fix(deps): update dependency @nestjs/core to v9 [security] #442

renovate · 2025-08-13T12:05:25Z

Note

Mend has cancelled the proposed renaming of the Renovate GitHub app being renamed to mend[bot].

This notice will be removed on 2025-10-07.

This PR contains the following updates:

Package	Change	Age	Confidence
@nestjs/core (source)	`7.6.5` -> `9.0.5`

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

GitHub Vulnerability Alerts

CVE-2023-26108

Versions of the package @nestjs/core before 9.0.5 are vulnerable to Information Exposure via the StreamableFile pipe. Exploiting this vulnerability is possible when the client cancels a request while it is streaming a StreamableFile, the stream wrapped by the StreamableFile will be kept open.

Release Notes

nestjs/nest (@nestjs/core)

`v9.0.5`

Compare Source

v9.0.5 (2022-07-20)

Bug fixes

common, platform-express
- #9819 fix: use pipeline over stream.pipe (@jmcdo29)

Enhancements

microservices
- #9798 feat(microservices): add noAssert option for RMQ connection (@frankmangone)
- #9954 feat(microservices): add Kafka heartbeat callback to KafkaContext (@kosh-b)
platform-express, platform-fastify
- #9926 fix(express,fastify): raw body for urlencoded requests (@tolgap)

Dependencies

Other
- #9959 chore(deps): bump terser from 5.10.0 to 5.14.2 in /sample/30-event-emitter (@dependabot[bot])
- #9960 chore(deps): bump terser from 5.14.1 to 5.14.2 in /sample/32-graphql-federation-schema-first/users-application (@dependabot[bot])
- #9961 chore(deps): bump terser from 5.10.0 to 5.14.2 in /sample/31-graphql-federation-code-first/gateway (@dependabot[bot])
- #9962 chore(deps): bump terser from 5.10.0 to 5.14.2 in /sample/31-graphql-federation-code-first/users-application (@dependabot[bot])
- #9963 chore(deps): bump terser from 5.10.0 to 5.14.2 in /sample/32-graphql-federation-schema-first/posts-application (@dependabot[bot])
- #9964 chore(deps): bump terser from 5.10.0 to 5.14.2 in /sample/32-graphql-federation-schema-first/gateway (@dependabot[bot])
- #9965 chore(deps): bump terser from 5.10.0 to 5.14.2 in /sample/29-file-upload (@dependabot[bot])
- #9966 chore(deps): bump terser from 5.10.0 to 5.14.2 in /sample/28-sse (@dependabot[bot])
- #9967 chore(deps): bump terser from 5.10.0 to 5.14.2 in /sample/31-graphql-federation-code-first/posts-application (@dependabot[bot])
- #9951 chore(deps-dev): bump mongoose from 6.4.4 to 6.4.5 (@dependabot[bot])
- #9952 chore(deps-dev): bump concurrently from 7.2.2 to 7.3.0 (@dependabot[bot])
platform-fastify
- #9950 chore(deps): bump light-my-request from 5.1.0 to 5.2.0 (@dependabot[bot])

Committers: 4

Franco Mangone (@frankmangone)
Jay McDoniel (@jmcdo29)
Tolga Paksoy (@tolgap)
@kosh-b

v9.0.2

Bug fixes

common
- #9904 fix(common): Fix CacheModule registerAsync (@tugascript)

Enhancements

core
- #9902 refactor(core): replace our own 1-level flatten by the native one (@micalevisk)

Dependencies

#9906 chore(deps-dev): bump mongoose from 6.4.3 to 6.4.4 (@dependabot[bot])
#9908 chore(deps-dev): bump cache-manager from 4.0.1 to 4.1.0 (@dependabot[bot])
#9910 chore(deps-dev): bump @nestjs/graphql from 10.0.16 to 10.0.18 (@dependabot[bot])
#9911 chore(deps-dev): bump core-js from 3.23.3 to 3.23.4 (@dependabot[bot])

Committers: 3

Afonso Barracha (@tugascript)
Antonio T. alias Tony (@Tony133)
Micael Levi L. Cavalcante (@micalevisk)

