Skip to content

Comments

Bump the npm_and_yarn group across 12 directories with 17 updates#42

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/frameworks/JavaScript/express/npm_and_yarn-0c5a602b7b
Open

Bump the npm_and_yarn group across 12 directories with 17 updates#42
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/frameworks/JavaScript/express/npm_and_yarn-0c5a602b7b

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 20, 2026

Bumps the npm_and_yarn group with 2 updates in the /frameworks/JavaScript/express directory: mongoose and pg-promise.
Bumps the npm_and_yarn group with 3 updates in the /frameworks/JavaScript/fastify directory: mysql2, fastify and handlebars.
Bumps the npm_and_yarn group with 3 updates in the /frameworks/JavaScript/hapi directory: mongoose, handlebars and async.
Bumps the npm_and_yarn group with 1 update in the /frameworks/JavaScript/hyperexpress directory: cookie.
Bumps the npm_and_yarn group with 3 updates in the /frameworks/JavaScript/koa directory: mongoose, handlebars and koa.
Bumps the npm_and_yarn group with 3 updates in the /frameworks/JavaScript/nodejs directory: mongoose, handlebars and async.
Bumps the npm_and_yarn group with 1 update in the /frameworks/JavaScript/sailsjs directory: handlebars.
Bumps the npm_and_yarn group with 3 updates in the /frameworks/JavaScript/spliffy directory: cookie, @smithy/config-resolver and fast-xml-parser.
Bumps the npm_and_yarn group with 1 update in the /frameworks/PHP/laravel directory: axios.
Bumps the npm_and_yarn group with 2 updates in the /frameworks/TypeScript/feathersjs directory: mysql2 and axios.
Bumps the npm_and_yarn group with 6 updates in the /frameworks/TypeScript/nest directory:

Package From To
fastify 2.12.1 5.7.3
handlebars 4.7.3 4.7.7
@nestjs/core 6.11.11 9.0.5
@nestjs/platform-fastify 6.11.11 11.1.10
hbs 4.1.0 4.2.0
typeorm 0.2.29 0.3.26

Bumps the npm_and_yarn group with 2 updates in the /frameworks/TypeScript/typescript-rest directory: knex and objection.

Updates mongoose from 8.3.2 to 8.9.5

Release notes

Sourced from mongoose's releases.

8.9.5 / 2025-01-13

  • fix: disallow nested $where in populate match
  • fix(schema): handle bitwise operators on Int32 #15176 #15170

8.9.4 / 2025-01-09

  • fix(document): fix document not applying manual populate when using a function in schema.options.ref #15138 IchirokuXVI
  • fix(model): make Model.validate() static correctly cast document arrays #15169 #15164
  • fix(model): allow passing validateBeforeSave option to bulkSave() to skip validation #15161 #15156
  • fix(schema): allow multiple self-referencing discriminator schemas using Schema.prototype.discriminator #15142 #15120
  • types: avoid BufferToBinary<> wiping lean types when passed to generic functions #15160 #15158
  • docs: fix <code> in header ids #15159
  • docs: fix header in field-level-encryption.md #15137 damieng

8.9.3 / 2024-12-30

  • fix(schema): make duplicate index error a warning for now to prevent blocking upgrading #15135 #15112 #15109
  • fix(model): handle document array paths set to non-array values in Model.castObject() #15124 #15075
  • fix(document): avoid using childSchemas.path for compatibility with pre-Mongoose-8.8 schemas #15131 #15071
  • fix(model): avoid throwing unnecessary error if updateOne() returns null in save() #15126
  • perf(cursor): clear the stack every time if using populate with batchSize to avoid stack overflows with large docs #15136 #10449
  • types: make BufferToBinary avoid Document instances #15123 #15122
  • types(model+query): avoid stripping out virtuals when calling populate with paths generic #15132 #15111
  • types(schema): add missing removeIndex #15134
  • types: add cleanIndexes() to IndexManager interface #15127
  • docs: move search endpoint to netlify #15119

