@&#8203;AgentEnder](https://redirect.github.com/AgentEnder)
- Leosvel Pérez Espinosa
[@&#8203;leosvelperez](https://redirect.github.com/leosvelperez)
- Nicholas Cunningham
[@&#8203;ndcunningham](https://redirect.github.com/ndcunningham)

### [`v18.2.3`](https://redirect.github.com/nrwl/nx/releases/tag/18.2.3)

[Compare
Source](https://redirect.github.com/nrwl/nx/compare/18.2.2...18.2.3)

#### 18.2.3 (2024-04-05)

##### 🚀 Features

- **core:** list crystal plugins with nx report
([#&#8203;22649](https://redirect.github.com/nrwl/nx/pull/22649))

##### 🩹 Fixes

- **bundling:** print errors from rollup build
([#&#8203;22707](https://redirect.github.com/nrwl/nx/pull/22707))
- **core:** write terminal output to cache folder
([#&#8203;22673](https://redirect.github.com/nrwl/nx/pull/22673))
- **core:** errors from create dependencies should show properly
([#&#8203;22695](https://redirect.github.com/nrwl/nx/pull/22695))
- **core:** not passing props of run-commands to underlying command
([#&#8203;22595](https://redirect.github.com/nrwl/nx/pull/22595))
- **js:** update jest snapshot after vite-plugin-dts bump
([#&#8203;22621](https://redirect.github.com/nrwl/nx/pull/22621))
- **js:** append target when generating tmp tsconfig to prevent
conflicts
[#&#8203;21396](https://redirect.github.com/nrwl/nx/issues/21396)
([#&#8203;22671](https://redirect.github.com/nrwl/nx/pull/22671),
[#&#8203;21396](https://redirect.github.com/nrwl/nx/issues/21396))
- **js:** propagate error from child process to
[@&#8203;nx/js](https://redirect.github.com/nx/js):node executor
([#&#8203;22705](https://redirect.github.com/nrwl/nx/pull/22705))
- **misc:** fix optional branch tracking on ci pipeline
([#&#8203;22652](https://redirect.github.com/nrwl/nx/pull/22652))
- **module-federation:** serve dynamic remotes statically in their own
processes
([#&#8203;22688](https://redirect.github.com/nrwl/nx/pull/22688))
- **nx-dev:** Update urls that are 404
([#&#8203;22653](https://redirect.github.com/nrwl/nx/pull/22653))
- **release:** respect root .npmrc registry settings for publishing
([9dd97c43a1](https://redirect.github.com/nrwl/nx/commit/9dd97c43a1))
- **testing:** fix playwright executor uiPort option schema
([#&#8203;22610](https://redirect.github.com/nrwl/nx/pull/22610))
- **testing:** app generators should create correct e2e config at
generation time
([#&#8203;22565](https://redirect.github.com/nrwl/nx/pull/22565))
- **vite:** ensure cache is created correctly for separate vite and
vitest config files
[#&#8203;22244](https://redirect.github.com/nrwl/nx/issues/22244)
([#&#8203;22618](https://redirect.github.com/nrwl/nx/pull/22618),
[#&#8203;22244](https://redirect.github.com/nrwl/nx/issues/22244))
- **webpack:** bring back previous SVG and SVGR behavior for React
projects
([#&#8203;22628](https://redirect.github.com/nrwl/nx/pull/22628))
- **webpack:** support standard webpack config with
[@&#8203;nx/webpack](https://redirect.github.com/nx/webpack):dev-server
([#&#8203;22660](https://redirect.github.com/nrwl/nx/pull/22660))
- **webpack:** remove url-loader from dependencies since it is replaced
by asset modules
([#&#8203;22698](https://redirect.github.com/nrwl/nx/pull/22698))

##### ❤️  Thank You

- Altan Stalker
- Austin Fahsl [@&#8203;fahslaj](https://redirect.github.com/fahslaj)
- Colum Ferry [@&#8203;Coly010](https://redirect.github.com/Coly010)
- Craigory Coppola
[@&#8203;AgentEnder](https://redirect.github.com/AgentEnder)
- Emily Xiong [@&#8203;xiongemi](https://redirect.github.com/xiongemi)
- Jack Hsu [@&#8203;jaysoo](https://redirect.github.com/jaysoo)
- Leosvel Pérez Espinosa
[@&#8203;leosvelperez](https://redirect.github.com/leosvelperez)
- Miroslav Jonaš
[@&#8203;meeroslav](https://redirect.github.com/meeroslav)
- Nicholas Cunningham
[@&#8203;ndcunningham](https://redirect.github.com/ndcunningham)

### [`v18.2.2`](https:/

Co-authored-by: Renovate Bot <renovate@whitesourcesoftware.com>
@a-klos
fix: rename mcp image name to mcp-server for consistency
8f5363d
@a-klos
Merge branch 'deps-main' of github.com:stackitcloud/rag-template into…
5815f10 
… deps-main
@a-klos
fix(deps): downgrade pypdfium2 to version 4.30.0 and update dependenc…
a74d916 
…ies in extractor-api-lib and document-extractor
@a-klos a-klos added helm python Pull requests that update python code renovate labels Aug 3, 2025
a-klos added 5 commits August 4, 2025 09:01
@a-klos
merge
e172376
@a-klos
Update dependencies and refactor tracing mechanism
fcc3ad7 
- Updated langfuse dependency version from 0.13.1 to 1.3.4 in Chart.yaml and Chart.lock.
- Added keydb dependency in Chart.yaml with version 0.48.0.
- Enhanced langfuse configuration in values.yaml with resource limits and requests.
- Refactored the tracing mechanism by replacing LangfuseTracedGraph with LangfuseTracedRunnable across various modules.
- Introduced AsyncRunnable as a base class for asynchronous chains, replacing AsyncChain.
- Updated the LangchainSummarizer to handle rate limits with retries.
- Improved error handling and logging in LangfuseRagasEvaluator.
- Added new files for async_runnable and traced_runnable implementations.
- Updated chat endpoint to utilize the new traced runnable structure.
@a-klos
refactor: clean up code formatting and improve readability in various…
5da7878 
… modules
@a-klos
chore: merge main
e77c29b
@a-klos
chore: update content hash in poetry.lock
98e821f
@a-klos a-klos force-pushed the renovate/all-minor-patch branch from 055dca1 to cc7fc00 Compare August 10, 2025 01:49
@a-klos a-klos force-pushed the renovate/all-minor-patch branch 2 times, most recently from 76c1976 to 8b52a12 Compare August 24, 2025 01:44
@a-klos a-klos added the docker label Aug 24, 2025
@a-klos a-klos force-pushed the renovate/all-minor-patch branch from 8b52a12 to 538598a Compare August 31, 2025 01:27
@a-klos a-klos changed the base branch from deps-main to main September 2, 2025 10:26
@a-klos
Copy link
Member Author

a-klos commented Sep 7, 2025

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
docker github-actions helm nodejs python Pull requests that update python code renovate
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@a-klos @renovate-bot