`v9.0.1`

Compare Source

`v9.0.0`

Compare Source

v9.0.0 (2022-07-08)

Article: https://trilon.io/blog/nestjs-9-is-now-available

Migration guide: https://docs.nestjs.com/migration-guide

Features

common
- #9718 Feature/4752 file validators pipe (@thiagomini)
- #9534 feat(core): add configurable module builder, module utils (@kamilmysliwiec)
common, core
- #9684 feat(core): read–eval–print loop feature (@kamilmysliwiec)
- #9697 feat(core): add durable providers feature (@kamilmysliwiec)

Bug fixes

microservices
- #9674 fix(microservices): Fixed typings for MessageHandler (@dkonasov)
- #9587 fix(microservices): revert grpc client interceptors (grpc-specific) (@kamilmysliwiec)

Enhancements

common, core, platform-express, platform-fastify
- #8802 fix: only send exception responses if header is not already sent (@wSedlacek)
- #9591 feat(common,core): make HttpServer#applyVersionFilter mandatory (@micalevisk)
common
- #9705 feat(common): Add error chaining support to http exception (@vinnymac)
- #9383 feat(common): disallow usage of inject on class and value providers at type level (@micalevisk)
- #9023 fix: fix factory provider definition (@ZanMinKian)
- #8459 fix(common): ParseUUIDPipe - throw exceptions with exceptionFactory only (@titivuk)
microservices
- #9681 fix(microservices): allow postfixId on KafkaOptions to be an empty string (@micalevisk)
- #8798 feat(microservices): migrate redis transporter to internally use ioredis package (@kamilmysliwiec)
- #9586 feat(microservices): add kafka retriable exception, auto-unwrap payloads (@kamilmysliwiec)
core
- #9720 fix(core): prevent renaming global providers and modules in the repl (@micalevisk)
- #9596 feat(core): throw an exception instead of logging due to module import misusage (@micalevisk)
common, core, microservices
- #9604 refactor(common,core,microservices): drop all deprecated methods (@micalevisk)
core, websockets
- #9491 feat(core,websockets): use rxjs to check if values are observables (@micalevisk)