8.9.2 / 2024-12-19

  • fix(schema): avoid throwing duplicate index error if index spec keys have different order or index has a custom name #15112 #15109
  • fix(map): clean modified subpaths when overwriting values in map of subdocs #15114 #15108
  • fix(aggregate): pull session from transaction local storage for aggregation cursors #15094 IchirokuXVI
  • types: correctly handle union types in BufferToBinary and related helpers #15103 #15102 #15057
  • types: add UUID to RefType #15115 #15101
  • docs: remove link to Mongoose 5.x docs from dropdown #15116
  • docs(connection+document+model): remove remaining references to remove(), clarify that deleteOne() does not execute until then() or exec() #15113 #15107

8.9.1 / 2024-12-16

  • fix(connection): remove heartbeat check in load balanced mode #15089 #15042 #14812
  • fix(discriminator): gather childSchemas when creating discriminator to ensure $getAllSubdocs() can properly get all subdocs #15099 #15088 #15092
  • fix(model): handle discriminators in castObject() #15096 #15075
  • fix(schema): throw error if duplicate index definition using unique in schema path and subsequent .index() call #15093 #15056
  • fix: mark documents that are populated using hydratedPopulatedDocs option as populated in top-level doc #15080 #15048
  • fix(document+schema): improve error message for get() on invalid path #15098 #15071
  • docs: remove more callback doc references & some small other changes #15095

8.9.0 / 2024-12-13

... (truncated)

Changelog

Sourced from mongoose's changelog.

8.9.5 / 2025-01-13

7.8.4 / 2025-01-13

6.13.6 / 2025-01-13

8.9.4 / 2025-01-09

  • fix(document): fix document not applying manual populate when using a function in schema.options.ref #15138 IchirokuXVI
  • fix(model): make Model.validate() static correctly cast document arrays #15169 #15164
  • fix(model): allow passing validateBeforeSave option to bulkSave() to skip validation #15161 #15156
  • fix(schema): allow multiple self-referencing discriminator schemas using Schema.prototype.discriminator #15142 #15120
  • types: avoid BufferToBinary<> wiping lean types when passed to generic functions #15160 #15158
  • docs: fix <code> in header ids #15159
  • docs: fix header in field-level-encryption.md #15137 damieng

8.9.3 / 2024-12-30

  • fix(schema): make duplicate index error a warning for now to prevent blocking upgrading #15135 #15112 #15109
  • fix(model): handle document array paths set to non-array values in Model.castObject() #15124 #15075
  • fix(document): avoid using childSchemas.path for compatibility with pre-Mongoose-8.8 schemas #15131 #15071
  • fix(model): avoid throwing unnecessary error if updateOne() returns null in save() #15126
  • perf(cursor): clear the stack every time if using populate with batchSize to avoid stack overflows with large docs #15136 #10449
  • types: make BufferToBinary avoid Document instances #15123 #15122
  • types(model+query): avoid stripping out virtuals when calling populate with paths generic #15132 #15111
  • types(schema): add missing removeIndex #15134
  • types: add cleanIndexes() to IndexManager interface #15127
  • docs: move search endpoint to netlify #15119

8.9.2 / 2024-12-19

  • fix(schema): avoid throwing duplicate index error if index spec keys have different order or index has a custom name #15112 #15109
  • fix(map): clean modified subpaths when overwriting values in map of subdocs #15114 #15108
  • fix(aggregate): pull session from transaction local storage for aggregation cursors #15094 IchirokuXVI
  • types: correctly handle union types in BufferToBinary and related helpers #15103 #15102 #15057
  • types: add UUID to RefType #15115 #15101
  • docs: remove link to Mongoose 5.x docs from dropdown #15116
  • docs(connection+document+model): remove remaining references to remove(), clarify that deleteOne() does not execute until then() or exec() #15113 #15107

8.9.1 / 2024-12-16

  • fix(connection): remove heartbeat check in load balanced mode #15089 #15042 #14812
  • fix(discriminator): gather childSchemas when creating discriminator to ensure $getAllSubdocs() can properly get all subdocs #15099 #15088 #15092

... (truncated)

Commits

Updates pg-promise from 10.7.3 to 11.5.5

Release notes

Sourced from pg-promise's releases.