Dependencies

Other
- #9885 chore(deps-dev): bump @fastify/static from 5.0.0 to 6.4.0 (@dependabot[bot])
- #9883 chore(deps-dev): bump ioredis from 5.0.4 to 5.1.0 (@dependabot[bot])
- #9884 chore(deps-dev): bump nodemon from 2.0.18 to 2.0.19 (@dependabot[bot])
- #9886 chore(deps-dev): bump supertest from 6.2.3 to 6.2.4 (@dependabot[bot])
- #9888 chore(deps-dev): bump @types/cache-manager from 4.0.0 to 4.0.1 (@dependabot[bot])
- #9889 chore(deps): bump cli-color from 2.0.2 to 2.0.3 (@dependabot[bot])
- #9890 chore(deps-dev): bump @types/node from 18.0.0 to 18.0.3 (@dependabot[bot])
- #9882 chore(deps-dev): bump @fastify/multipart from 6.0.0 to 7.1.0 (@dependabot[bot])
- #9869 chore(deps): bump fast-json-stringify from 5.0.1 to 5.0.6 (@dependabot[bot])
- #9851 chore(deps-dev): bump kafkajs from 2.0.2 to 2.1.0 (@dependabot[bot])
- #9848 chore(deps-dev): bump graphql-tools from 8.2.13 to 8.3.0 (@dependabot[bot])
- #9837 chore(deps-dev): bump @commitlint/config-angular from 17.0.0 to 17.0.3 (@dependabot[bot])
- #9871 chore(deps-dev): bump redis from 3.1.2 to 4.2.0 (@dependabot[bot])
- #9870 chore(deps-dev): bump mongoose from 6.4.0 to 6.4.3 (@dependabot[bot])
- #9852 chore(deps-dev): bump @types/sinon from 10.0.11 to 10.0.12 (@dependabot[bot])
- #9766 chore(deps): bump middie from 6.1.0 to 7.1.0 (@dependabot[bot])
- #9876 chore(deps): bump moment from 2.29.2 to 2.29.4 in /sample/07-sequelize (@dependabot[bot])
- #9875 chore(deps): bump moment from 2.29.2 to 2.29.4 in /sample/26-queues (@dependabot[bot])
- #9877 chore(deps): bump moment from 2.29.2 to 2.29.4 in /sample/27-scheduling (@dependabot[bot])
- #9878 chore(deps): bump moment from 2.29.2 to 2.29.4 (@dependabot[bot])
- #9838 chore(deps-dev): bump core-js from 3.23.2 to 3.23.3 (@dependabot[bot])
- #9839 chore(deps-dev): bump @commitlint/cli from 17.0.2 to 17.0.3 (@dependabot[bot])
- #9841 chore(deps-dev): bump lint-staged from 13.0.2 to 13.0.3 (@dependabot[bot])
- #9830 chore(deps-dev): bump nodemon from 2.0.16 to 2.0.18 (@dependabot[bot])
- #9828 chore(deps): bump fast-json-stringify from 4.2.0 to 5.0.1 (@dependabot[bot])
- #9827 chore(deps-dev): bump graphql-tools from 8.2.12 to 8.2.13 (@dependabot[bot])
- #9815 chore(deps-dev): bump core-js from 3.23.1 to 3.23.2 (@dependabot[bot])
- #9796 chore(deps-dev): bump prettier from 2.7.0 to 2.7.1 (@dependabot[bot])
- #9807 chore(deps-dev): bump mongoose from 6.3.8 to 6.4.0 (@dependabot[bot])
- #9808 chore(deps-dev): bump typescript from 4.7.3 to 4.7.4 (@dependabot[bot])
- #9791 chore(deps-dev): bump apollo-server-core from 3.8.2 to 3.9.0 (@dependabot[bot])
- #9790 chore(deps-dev): bump @nestjs/apollo from 10.0.14 to 10.0.16 (@dependabot[bot])
- #9787 chore(deps-dev): bump apollo-server-express from 3.8.2 to 3.9.0 (@dependabot[bot])
- #9788 chore(deps-dev): bump @types/node from 17.0.43 to 18.0.0 (@dependabot[bot])
- #9792 chore(deps-dev): bump @nestjs/graphql from 10.0.15 to 10.0.16 (@dependabot[bot])
- #9794 chore(deps-dev): bump lint-staged from 13.0.1 to 13.0.2 (@dependabot[bot])
- #9779 chore(deps-dev): bump concurrently from 7.2.1 to 7.2.2 (@dependabot[bot])
- #9780 chore(deps-dev): bump @types/node from 17.0.42 to 17.0.43 (@dependabot[bot])
- #9781 chore(deps-dev): bump core-js from 3.23.0 to 3.23.1 (@dependabot[bot])
- #9782 chore(deps-dev): bump @nestjs/mongoose from 9.1.0 to 9.1.1 (@dependabot[bot])
- #9772 chore(deps-dev): bump prettier from 2.6.2 to 2.7.0 (@dependabot[bot])
- #9734 chore(deps-dev): bump ts-node from 10.8.0 to 10.8.1 (@dependabot[bot])
- #9761 chore(deps): bump fast-json-stringify from 4.1.0 to 4.2.0 (@dependabot[bot])
- #9771 chore(deps-dev): bump core-js from 3.22.8 to 3.23.0 (@dependabot[bot])
- #9773 chore(deps-dev): bump @types/cache-manager from 3.4.3 to 4.0.0 (@dependabot[bot])
- #9522 chore(deps-dev): bump mocha from 9.2.2 to 10.0.0 (@dependabot[bot])
platform-fastify
- #9853 chore(deps): bump fastify from 3.29.0 to 4.2.0 (@dependabot[bot])
microservices, testing
- #9825 chore(deps): update dependency got to 11.8.5 [security] (@renovate[bot])
platform-ws
- #9770 chore(deps): bump ws from 8.7.0 to 8.8.0 (@dependabot[bot])