11.5.5

  • Addressing sql injection issue; All negative numbers are now wrapped in parentheses.
  • Dev dependencies updated.

Thanks to @​paul-gerste-sonarsource!

11.5.4

  • Dependencies updated, including the driver, to v8.11.3

11.5.3

  • Following up on driver fix-update, see issue #888

11.5.2

This update is to clarify the full range of environments officially supported:

  • PostgreSql v10 - v15
  • NodeJS v14 - v18

It is worth noting that:

  • It may work with PostgreSql v9, but it is no longer officially supported.
  • It should work with NodeJS v20, but it is not officially supported yet (we support LTS versions of NodeJS only).

The CI has been updated accordingly. No functional changes.

11.5.1

  • Updated dependencies, including the driver, to v8.11.1
  • Fixed #884 - CI build issue in test

11.5.0

  • Many dependencies updated, including Postgres driver.
  • Minor documentation updates.

Please note that at the time of publishing this, GitHub CI started showing problems again, unrelated to the project. All tests pass locally fine, disregard Failed Build status for the time being.

11.4.3

  • Updated dependencies
  • Marked method batch as deprecated.

11.4.2

  • Dev dependencies updated
  • Semantic refactoring of the code

11.4.1

  • Corrected TypeScript signature for the Pool's property log.

11.4.0

  • Updated dependencies: "pg" -> "8.10.0" and "pg-query-stream" -> "4.4.0"
  • Extended IPool TypeScript declaration with properties expiredCount + log. The latter in case you want to log what the pool is doing:

... (truncated)

Commits

Updates mysql2 from 3.9.7 to 3.9.8

Release notes

Sourced from mysql2's releases.

v3.9.8

3.9.8 (2024-05-26)

Bug Fixes

  • security: sanitize fields and tables when using nestTables (#2702) (efe3db5)
  • support deno + caching_sha2_password FULL_AUTHENTICATION_PACKET flow (#2704) (2e03694)
  • typings: typo from jonServerPublicKey to onServerPublicKey (#2699) (8b5f691)
Changelog

Sourced from mysql2's changelog.

3.9.8 (2024-05-26)

Bug Fixes

  • security: sanitize fields and tables when using nestTables (#2702) (efe3db5)
  • support deno + caching_sha2_password FULL_AUTHENTICATION_PACKET flow (#2704) (2e03694)
  • typings: typo from jonServerPublicKey to onServerPublicKey (#2699) (8b5f691)
Commits
  • f637d3f chore(master): release 3.9.8 (#2700)
  • efe3db5 fix(security): sanitize fields and tables when using nestTables (#2702)
  • 2e03694 fix: support deno + caching_sha2_password FULL_AUTHENTICATION_PACKET flow (#2...
  • 8b5f691 fix(typings): typo from jonServerPublicKey to onServerPublicKey (#2699)
  • 5c75802 build(deps-dev): bump tsx from 4.10.5 to 4.11.0 in /website (#2695)
  • 179769f build(deps): bump @​easyops-cn/docusaurus-search-local in /website (#2696)
  • 56289e2 build(deps-dev): bump poku from 1.12.1 to 1.13.0 (#2698)
  • b029308 build(deps-dev): bump poku from 1.12.1 to 1.13.0 in /website (#2697)
  • 539acb8 build(deps): bump lucide-react from 0.378.0 to 0.379.0 in /website (#2693)
  • dc80580 build(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.9.0 to 7.10.0 i...
  • Additional commits viewable in compare view

Updates fastify from 4.13.0 to 5.7.3

Release notes

Sourced from fastify's releases.

v5.7.3

⚠️ Security Release

What's Changed

Full Changelog: fastify/fastify@v5.7.2...v5.7.3

v5.7.2

⚠️ Notice ⚠️

Parsing of the content-type header has been improved to a strict parser in PR #6414. This means only header values in the form described in RFC 9110 are accepted.