Committers: 13

Dylan Lundy (@diesal11)
Kamil Mysliwiec (@kamilmysliwiec)
Kanstantsin Tatarchuk (@titivuk)
Marcin Wojciechowski (@Wojciechowski-Marcin)
Micael Levi L. Cavalcante (@micalevisk)
Thiago Valentim (@thiagomini)
Vincent Taverna (@vinnymac)
William Sedlacek (@wSedlacek)
@chunghha
@dkonasov
@yevgeniypak
曾明健 (@ZanMinKian)
정우병 (@woobottle)

`v8.4.7`

Compare Source

v8.4.7 (2022-06-14)

Enhancements

microservices
- #9719 feat(microservices): exposes base context on the main package (@delucca)
- #9751 fix(microservices): adds feedback message when RabbitMQ server connection hangs (@delucca)
common
- #9742 Improve stripProtoKeys performance, especially for TypedArray (@mjgp2)

Dependencies

#9731 chore(deps-dev): bump apollo-server-core from 3.8.1 to 3.8.2 (@dependabot[bot])
#9762 chore(deps-dev): bump lint-staged from 13.0.0 to 13.0.1 (@dependabot[bot])
#9764 chore(deps-dev): bump graphql-tools from 8.2.11 to 8.2.12 (@dependabot[bot])
#9765 chore(deps-dev): bump point-of-view from 6.2.1 to 6.3.0 (@dependabot[bot])
#9769 chore(deps-dev): bump mongoose from 6.3.5 to 6.3.8 (@dependabot[bot])
#9729 chore(deps-dev): bump cache-manager from 4.0.0 to 4.0.1 (@dependabot[bot])
#9730 chore(deps-dev): bump typescript from 4.7.2 to 4.7.3 (@dependabot[bot])
#9732 chore(deps-dev): bump apollo-server-express from 3.8.1 to 3.8.2 (@dependabot[bot])
#9735 chore(deps-dev): bump ts-morph from 15.0.0 to 15.1.0 (@dependabot[bot])
#9740 chore(deps-dev): bump @grpc/proto-loader from 0.6.12 to 0.6.13 (@dependabot[bot])
#9756 chore(deps-dev): bump @types/node from 17.0.38 to 17.0.42 (@dependabot[bot])
#9757 chore(deps): bump fast-json-stringify from 3.2.0 to 4.1.0 (@dependabot[bot])
#9711 chore(deps-dev): bump @nestjs/apollo from 10.0.13 to 10.0.14 (@dependabot[bot])
#9712 chore(deps-dev): bump lint-staged from 12.5.0 to 13.0.0 (@dependabot[bot])
#9710 chore(deps-dev): bump cache-manager from 3.6.3 to 4.0.0 (@dependabot[bot])
#9709 chore(deps-dev): bump @commitlint/cli from 17.0.1 to 17.0.2 (@dependabot[bot])
#9713 chore(deps-dev): bump core-js from 3.22.7 to 3.22.8 (@dependabot[bot])
#9723 chore(deps-dev): bump @nestjs/graphql from 10.0.13 to 10.0.15 (@dependabot[bot])
#9722 chore(deps): bump protobufjs from 6.11.2 to 6.11.3 (@dependabot[bot])
#9721 chore(deps): bump protobufjs from 6.11.2 to 6.11.3 in /sample/04-grpc (@dependabot[bot])
#9724 chore(deps-dev): bump amqplib from 0.9.1 to 0.10.0 (@dependabot[bot])
#9700 chore(deps-dev): bump kafkajs from 2.0.1 to 2.0.2 (@dependabot[bot])
#9701 chore(deps-dev): bump @types/node from 17.0.36 to 17.0.38 (@dependabot[bot])
#9702 chore(deps-dev): bump point-of-view from 5.3.0 to 6.2.1 (@dependabot[bot])
#9703 chore(deps-dev): bump lint-staged from 12.4.3 to 12.5.0 (@dependabot[bot])

Committers: 5

Antonio T. alias Tony (@Tony133)
Daniel De Lucca (@delucca)
Matthew Painter (@mjgp2)
Sushant Zope (@sushant9096)
Volodymyr Tytarenko (@bovatitar)

`v8.4.6`

Compare Source

`v8.4.5`

Compare Source

v8.4.5 (2022-05-13)

Bug fixes

core
- #9456 fix(core): scoped injection with symbol field name (@MyAeroCode)

Enhancements

common
- #9496 feat(common): improve extensibility on few built-in pipes (@micalevisk)
core
- #9506 feat(core): enhance circular dependency error message (@ntibi)

Dependencies

Other
- #9566 chore(deps-dev): bump kafkajs from 1.16.0 to 2.0.0 (@dependabot[bot])
- #9565 chore(deps-dev): bump @types/node from 17.0.23 to 17.0.33 (@dependabot[bot])
- #9562 chore(deps): bump fast-json-stringify from 3.0.3 to 3.2.0 (@dependabot[bot])
- #9559 chore(deps-dev): bump @commitlint/cli from 16.2.3 to 16.2.4 (@dependabot[bot])
- #9560 chore(deps-dev): bump supertest from 6.2.2 to 6.2.3 (@dependabot[bot])
- #9561 chore(deps-dev): bump @grpc/proto-loader from 0.6.9 to 0.6.12 (@dependabot[bot])
- #9563 chore(deps-dev): bump apollo-server-express from 3.6.7 to 3.7.0 (@dependabot[bot])
- #9551 chore(deps-dev): bump mongoose from 6.3.2 to 6.3.3 (@dependabot[bot])
- #9538 chore(deps-dev): bump engine.io-client from 6.1.1 to 6.2.2 (@dependabot[bot])
- #9533 chore(deps-dev): bump fastify-static from 4.6.1 to 4.7.0 (@dependabot[bot])
- #9535 chore(deps-dev): bump amqp-connection-manager from 4.1.2 to 4.1.3 (@dependabot[bot])
- #9537 chore(deps-dev): bump typescript from 4.6.3 to 4.6.4 (@dependabot[bot])
- #9532 chore(deps-dev): bump lint-staged from 12.3.7 to 12.4.1 (@dependabot[bot])
- #9524 chore(deps-dev): bump fastify-multipart from 5.3.1 to 5.4.0 (@dependabot[bot])
- #9530 chore(deps-dev): bump @commitlint/config-angular from 16.2.3 to 16.2.4 (@dependabot[bot])
- #9531 chore(deps-dev): bump nodemon from 2.0.15 to 2.0.16 (@dependabot[bot])
- #9523 chore(deps-dev): bump @types/mocha from 9.1.0 to 9.1.1 (@dependabot[bot])
- #9525 chore(deps-dev): bump socket.io-client from 4.4.1 to 4.5.0 (@dependabot[bot])
- #9528 chore(deps-dev): bump core-js from 3.21.1 to 3.22.4 (@dependabot[bot])
- #9512 chore(deps-dev): bump mongoose from 6.2.10 to 6.3.2 (@dependabot[bot])
- #9513 chore(deps-dev): bump clang-format from 1.6.0 to 1.8.0 (@dependabot[bot])
- #9460 chore(deps-dev): bump @types/chai from 4.3.0 to 4.3.1 (@dependabot[bot])
- #9461 chore(deps-dev): bump amqp-connection-manager from 4.1.1 to 4.1.2 (@dependabot[bot])
- #9466 chore(deps-dev): bump sinon from 13.0.1 to 13.0.2 (@dependabot[bot])
- #9478 chore(deps-dev): bump graphql-tools from 8.2.5 to 8.2.8 (@dependabot[bot])
- #9482 chore(deps-dev): bump @grpc/grpc-js from 1.6.2 to 1.6.7 (@dependabot[bot])
- #9493 chore(deps): update dependency lodash to 4.17.21 [security] (@renovate[bot])
- #9494 chore(deps): update dependency mem to 4.0.0 [security] (@renovate[bot])
- #9499 chore(deps): bump github/codeql-action from 1 to 2 (@dependabot[bot])
- #9505 chore(deps): update dependency cross-fetch to 3.1.5 [security] (@renovate[bot])
- #9453 chore(deps): bump moment from 2.29.1 to 2.29.2 in /sample/27-scheduling (@dependabot[bot])
- #9454 chore(deps): bump moment from 2.29.1 to 2.29.2 in /sample/26-queues (@dependabot[bot])
- #9447 chore(deps-dev): bump graphql-tools from 8.2.4 to 8.2.5 (@dependabot[bot])
- #9448 chore(deps-dev): bump cache-manager from 3.6.0 to 3.6.1 (@dependabot[bot])
- #9451 chore(deps): bump moment from 2.29.1 to 2.29.2 in /sample/07-sequelize (@dependabot[bot])
- #9452 chore(deps): bump moment from 2.24.0 to 2.29.2 (@dependabot[bot])
platform-fastify
- #9567 chore(deps): bump middie from 6.0.0 to 6.1.0 (@dependabot[bot])
- #9540 chore(deps): bump fastify-cors from 6.0.3 to 6.1.0 (@dependabot[bot])
- #9526 chore(deps): bump fastify from 3.28.0 to 3.29.0 (@dependabot[bot])
- #9527 chore(deps): bump light-my-request from 4.9.0 to 4.10.1 (@dependabot[bot])
platform-socket.io
- #9536 chore(deps): bump socket.io from 4.4.1 to 4.5.0 (@dependabot[bot])
platform-express
- #9549 chore(deps): bump express from 4.17.3 to 4.18.1 (@dependabot[bot])
common
- #9548 chore(deps): bump axios from 0.26.1 to 0.27.2 (@dependabot[bot])
common, core, microservices, platform-express, platform-fastify, platform-socket.io, platform-ws, testing, websockets
- #9529 chore(deps): bump tslib from 2.3.1 to 2.4.0 (@dependabot[bot])