What's Changed

New Contributors

Full Changelog: fastify/fastify@v5.7.1...v5.7.2

v5.7.1

What's Changed

Full Changelog: fastify/fastify@v5.7.0...v5.7.1

v5.7.0

What's Changed

... (truncated)

Commits

Updates handlebars from 4.7.6 to 4.7.7

Changelog

Sourced from handlebars's changelog.

v4.7.7 - February 15th, 2021

  • fix weird error in integration tests - eb860c0
  • fix: check prototype property access in strict-mode (#1736) - b6d3de7
  • fix: escape property names in compat mode (#1736) - f058970
  • refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8
  • chore: start testing on Node.js 12 and 13 - 3789a30

(POSSIBLY) BREAKING CHANGES:

  • the changes from version 4.6.0 now also apply in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods can be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.

That is why we only bump the patch version despite mentioning breaking changes.

Commits

Commits
  • a9a8e40 v4.7.7
  • e66aed5 Update release notes
  • 7d4d170 disable IE in Saucelabs tests
  • eb860c0 fix weird error in integration tests
  • b6d3de7 fix: check prototype property access in strict-mode (#1736)
  • f058970 fix: escape property names in compat mode (#1736)
  • 77825f8 refator: In spec tests, use expectTemplate over equals and shouldThrow (#1683)
  • 3789a30 chore: start testing on Node.js 12 and 13
  • See full diff in compare view

Updates mongoose from 5.13.20 to 6.13.6

Release notes

Sourced from mongoose's releases.

8.9.5 / 2025-01-13

  • fix: disallow nested $where in populate match
  • fix(schema): handle bitwise operators on Int32 #15176 #15170

8.9.4 / 2025-01-09

  • fix(document): fix document not applying manual populate when using a function in schema.options.ref #15138 IchirokuXVI
  • fix(model): make Model.validate() static correctly cast document arrays #15169 #15164
  • fix(model): allow passing validateBeforeSave option to bulkSave() to skip validation #15161 #15156
  • fix(schema): allow multiple self-referencing discriminator schemas using Schema.prototype.discriminator #15142 #15120
  • types: avoid BufferToBinary<> wiping lean types when passed to generic functions #15160 #15158
  • docs: fix <code> in header ids #15159
  • docs: fix header in field-level-encryption.md #15137 damieng

8.9.3 / 2024-12-30

  • fix(schema): make duplicate index error a warning for now to prevent blocking upgrading #15135 #15112 #15109
  • fix(model): handle document array paths set to non-array values in Model.castObject() #15124 #15075
  • fix(document): avoid using childSchemas.path for compatibility with pre-Mongoose-8.8 schemas #15131 #15071
  • fix(model): avoid throwing unnecessary error if updateOne() returns null in save() #15126
  • perf(cursor): clear the stack every time if using populate with batchSize to avoid stack overflows with large docs #15136 #10449
  • types: make BufferToBinary avoid Document instances #15123 #15122
  • types(model+query): avoid stripping out virtuals when calling populate with paths generic #15132 #15111
  • types(schema): add missing removeIndex #15134
  • types: add cleanIndexes() to IndexManager interface #15127
  • docs: move search endpoint to netlify #15119

8.9.2 / 2024-12-19

  • fix(schema): avoid throwing duplicate index error if index spec keys have different order or index has a custom name #15112 #15109
  • fix(map): clean modified subpaths when overwriting values in map of subdocs #15114 #15108
  • fix(aggregate): pull session from transaction local storage for aggregation cursors #15094 IchirokuXVI
  • types: correctly handle union types in BufferToBinary and related helpers #15103 #15102 #15057
  • types: add UUID to RefType #15115 #15101
  • docs: remove link to Mongoose 5.x docs from dropdown #15116
  • docs(connection+document+model): remove remaining references to remove(), clarify that deleteOne() does not execute until then() or exec() #15113 #15107