Committers: 6

Antonio T. alias Tony (@Tony133)
Francesco Soncina (@phra)
Lutz (@MyAeroCode)
Micael Levi L. Cavalcante (@micalevisk)
Oleg "OSA413" Sokolov (@OSA413)
TIBI Nicolas (@ntibi)

`v8.4.4`

Compare Source

v8.4.4 (2022-04-07)

Bug fixes

microservices
- #9425 fix(microservices): multiple rmq client urls issue #9364 (@kamilmysliwiec)

Enhancements

common
- #9444 feat(common): change private modifer on built-in pipes to protected (@micalevisk)
- #9435 feat(common): set default StreamableFile length automatically when possible (@jonahsnider)

Dependencies

Other
- #9441 chore(deps-dev): bump eslint-plugin-import from 2.25.4 to 2.26.0 (@dependabot[bot])
- #9439 chore(deps): update dependency path-parse to 1.0.7 [security] (@renovate[bot])
- #9438 chore(deps-dev): bump mongoose from 6.2.9 to 6.2.10 (@dependabot[bot])
- #9437 chore(deps-dev): bump @grpc/grpc-js from 1.6.1 to 1.6.2 (@dependabot[bot])
- #9343 chore(deps-dev): bump @commitlint/cli from 16.2.1 to 16.2.3 (@dependabot[bot])
- #9418 chore(deps-dev): bump apollo-server-core from 3.6.6 to 3.6.7 (@dependabot[bot])
- #9423 chore(deps-dev): bump graphql-tools from 8.2.3 to 8.2.4 (@dependabot[bot])
- #9432 chore(deps-dev): bump concurrently from 7.0.0 to 7.1.0 (@dependabot[bot])
- #9433 chore(deps-dev): bump prettier from 2.6.1 to 2.6.2 (@dependabot[bot])
- #9434 chore(deps-dev): bump @grpc/grpc-js from 1.5.10 to 1.6.1 (@dependabot[bot])
- #9409 chore(deps-dev): bump point-of-view from 5.1.0 to 5.2.0 (@dependabot[bot])
- #9410 chore(deps-dev): bump mongoose from 6.2.8 to 6.2.9 (@dependabot[bot])
- #9411 chore(deps-dev): bump typescript from 4.6.2 to 4.6.3 (@dependabot[bot])
- #9419 chore(deps): bump cli-color from 2.0.1 to 2.0.2 (@dependabot[bot])
- #9408 chore(deps-dev): bump @types/node from 17.0.21 to 17.0.23 (@dependabot[bot])
- #9404 chore(deps): bump ansi-regex from 5.0.0 to 5.0.1 in /sample/31-graphql-federation-code-first/gateway (@dependabot[bot])
- #9398 chore(deps): bump ansi-regex from 5.0.0 to 5.0.1 in /sample/25-dynamic-modules (@dependabot[bot])
- #9407 chore(deps-dev): bump @grpc/grpc-js from 1.5.9 to 1.5.10 (@dependabot[bot])
- #9412 chore(deps): update dependency ansi-regex [security] (@renovate[bot])
- #9415 chore(deps-dev): bump apollo-server-express from 3.6.6 to 3.6.7 (@dependabot[bot])
- #9360 chore(deps-dev): bump graphql from 15.7.2 to 15.8.0 (@dependabot[bot])
- #9378 chore(deps-dev): bump lint-staged from 12.3.5 to 12.3.7 (@dependabot[bot])
- #9379 chore(deps-dev): bump apollo-server-core from 3.6.4 to 3.6.6 (@dependabot[bot])
- #9380 chore(deps-dev): bump prettier from 2.6.0 to 2.6.1 (@dependabot[bot])
- #9382 chore(deps-dev): bump @types/supertest from 2.0.11 to 2.0.12 (@dependabot[bot])
platform-fastify
- #9442 chore(deps): bump fastify from 3.27.4 to 3.28.0 (@dependabot[bot])
- #9381 chore(deps): bump light-my-request from 4.8.0 to 4.9.0 (@dependabot[bot])
platform-express
- #9431 chore(deps): bump body-parser from 1.19.2 to 1.20.0 (@dependabot[bot])

Committers: 5

Jonah Snider (@jonahsnider)
Kamil Mysliwiec (@kamilmysliwiec)
Marcin (@cichy380)
Micael Levi L. Cavalcante (@micalevisk)
Wias Liaw (@wiasliaw)

`v8.4.3`

Compare Source

`v8.4.2`

Compare Source

`v8.4.1`

Compare Source

v8.4.1 (2022-03-14)

Bug fixes

core
- #9332 fix(core): apply global middleware to routes excluded from prefix (@kamilmysliwiec)
- #9322 fix(core): use context module for nested transient providers (@kamilmysliwiec)
microservices
- #9290 fix(microservices): fix event pattern behavior (@radekmikeska)
- #9303 fix(microservices): tcp client parallel connections issue (@kamilmysliwiec)

Enhancements

common
- #9278 feat(common): do not use colors in CLI if not supported (@jonahsnider)
- #9316 feat: allow custom log msg formatters (@stanimirovv)

Dependencies

Other
- #9331 chore(deps): update dependency ts-loader to v9.2.8 (@renovate[bot])
- #9326 chore(deps-dev): bump mongoose from 6.2.5 to 6.2.6 (@dependabot[bot])
- #9327 chore(deps-dev): bump @types/ws from 8.5.2 to 8.5.3 (@dependabot[bot])
- #9320 chore(deps-dev): bump apollo-server-core from 3.6.3 to 3.6.4 (@dependabot[bot])
- #9323 chore(deps): update dependency @types/node to v16.11.26 (@renovate[bot])
- #9324 chore(deps): update dependency mocha to v9.2.2 (@renovate[bot])
- #9325 chore(deps): update dependency mysql to v8.0.28 (@renovate[bot])
- #9328 chore(deps-dev): bump mocha from 9.2.1 to 9.2.2 (@dependabot[bot])
- #9321 chore(deps-dev): bump apollo-server-express from 3.6.3 to 3.6.4 (@dependabot[bot])
- #9318 chore(deps-dev): bump mongoose from 6.2.4 to 6.2.5 (@dependabot[bot])
- #9307 chore(deps): bump rxjs from 7.5.4 to 7.5.5 (@dependabot[bot])
- #9304 chore(deps): update dependency @nestjs/schematics to v8.0.8 (@renovate[bot])
- #9300 chore(deps-dev): bump ts-node from 10.6.0 to 10.7.0 (@dependabot[bot])
- #9292 chore(deps-dev): bump ts-morph from 13.0.3 to 14.0.0 (@dependabot[bot])
- #9301 chore(deps-dev): bump typeorm from 0.2.44 to 0.2.45 (@dependabot[bot])
- #9302 chore(deps-dev): bump lint-staged from 12.3.4 to 12.3.5 (@dependabot[bot])
- #9273 chore(deps-dev): bump typescript from 4.3.5 to 4.6.2 (@dependabot[bot])
- #9285 chore(deps-dev): bump @nestjs/apollo from 10.0.5 to 10.0.6 (@dependabot[bot])
- #9287 chore(deps-dev): bump eventsource from 1.1.0 to 2.0.0 (@dependabot[bot])
- #9284 chore(deps-dev): bump eslint-config-prettier from 8.4.0 to 8.5.0 (@dependabot[bot])
- #9286 chore(deps-dev): bump @nestjs/graphql from 10.0.5 to 10.0.6 (@dependabot[bot])
- #9280 chore(deps-dev): bump ts-node from 10.5.0 to 10.6.0 (@dependabot[bot])
- #9279 chore(deps-dev): bump @types/ws from 8.5.1 to 8.5.2 (@dependabot[bot])
common
- #9317 chore(deps): bump axios from 0.26.0 to 0.26.1 (@dependabot[bot])
platform-fastify
- #9319 chore(deps): bump fastify from 3.27.3 to 3.27.4 (@dependabot[bot])
- #9305 chore(deps): bump fastify from 3.27.2 to 3.27.3 (@dependabot[bot])

Committers: 6

Jonah Snider (@jonahsnider)
Kamil Mysliwiec (@kamilmysliwiec)
Mario Rodrigo (@capitantrueno)
Radek Mikeska (@radekmikeska)
Zlatin Stanimirov (@stanimirovv)
曾明健 (@ZanMinKian)

`v8.4.0`

Compare Source

v8.4.0 (2022-03-01)

Features

common, core
- #9227 feat(core): support optional dependencies in factory providers (@kamilmysliwiec)

Bug fixes

microservices
- #9277 fix(microservices): remove options object from packets (rmq and mqtt) (@kamilmysliwiec)
core
- #9271 fix(

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

fix(deps): update dependency @nestjs/core to v9 [security]

9eb326f

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

fix(deps): update dependency @nestjs/core to v9 [security] #442

fix(deps): update dependency @nestjs/core to v9 [security] #442

Uh oh!

renovate bot commented Aug 13, 2025 •

edited

Loading

Uh oh!

Uh oh!

Uh oh!

fix(deps): update dependency @nestjs/core to v9 [security] #442

Are you sure you want to change the base?

fix(deps): update dependency @nestjs/core to v9 [security] #442

Uh oh!

Conversation

renovate bot commented Aug 13, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

GitHub Vulnerability Alerts

Release Notes

v9.0.5 (2022-07-20)

Bug fixes

Enhancements

Dependencies

Committers: 4

v9.0.2

Bug fixes

Enhancements

Dependencies

Committers: 3

v9.0.0 (2022-07-08)

Article: https://trilon.io/blog/nestjs-9-is-now-available

Migration guide: https://docs.nestjs.com/migration-guide

Features

Bug fixes

Enhancements

Dependencies

Committers: 13

v8.4.7 (2022-06-14)

Enhancements

Dependencies

Committers: 5

v8.4.5 (2022-05-13)

Bug fixes

Enhancements

Dependencies

Committers: 6

v8.4.4 (2022-04-07)

Bug fixes

Enhancements

Dependencies

Committers: 5

v8.4.1 (2022-03-14)

Bug fixes

Enhancements

Dependencies

Committers: 6

v8.4.0 (2022-03-01)

Features

Bug fixes

Configuration

Uh oh!

Uh oh!

renovate bot commented Aug 13, 2025 •

edited

Loading