8.9.1 / 2024-12-16

  • fix(connection): remove heartbeat check in load balanced mode #15089 #15042 #14812
  • fix(discriminator): gather childSchemas when creating discriminator to ensure $getAllSubdocs() can properly get all subdocs #15099 #15088 #15092
  • fix(model): handle discriminators in castObject() #15096 #15075
  • fix(schema): throw error if duplicate index definition using unique in schema path and subsequent .index() call #15093 #15056
  • fix: mark documents that are populated using hydratedPopulatedDocs option as populated in top-level doc #15080 #15048
  • fix(document+schema): improve error message for get() on invalid path #15098 #15071
  • docs: remove more callback doc references & some small other changes #15095

8.9.0 / 2024-12-13

... (truncated)

Changelog

Sourced from mongoose's changelog.

8.9.5 / 2025-01-13

7.8.4 / 2025-01-13

6.13.6 / 2025-01-13

8.9.4 / 2025-01-09

  • fix(document): fix document not applying manual populate when using a function in schema.options.ref #15138 IchirokuXVI
  • fix(model): make Model.validate() static correctly cast document arrays #15169 #15164
  • fix(model): allow passing validateBeforeSave option to bulkSave() to skip validation #15161 #15156
  • fix(schema): allow multiple self-referencing discriminator schemas using Schema.prototype.discriminator #15142 #15120
  • types: avoid BufferToBinary<> wiping lean types when passed to generic functions #15160 #15158
  • docs: fix <code> in header ids #15159
  • docs: fix header in field-level-encryption.md #15137 damieng

8.9.3 / 2024-12-30

  • fix(schema): make duplicate index error a warning for now to prevent blocking upgrading #15135 #15112 #15109
  • fix(model): handle document array paths set to non-array values in Model.castObject() #15124 #15075
  • fix(document): avoid using childSchemas.path for compatibility with pre-Mongoose-8.8 schemas #15131 #15071
  • fix(model): avoid throwing unnecessary error if updateOne() returns null in save() #15126
  • perf(cursor): clear the stack every time if using populate with batchSize to avoid stack overflows with large docs #15136 #10449
  • types: make BufferToBinary avoid Document instances #15123 #15122
  • types(model+query): avoid stripping out virtuals when calling populate with paths generic #15132 #15111
  • types(schema): add missing removeIndex #15134
  • types: add cleanIndexes() to IndexManager interface #15127
  • docs: move search endpoint to netlify #15119

8.9.2 / 2024-12-19

  • fix(schema): avoid throwing duplicate index error if index spec keys have different order or index has a custom name #15112 #15109
  • fix(map): clean modified subpaths when overwriting values in map of subdocs #15114 #15108
  • fix(aggregate): pull session from transaction local storage for aggregation cursors #15094 IchirokuXVI
  • types: correctly handle union types in BufferToBinary and related helpers #15103 #15102 #15057
  • types: add UUID to RefType #15115 #15101
  • docs: remove link to Mongoose 5.x docs from dropdown #15116
  • docs(connection+document+model): remove remaining references to remove(), clarify that deleteOne() does not execute until then() or exec() #15113 #15107

8.9.1 / 2024-12-16

  • fix(connection): remove heartbeat check in load balanced mode #15089 #15042 #14812
  • fix(discriminator): gather childSchemas when creating discriminator to ensure $getAllSubdocs() can properly get all subdocs #15099 #15088 #15092

... (truncated)

Commits

Updates handlebars from 4.3.0 to 4.7.7

Changelog

Sourced from handlebars's changelog.

v4.7.7 - February 15th, 2021

  • fix weird error in integration tests - eb860c0
  • fix: check prototype property access in strict-mode (#1736) - b6d3de7
  • fix: escape property names in compat mode (#1736) - f058970
  • refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8
  • chore: start testing on Node.js 12 and 13 - 3789a30

(POSSIBLY) BREAKING CHANGES:

  • the changes from version 4.6.0 now also apply in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods can be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.

That is why we only bump the patch version despite mentioning breaking changes.

Commits

Commits
  • a9a8e40 v4.7.7
  • e66aed5 Update release notes
  • 7d4d170 disable IE in Saucelabs tests
  • eb860c0 fix weird error in integration tests
  • b6d3de7 fix: check prototype property access in strict-mode (#1736)
  • f058970 fix: escape property names in compat mode (#1736)
  • 77825f8 refator: In spec tests, use expectTemplate over equals and shouldThrow (#1683)
  • 3789a30 chore: start testing on Node.js 12 and 13
  • See full diff in compare view

Updates async from 2.1.5 to 2.6.4

Release notes

Sourced from async's releases.

v2.3.0

  • Added support for ES2017 async functions. Wherever you can pass a Node-style/CPS function that uses a callback, you can also pass an async function. Previously, you had to wrap async functions with asyncify. The caveat is that it will only work if async functions are supported natively in your environment, transpiled implementations can't be detected. (#1386, #1390)

v2.2.0

  • Added groupBy, and the Series/Limit equivalents, analogous to _.groupBy (#1364)
  • Fixed transform bug when callback was not passed (#1381)
Changelog

Sourced from async's changelog.

v2.6.4

  • Fix potential...

    Description has been truncated

Bumps the npm_and_yarn group with 2 updates in the /frameworks/JavaScript/express directory: [mongoose](https://github.com/Automattic/mongoose) and [pg-promise](https://github.com/vitaly-t/pg-promise).
Bumps the npm_and_yarn group with 3 updates in the /frameworks/JavaScript/fastify directory: [mysql2](https://github.com/sidorares/node-mysql2), [fastify](https://github.com/fastify/fastify) and [handlebars](https://github.com/handlebars-lang/handlebars.js).
Bumps the npm_and_yarn group with 3 updates in the /frameworks/JavaScript/hapi directory: [mongoose](https://github.com/Automattic/mongoose), [handlebars](https://github.com/handlebars-lang/handlebars.js) and [async](https://github.com/caolan/async).
Bumps the npm_and_yarn group with 1 update in the /frameworks/JavaScript/hyperexpress directory: [cookie](https://github.com/jshttp/cookie).
Bumps the npm_and_yarn group with 3 updates in the /frameworks/JavaScript/koa directory: [mongoose](https://github.com/Automattic/mongoose), [handlebars](https://github.com/handlebars-lang/handlebars.js) and [koa](https://github.com/koajs/koa).
Bumps the npm_and_yarn group with 3 updates in the /frameworks/JavaScript/nodejs directory: [mongoose](https://github.com/Automattic/mongoose), [handlebars](https://github.com/handlebars-lang/handlebars.js) and [async](https://github.com/caolan/async).
Bumps the npm_and_yarn group with 1 update in the /frameworks/JavaScript/sailsjs directory: [handlebars](https://github.com/handlebars-lang/handlebars.js).
Bumps the npm_and_yarn group with 3 updates in the /frameworks/JavaScript/spliffy directory: [cookie](https://github.com/jshttp/cookie), [@smithy/config-resolver](https://github.com/smithy-lang/smithy-typescript/tree/HEAD/packages/config-resolver) and [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).
Bumps the npm_and_yarn group with 1 update in the /frameworks/PHP/laravel directory: [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 2 updates in the /frameworks/TypeScript/feathersjs directory: [mysql2](https://github.com/sidorares/node-mysql2) and [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 6 updates in the /frameworks/TypeScript/nest directory:

| Package | From | To |
| --- | --- | --- |
| [fastify](https://github.com/fastify/fastify) | `2.12.1` | `5.7.3` |
| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.3` | `4.7.7` |
| [@nestjs/core](https://github.com/nestjs/nest/tree/HEAD/packages/core) | `6.11.11` | `9.0.5` |
| [@nestjs/platform-fastify](https://github.com/nestjs/nest/tree/HEAD/packages/platform-fastify) | `6.11.11` | `11.1.10` |
| [hbs](https://github.com/pillarjs/hbs) | `4.1.0` | `4.2.0` |
| [typeorm](https://github.com/typeorm/typeorm) | `0.2.29` | `0.3.26` |

Bumps the npm_and_yarn group with 2 updates in the /frameworks/TypeScript/typescript-rest directory: [knex](https://github.com/knex/knex) and [objection](https://github.com/vincit/objection.js).


Updates `mongoose` from 8.3.2 to 8.9.5
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md)
- [Commits](Automattic/mongoose@8.3.2...8.9.5)

Updates `pg-promise` from 10.7.3 to 11.5.5
- [Release notes](https://github.com/vitaly-t/pg-promise/releases)
- [Commits](vitaly-t/pg-promise@10.7.3...11.5.5)

Updates `mysql2` from 3.9.7 to 3.9.8
- [Release notes](https://github.com/sidorares/node-mysql2/releases)
- [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md)
- [Commits](sidorares/node-mysql2@v3.9.7...v3.9.8)

Updates `fastify` from 4.13.0 to 5.7.3
- [Release notes](https://github.com/fastify/fastify/releases)
- [Commits](fastify/fastify@v4.13.0...v5.7.3)

Updates `handlebars` from 4.7.6 to 4.7.7
- [Release notes](https://github.com/handlebars-lang/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.6...v4.7.7)

Updates `mongoose` from 5.13.20 to 6.13.6
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md)
- [Commits](Automattic/mongoose@8.3.2...8.9.5)

Updates `handlebars` from 4.3.0 to 4.7.7
- [Release notes](https://github.com/handlebars-lang/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.6...v4.7.7)

Updates `async` from 2.1.5 to 2.6.4
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md)
- [Commits](caolan/async@v2.1.5...v2.6.4)

Updates `cookie` from 0.4.2 to 1.1.1
- [Release notes](https://github.com/jshttp/cookie/releases)
- [Commits](jshttp/cookie@v0.4.2...v1.1.1)

Updates `mongoose` from 5.13.20 to 6.13.6
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md)
- [Commits](Automattic/mongoose@8.3.2...8.9.5)

Updates `handlebars` from 4.3.0 to 4.7.7
- [Release notes](https://github.com/handlebars-lang/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.6...v4.7.7)

Updates `koa` from 2.5.0 to 3.0.3
- [Release notes](https://github.com/koajs/koa/releases)
- [Changelog](https://github.com/koajs/koa/blob/master/History.md)
- [Commits](koajs/koa@2.5.0...v3.0.3)

Updates `mongoose` from 5.13.20 to 6.13.6
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md)
- [Commits](Automattic/mongoose@8.3.2...8.9.5)

Updates `handlebars` from 4.3.0 to 4.7.7
- [Release notes](https://github.com/handlebars-lang/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.6...v4.7.7)

Updates `async` from 2.5.0 to 2.6.4
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md)
- [Commits](caolan/async@v2.1.5...v2.6.4)

Updates `handlebars` from 4.7.6 to 4.7.7
- [Release notes](https://github.com/handlebars-lang/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.6...v4.7.7)

Updates `cookie` from 0.4.1 to 1.1.1
- [Release notes](https://github.com/jshttp/cookie/releases)
- [Commits](jshttp/cookie@v0.4.2...v1.1.1)

Updates `@smithy/config-resolver` from 3.0.5 to 3.0.13
- [Release notes](https://github.com/smithy-lang/smithy-typescript/releases)
- [Changelog](https://github.com/smithy-lang/smithy-typescript/blob/main/packages/config-resolver/CHANGELOG.md)
- [Commits](https://github.com/smithy-lang/smithy-typescript/commits/@smithy/config-resolver@3.0.13/packages/config-resolver)

Updates `fast-xml-parser` from 4.4.1 to 5.3.6
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](NaturalIntelligence/fast-xml-parser@v4.4.1...v5.3.6)

Updates `axios` from 0.18.1 to 1.13.5
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v0.18.1...v1.13.5)

Updates `mysql2` from 2.3.3 to 3.17.4
- [Release notes](https://github.com/sidorares/node-mysql2/releases)
- [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md)
- [Commits](sidorares/node-mysql2@v3.9.7...v3.9.8)

Updates `axios` from 0.25.0 to 1.13.5
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v0.18.1...v1.13.5)

Updates `fastify` from 2.12.1 to 5.7.3
- [Release notes](https://github.com/fastify/fastify/releases)
- [Commits](fastify/fastify@v4.13.0...v5.7.3)

Updates `handlebars` from 4.7.3 to 4.7.7
- [Release notes](https://github.com/handlebars-lang/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.6...v4.7.7)

Updates `@nestjs/core` from 6.11.11 to 9.0.5
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v9.0.5/packages/core)

Updates `@nestjs/platform-fastify` from 6.11.11 to 11.1.10
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.1.10/packages/platform-fastify)

Updates `hbs` from 4.1.0 to 4.2.0
- [Changelog](https://github.com/pillarjs/hbs/blob/master/HISTORY.md)
- [Commits](pillarjs/hbs@v4.1.0...v4.2.0)

Updates `typeorm` from 0.2.29 to 0.3.26
- [Release notes](https://github.com/typeorm/typeorm/releases)
- [Changelog](https://github.com/typeorm/typeorm/blob/master/CHANGELOG.md)
- [Commits](typeorm/typeorm@0.2.29...0.3.26)

Updates `knex` from 0.15.2 to 3.1.0
- [Release notes](https://github.com/knex/knex/releases)
- [Changelog](https://github.com/knex/knex/blob/master/CHANGELOG.md)
- [Commits](knex/knex@0.15.2...3.1.0)

Updates `objection` from 1.6.11 to 3.1.5
- [Commits](Vincit/objection.js@1.6.11...3.1.5)

---
updated-dependencies:
- dependency-name: mongoose
  dependency-version: 8.9.5
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: pg-promise
  dependency-version: 11.5.5
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: mysql2
  dependency-version: 3.9.8
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: fastify
  dependency-version: 5.7.3
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: handlebars
  dependency-version: 4.7.7
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: mongoose
  dependency-version: 6.13.6
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: handlebars
  dependency-version: 4.7.7
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: async
  dependency-version: 2.6.4
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: cookie
  dependency-version: 1.1.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: mongoose
  dependency-version: 6.13.6
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: handlebars
  dependency-version: 4.7.7
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: koa
  dependency-version: 3.0.3
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: mongoose
  dependency-version: 6.13.6
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: handlebars
  dependency-version: 4.7.7
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: async
  dependency-version: 2.6.4
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: handlebars
  dependency-version: 4.7.7
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: cookie
  dependency-version: 1.1.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@smithy/config-resolver"
  dependency-version: 3.0.13
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: fast-xml-parser
  dependency-version: 5.3.6
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.13.5
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: mysql2
  dependency-version: 3.17.4
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.13.5
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: fastify
  dependency-version: 5.7.3
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: handlebars
  dependency-version: 4.7.7
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@nestjs/core"
  dependency-version: 9.0.5
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@nestjs/platform-fastify"
  dependency-version: 11.1.10
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: hbs
  dependency-version: 4.2.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: typeorm
  dependency-version: 0.3.26
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: knex
  dependency-version: 3.1.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: objection
  dependency-version: 3.1.5
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 20, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants