Bump the npm_and_yarn group across 4 directories with 15 updates by dependabot[bot] · Pull Request #9 · chittyos/chittyscore

dependabot · 2026-03-14T07:52:13Z

Bumps the npm_and_yarn group with 12 updates in the /chittypm/chittychain directory:

Package	From	To
axios	`1.10.0`	`1.13.5`
js-yaml	`4.1.0`	`4.1.1`
multer	`2.0.1`	`2.1.1`
vite	`5.4.19`	`8.0.0`
@smithy/config-resolver	`4.1.4`	`4.4.11`
fast-xml-parser	`4.4.1`	`5.4.1`
glob	`10.4.5`	`10.5.0`
minimatch	`3.1.2`	`3.1.5`
minimatch	`9.0.5`	`9.0.9`
jws	`3.2.2`	`3.2.3`
lodash	`4.17.21`	`4.17.23`
on-headers	`1.0.2`	`1.1.0`
qs	`6.13.0`	`6.14.2`

Bumps the npm_and_yarn group with 8 updates in the /chittypm directory:

Package	From	To
vite	`5.4.19`	`8.0.0`
brace-expansion	`2.0.1`	`2.0.2`
glob	`10.4.5`	`10.5.0`
minimatch	`9.0.5`	`9.0.9`
lodash	`4.17.21`	`4.17.23`
on-headers	`1.0.2`	`1.1.0`
qs	`6.13.0`	`6.14.2`
@anthropic-ai/claude-code	`1.0.83`	`2.1.7`

Bumps the npm_and_yarn group with 7 updates in the /chittypm/chittyintel directory:

Package	From	To
vite	`5.4.19`	`8.0.0`
brace-expansion	`2.0.1`	`2.0.2`
glob	`10.4.5`	`10.5.0`
minimatch	`9.0.5`	`9.0.9`
lodash	`4.17.21`	`4.17.23`
on-headers	`1.0.2`	`1.1.0`
qs	`6.13.0`	`6.14.2`

Bumps the npm_and_yarn group with 8 updates in the /chittypm/chittyid directory:

Package	From	To
vite	`5.4.19`	`8.0.0`
brace-expansion	`2.0.1`	`2.0.2`
glob	`10.4.5`	`10.5.0`
minimatch	`9.0.5`	`9.0.9`
lodash	`4.17.21`	`4.17.23`
on-headers	`1.0.2`	`1.1.0`
qs	`6.13.0`	`6.14.2`
@anthropic-ai/claude-code	`1.0.83`	`2.1.7`

Updates axios from 1.10.0 to 1.13.5

Release notes

Sourced from axios's releases.

v1.13.5

Release 1.13.5

Highlights

Security: Fixed a potential Denial of Service issue involving the __proto__ key in mergeConfig. (PR #7369)

Bug fix: Resolved an issue where AxiosError could be missing the status field on and after v1.13.3. (PR #7368)

Changes

Security

Fix Denial of Service via __proto__ key in mergeConfig. (PR #7369)

Fixes

Fix/5657. (PR #7313)

Ensure status is present in AxiosError on and after v1.13.3. (PR #7368)

Features / Improvements

Add input validation to isAbsoluteURL. (PR #7326)

Refactor: bump minor package versions. (PR #7356)

Documentation

Clarify object-check comment. (PR #7323)

Fix deprecated Buffer constructor usage and README formatting. (PR #7371)

CI / Maintenance

Chore: fix issues with YAML. (PR #7355)

CI: update workflow YAMLs. (PR #7372)

CI: fix run condition. (PR #7373)

Dev deps: bump karma-sourcemap-loader from 0.3.8 to 0.4.0. (PR #7360)

Chore(release): prepare release 1.13.5. (PR #7379)

New Contributors

@sachin11063 (first contribution — PR #7323)

@asmitha-16 (first contribution — PR #7326)

Full Changelog: axios/axios@v1.13.4...v1.13.5

v1.13.4

Overview

The release addresses issues discovered in v1.13.3 and includes significant CI/CD improvements.

Full Changelog: v1.13.3...v1.13.4

What's New in v1.13.4

Bug Fixes

fix: issues with version 1.13.3 (#7352) (ee90dfc)

Fixed issues discovered in v1.13.3 release

... (truncated)

Changelog

Sourced from axios's changelog.

Changelog

1.13.3 (2026-01-20)

Bug Fixes

http2: Use port 443 for HTTPS connections by default. (#7256) (d7e6065)

interceptor: handle the error in the same interceptor (#6269) (5945e40)

main field in package.json should correspond to cjs artifacts (#5756) (7373fbf)

package.json: add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (#5754) (b89217e)

silentJSONParsing=false should throw on invalid JSON (#7253) (#7257) (7d19335)

turn AxiosError into a native error (#5394) (#5558) (1c6a86d)

types: add handlers to AxiosInterceptorManager interface (#5551) (8d1271b)

types: restore AxiosError.cause type from unknown to Error (#7327) (d8233d9)

unclear error message is thrown when specifying an empty proxy authorization (#6314) (6ef867e)

Features

add undefined as a value in AxiosRequestConfig (#5560) (095033c)

add automatic minor and patch upgrades to dependabot (#6053) (65a7584)

add Node.js coverage script using c8 (closes #7289) (#7294) (ec9d94e)

added copilot instructions (3f83143)

compatibility with frozen prototypes (#6265) (860e033)

enhance pipeFileToResponse with error handling (#7169) (88d7884)

types: Intellisense for string literals in a widened union (#6134) (f73474d), closes microsoft/TypeScript#33471

Reverts

Revert "fix: silentJSONParsing=false should throw on invalid JSON (#7253) (#7…" (#7298) (a4230f5), closes #7253 #7 #7298

deps: bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (#7334) (2d6ad5e)

Contributors to this release

Ashvin Tiwari

Nikunj Mochi

Anchal Singh

jasonsaayman

Julian Dax

Akash Dhar Dubey

Madhumita

Tackoil

Justin Dhillon

Rudransh

WuMingDao

codenomnom

Nandan Acharya

Eric Dubé

Tibor Pilz

Gabriel Quaresma

Turadg Aleahmad

... (truncated)

Commits

29f7542 chore(release): prepare release 1.13.5 (#7379)
431c3a3 ci: fix run condition (#7373)
9ff3a78 ci: update ymls (#7372)
265b712 docs: fix deprecated Buffer constructor and formatting issues in README (#7371)
475e75a feat: add input validation to isAbsoluteURL (#7326)
28c7215 fix: Denial of Service via proto Key in mergeConfig (#7369)
04cf019 docs: clarify object check comment (#7323)
696fa75 fix: status is missing in AxiosError on and after v1.13.3 (#7368)
569f028 fix: added a option to choose between legacy and the new request/response int...
44b7c9f chore(deps-dev): bump karma-sourcemap-loader (#7360)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for axios since your current version.

Updates js-yaml from 4.1.0 to 4.1.1

Changelog

Sourced from js-yaml's changelog.

[4.1.1] - 2025-11-12

Security

Fix prototype pollution issue in yaml merge (<<) operator.

Commits

cc482e7 4.1.1 released
50968b8 dist rebuild
d092d86 lint fix
383665f fix prototype pollution in merge (<<)
0d3ca7a README.md: HTTP => HTTPS (#678)
49baadd doc: 'empty' style option for !!null
ba3460e Fix demo link (#618)
See full diff in compare view

Updates multer from 2.0.1 to 2.1.1

Release notes

Sourced from multer's releases.

v2.1.1

Important

Fix CVE-2026-3520 (GHSA-5528-5vmv-3xc2)

What's Changed

chore: add node version to 25.x in CI by @imangas in expressjs/multer#1372

chore(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.3 by @dependabot[bot] in expressjs/multer#1378

chore(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 by @dependabot[bot] in expressjs/multer#1377

chore(deps): bump github/codeql-action from 3.24.7 to 4.32.4 by @dependabot[bot] in expressjs/multer#1376

chore(deps): bump actions/upload-artifact from 4.5.0 to 7.0.0 by @dependabot[bot] in expressjs/multer#1375

chore(deps): bump actions/checkout from 4.1.1 to 6.0.2 by @dependabot[bot] in expressjs/multer#1374

fix error/abort handling by @ctcpip in expressjs/multer#1373

2.1.1 by @UlisesGascon in expressjs/multer#1380

New Contributors

@imangas made their first contribution in expressjs/multer#1372

@dependabot[bot] made their first contribution in expressjs/multer#1378

Full Changelog: expressjs/multer@v2.1.0...v2.1.1

v2.1.0

Important

Fix CVE-2026-2359 (GHSA-v52c-386h-88mc)

Fix CVE-2026-3304 (GHSA-xf7r-hgr6-v32p)

What's Changed

chore: add funding to package.json by @bjohansebas in expressjs/multer#1346

chore: drop mkdirp dependency by @wojtekmaj in expressjs/multer#1350

chore: drop object-assign dependency by @wojtekmaj in expressjs/multer#1351

chore: drop xtend dependency by @wojtekmaj in expressjs/multer#1352

chore(gitignore): ignore .nyc_output directory by @ShubhamOulkar in expressjs/multer#1332

Fix typo in README-vi.md regarding file upload by @Kunniii in expressjs/multer#1366

Fix typo in README-pt-br.md for array method by @matheushbm192 in expressjs/multer#1367

headers-support-utf8 by @Doc999tor in expressjs/multer#1210

Add Turkish translation (README-tr.md) by @Sabandogan in expressjs/multer#1360

Release: 2.1.0 by @UlisesGascon in expressjs/multer#1371

New Contributors

@wojtekmaj made their first contribution in expressjs/multer#1350

@ShubhamOulkar made their first contribution in expressjs/multer#1332

@Kunniii made their first contribution in expressjs/multer#1366

@matheushbm192 made their first contribution in expressjs/multer#1367

@Doc999tor made their first contribution in expressjs/multer#1210

@Sabandogan made their first contribution in expressjs/multer#1360

Full Changelog: expressjs/multer@v2.0.2...v2.1.0

... (truncated)

Changelog

Sourced from multer's changelog.

2.1.1

Fix CVE-2026-3520 (GHSA-5528-5vmv-3xc2)

fix error/abort handling

2.1.0

Add defParamCharset option for UTF-8 filename support (#1210)

Fix CVE-2026-2359 (GHSA-v52c-386h-88mc)

Fix CVE-2026-3304 (GHSA-xf7r-hgr6-v32p)

2.0.2

Fix CVE-2025-7338 (GHSA-fjgf-rc76-4x9p)

Commits

368c8a1 2.1.1 (#1380)
7e66481 🐛 fix recursion issue
643571e ✅ add explicit test for client able to send body without abrupt disconnect
e86fa52 fix error/abort handling
ca37779 chore(deps): bump actions/checkout from 4.1.1 to 6.0.2 (#1374)
13088f4 chore(deps): bump actions/upload-artifact from 4.5.0 to 7.0.0 (#1375)
bc6a1d1 chore(deps): bump github/codeql-action from 3.24.7 to 4.32.4 (#1376)
c496e93 chore(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 (#1377)
fa173d3 chore(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.3 (#1378)
17d7f51 chore: add node version to 25.x in CI
Additional commits viewable in compare view

Updates vite from 5.4.19 to 8.0.0

Release notes

Sourced from vite's releases.

create-vite@8.0.0

Please refer to CHANGELOG.md for details.

plugin-legacy@8.0.0

Please refer to CHANGELOG.md for details.

v8.0.0

Please refer to CHANGELOG.md for details.

v8.0.0-beta.18

Please refer to CHANGELOG.md for details.

v8.0.0-beta.17

Please refer to CHANGELOG.md for details.

v8.0.0-beta.16

Please refer to CHANGELOG.md for details.

v8.0.0-beta.15

Please refer to CHANGELOG.md for details.

v8.0.0-beta.14

Please refer to CHANGELOG.md for details.

v8.0.0-beta.13

Please refer to CHANGELOG.md for details.

v8.0.0-beta.12

Please refer to CHANGELOG.md for details.

v8.0.0-beta.11

Please refer to CHANGELOG.md for details.

v8.0.0-beta.10

Please refer to CHANGELOG.md for details.

v8.0.0-beta.9

Please refer to CHANGELOG.md for details.

v8.0.0-beta.8

Please refer to CHANGELOG.md for details.

v8.0.0-beta.7

Please refer to CHANGELOG.md for details.

v8.0.0-beta.6

Please refer to CHANGELOG.md for details.

v8.0.0-beta.5

Please refer to CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from vite's changelog.

8.0.0 (2026-03-12)

Today, we're thrilled to announce the release of the next Vite major:

Vite 8.0 announcement blog post

Docs (translations: 简体中文, 日本語, Español, Português, 한국어, Deutsch, فارسی)

Migration Guide

⚠ BREAKING CHANGES

remove import.meta.hot.accept resolution fallback (#21382)

update default browser target (#21193)

the epic rolldown-vite merge (#21189)

Features

update rolldown to 1.0.0-rc.9 (#21813) (f05be0e)

warn when vite-tsconfig-paths plugin is detected (#21781) (ada493e)

css: support es2025 build target for lightningcss (#21769) (08906e7)

forward browser console logs and errors to dev server terminal (#20916) (2540ed0)

update rolldown to 1.0.0-rc.8 (#21790) (a0c950e)

export Visitor and ESTree from rolldown/utils (#21664) (45de31e)

update rolldown to 1.0.0-rc.6 (#21714) (37a65f8)

use util.inspect for CLI error display (#21668) (5f425a9)

update rolldown to 1.0.0-rc.5 (#21660) (b3ddbc5)

update rolldown to 1.0.0-rc.4 (#21617) (1ee5c7f)

wasm: add SSR support for .wasm?init (#21102) (216a3b5)

integrate devtools (#21331) (acbf507)

update rolldown to 1.0.0-rc.3 (#21554) (43358e9)

manifest: add assets field for standalone CSS entry points (#21015) (f289b9b)

update rolldown to 1.0.0-rc.2 (#21512) (fa136a9)

bundled-dev: support worker in initial bundle (#21415) (f3d3149)

dev: detect port conflicts on wildcard hosts (#21381) (b0dd5a9)

shortcuts case insensitive (#21224) (7796ade)

update rolldown to 1.0.0-rc.1 (#21463) (ff9dd7f)

warn if envPrefix contains spaces (#21292) (9fcde3c)

update rolldown to 1.0.0-beta.60 (#21408) (c33aa7c)

update rolldown to 1.0.0-beta.59 (#21374) (0037943)

add ignoreOutdatedRequests option to optimizeDeps (#21364) (b2e75aa)

add ios to default esbuild targets (#21342) (daae6e9)

update rolldown to 1.0.0-beta.58 (#21354) (ba40cef)

update rolldown to 1.0.0-beta.57 (#21335) (d5412ef)

css: support es2024 build target for lightningcss (#21294) (bd33b8e)

update rolldown to 1.0.0-beta.56 (#21323) (9847a63)

introduce v2 native plugins and enable it by default (#21268) (42f2ab3)

ssr: avoid errors when rewriting already rewritten stacktrace (#21269) (98d9a33)

update rolldown to 1.0.0-beta.55 (#21300) (2c8db85)

update rolldown to 1.0.0-beta.54 (#21267) (c751172)

... (truncated)

Commits

ea68a88 chore(deps): update rolldown-related dependencies (#20810)
693d255 release: v7.1.7
98a3484 fix(hmr): wait for import.meta.hot.prune callbacks to complete before runni...
9f32b1d fix(hmr): trigger prune event when import is removed from non hmr module (#20...
9f2247c fix(deps): update all non-major dependencies (#20811)
105abe8 fix(glob): handle glob imports from folders starting with dot (#20800)
4c4583c fix(build): fix ssr environment emitAssets: true when `sharedConfigBuild: t...
9bc9d12 fix(client): use CSP nonce when rendering error overlay (#20791)
54377f7 release: v7.1.6
88af2ae fix(deps): update all non-major dependencies (#20773)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for vite since your current version.

Updates vite from 5.4.19 to 8.0.0

Release notes

Sourced from vite's releases.

create-vite@8.0.0

Please refer to CHANGELOG.md for details.

plugin-legacy@8.0.0

Please refer to CHANGELOG.md for details.

v8.0.0

Please refer to CHANGELOG.md for details.

v8.0.0-beta.18

Please refer to CHANGELOG.md for details.

v8.0.0-beta.17

Please refer to CHANGELOG.md for details.

v8.0.0-beta.16

Please refer to CHANGELOG.md for details.

v8.0.0-beta.15

Please refer to CHANGELOG.md for details.

v8.0.0-beta.14

Please refer to CHANGELOG.md for details.

v8.0.0-beta.13

Please refer to CHANGELOG.md for details.

v8.0.0-beta.12

Please refer to CHANGELOG.md for details.

v8.0.0-beta.11

Please refer to CHANGELOG.md for details.

v8.0.0-beta.10

Please refer to CHANGELOG.md for details.

v8.0.0-beta.9

Please refer to CHANGELOG.md for details.

v8.0.0-beta.8

Please refer to CHANGELOG.md for details.

v8.0.0-beta.7

Please refer to CHANGELOG.md for details.

v8.0.0-beta.6

Please refer to CHANGELOG.md for details.

v8.0.0-beta.5

Please refer to CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from vite's changelog.

8.0.0 (2026-03-12)

Today, we're thrilled to announce the release of the next Vite major:

Vite 8.0 announcement blog post

Docs (translations: 简体中文, 日本語, Español, Português, 한국어, Deutsch, فارسی)

Migration Guide

⚠ BREAKING CHANGES

remove import.meta.hot.accept resolution fallback (#21382)

update default browser target (#21193)

the epic rolldown-vite merge (#21189)

Features

update rolldown to 1.0.0-rc.9 (#21813) (f05be0e)

warn when vite-tsconfig-paths plugin is detected (#21781) (ada493e)

css: support es2025 build target for lightningcss (#21769) (08906e7)

forward browser console logs and errors to dev server terminal (#20916) (2540ed0)

update rolldown to 1.0.0-rc.8 (#21790) (a0c950e)

export Visitor and ESTree from rolldown/utils (#21664) (45de31e)

update rolldown to 1.0.0-rc.6 (#21714) (37a65f8)

use util.inspect for CLI error display (#21668) (5f425a9)

update rolldown to 1.0.0-rc.5 (#21660) (b3ddbc5)

update rolldown to 1.0.0-rc.4 (#21617) (1ee5c7f)

wasm: add SSR support for .wasm?init (#21102) (216a3b5)

integrate devtools (#21331) (acbf507)

update rolldown to 1.0.0-rc.3 (#21554) (43358e9)

manifest: add assets field for standalone CSS entry points (#21015) (f289b9b)

update rolldown to 1.0.0-rc.2 (#21512) (fa136a9)

bundled-dev: support worker in initial bundle (#21415) (f3d3149)

dev: detect port conflicts on wildcard hosts (#21381) (b0dd5a9)

shortcuts case insensitive (#21224) (7796ade)

update rolldown to 1.0.0-rc.1 (#21463) (ff9dd7f)

warn if envPrefix contains spaces (#21292) (9fcde3c)

update rolldown to 1.0.0-beta.60 (#21408) (c33aa7c)

update rolldown to 1.0.0-beta.59 (#21374) (0037943)

add ignoreOutdatedRequests option to optimizeDeps (#21364) (b2e75aa)

add ios to default esbuild targets (#21342) (daae6e9)

update rolldown to 1.0.0-beta.58 (#21354) (ba40cef)

update rolldown to 1.0.0-beta.57 (#21335) (d5412ef)

css: support es2024 build target for lightningcss (#21294) (bd33b8e)

update rolldown to 1.0.0-beta.56 (#21323) (9847a63)

introduce v2 native plugins and enable it by default (#21268) (42f2ab3)

ssr: avoid errors when rewriting already rewritten stacktrace (#21269) (98d9a33)

update rolldown to 1.0.0-beta.55 (#21300) (2c8db85)

update rolldown to 1.0.0-beta.54 (#21267) (c751172)

... (truncated)

Commits

ea68a88 chore(deps): update rolldown-related dependencies (#20810)
693d255 release: v7.1.7
98a3484 fix(hmr): wait for import.meta.hot.prune callbacks to complete before runni...
9f32b1d fix(hmr): trigger prune event when import is removed from non hmr module (#20...
9f2247c fix(deps): update all non-major dependencies (#20811)
105abe8 fix(glob): handle glob imports from folders starting with dot (#20800)
4c4583c fix(build): fix ssr environment emitAssets: true when `sharedConfigBuild: t...
9bc9d12 fix(client): use CSP nonce when rendering error overlay (#20791)
54377f7 release: v7.1.6
88af2ae fix(deps): update all non-major dependencies (#20773)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for vite since your current version.

Updates @smithy/config-resolver from 4.1.4 to 4.4.11

Release notes

Sourced from @smithy/config-resolver's releases.

@smithy/config-resolver@4.4.11

Patch Changes

Updated dependencies [5340b11]

@smithy/types@4.13.1

@smithy/node-config-provider@4.3.12

@smithy/util-endpoints@3.3.3

@smithy/util-middleware@4.2.12

Changelog

Sourced from @smithy/config-resolver's changelog.

4.4.11

Patch Changes

Updated dependencies [5340b11]

@smithy/types@4.13.1

@smithy/node-config-provider@4.3.12

@smithy/util-endpoints@3.3.3

@smithy/util-middleware@4.2.12

4.4.10

Patch Changes

a4d95e6: Set downlevel types to be used in typescript@'<4.5'

Updated dependencies [a4d95e6]

@smithy/node-config-provider@4.3.11

@smithy/util-config-provider@4.2.2

@smithy/util-middleware@4.2.11

@smithy/util-endpoints@3.3.2

4.4.9

Patch Changes

Updated dependencies [d0954cc]

@smithy/types@4.13.0

@smithy/node-config-provider@4.3.10

@smithy/util-endpoints@3.3.1

@smithy/util-middleware@4.2.10

4.4.8

Patch Changes

Updated dependencies [2bf677c]

@smithy/util-endpoints@3.3.0

4.4.7

Patch Changes

03c3dc8: update for rollup build externalLiveBindings=false

Updated dependencies [03c3dc8]

@smithy/node-config-provider@4.3.9

@smithy/types@4.12.1

@smithy/util-config-provider@4.2.1

@smithy/util-endpoints@3.2.9

@smithy/util-middleware@4.2.9

... (truncated)

Commits

0bdca15 Version NPM packages
5eab7ea Version NPM packages
a4d95e6 fix: set downlevel types to be used in typescript@'<4.5' (#1906)

Bumps the npm_and_yarn group with 12 updates in the /chittypm/chittychain directory: | Package | From | To | | --- | --- | --- | | [axios](https://github.com/axios/axios) | `1.10.0` | `1.13.5` | | [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` | | [multer](https://github.com/expressjs/multer) | `2.0.1` | `2.1.1` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.4.19` | `8.0.0` | | [@smithy/config-resolver](https://github.com/smithy-lang/smithy-typescript/tree/HEAD/packages/config-resolver) | `4.1.4` | `4.4.11` | | [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.4.1` | `5.4.1` | | [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `10.5.0` | | [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` | | [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` | | [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` | | [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` | | [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` | | [qs](https://github.com/ljharb/qs) | `6.13.0` | `6.14.2` | Bumps the npm_and_yarn group with 8 updates in the /chittypm directory: | Package | From | To | | --- | --- | --- | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.4.19` | `8.0.0` | | [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.0.2` | | [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `10.5.0` | | [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` | | [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` | | [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` | | [qs](https://github.com/ljharb/qs) | `6.13.0` | `6.14.2` | | [@anthropic-ai/claude-code](https://github.com/anthropics/claude-code) | `1.0.83` | `2.1.7` | Bumps the npm_and_yarn group with 7 updates in the /chittypm/chittyintel directory: | Package | From | To | | --- | --- | --- | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.4.19` | `8.0.0` | | [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.0.2` | | [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `10.5.0` | | [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` | | [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` | | [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` | | [qs](https://github.com/ljharb/qs) | `6.13.0` | `6.14.2` | Bumps the npm_and_yarn group with 8 updates in the /chittypm/chittyid directory: | Package | From | To | | --- | --- | --- | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.4.19` | `8.0.0` | | [brace-expansion](https://github.com/juliangruber/brace-expansion) | `2.0.1` | `2.0.2` | | [glob](https://github.com/isaacs/node-glob) | `10.4.5` | `10.5.0` | | [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` | | [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.17.23` | | [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` | | [qs](https://github.com/ljharb/qs) | `6.13.0` | `6.14.2` | | [@anthropic-ai/claude-code](https://github.com/anthropics/claude-code) | `1.0.83` | `2.1.7` | Updates `axios` from 1.10.0 to 1.13.5 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.10.0...v1.13.5) Updates `js-yaml` from 4.1.0 to 4.1.1 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@4.1.0...4.1.1) Updates `multer` from 2.0.1 to 2.1.1 - [Release notes](https://github.com/expressjs/multer/releases) - [Changelog](https://github.com/expressjs/multer/blob/main/CHANGELOG.md) - [Commits](expressjs/multer@v2.0.1...v2.1.1) Updates `vite` from 5.4.19 to 8.0.0 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/create-vite@8.0.0/packages/vite) Updates `vite` from 5.4.19 to 8.0.0 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/create-vite@8.0.0/packages/vite) Updates `@smithy/config-resolver` from 4.1.4 to 4.4.11 - [Release notes](https://github.com/smithy-lang/smithy-typescript/releases) - [Changelog](https://github.com/smithy-lang/smithy-typescript/blob/main/packages/config-resolver/CHANGELOG.md) - [Commits](https://github.com/smithy-lang/smithy-typescript/commits/@smithy/config-resolver@4.4.11/packages/config-resolver) Updates `fast-xml-parser` from 4.4.1 to 5.4.1 - [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases) - [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md) - [Commits](NaturalIntelligence/fast-xml-parser@v4.4.1...v5.4.1) Updates `form-data` from 4.0.3 to 4.0.5 - [Release notes](https://github.com/form-data/form-data/releases) - [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md) - [Commits](form-data/form-data@v4.0.3...v4.0.5) Updates `glob` from 10.4.5 to 10.5.0 - [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md) - [Commits](isaacs/node-glob@v10.4.5...v10.5.0) Updates `minimatch` from 3.1.2 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) Updates `minimatch` from 9.0.5 to 9.0.9 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) Updates `jws` from 3.2.2 to 3.2.3 - [Release notes](https://github.com/brianloveswords/node-jws/releases) - [Changelog](https://github.com/auth0/node-jws/blob/master/CHANGELOG.md) - [Commits](auth0/node-jws@v3.2.2...v3.2.3) Updates `lodash` from 4.17.21 to 4.17.23 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) Updates `on-headers` from 1.0.2 to 1.1.0 - [Release notes](https://github.com/jshttp/on-headers/releases) - [Changelog](https://github.com/jshttp/on-headers/blob/master/HISTORY.md) - [Commits](jshttp/on-headers@v1.0.2...v1.1.0) Updates `qs` from 6.13.0 to 6.14.2 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.13.0...v6.14.2) Updates `vite` from 5.4.19 to 8.0.0 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/create-vite@8.0.0/packages/vite) Updates `vite` from 5.4.19 to 8.0.0 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/create-vite@8.0.0/packages/vite) Updates `brace-expansion` from 2.0.1 to 2.0.2 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@v2.0.1...v2.0.2) Updates `glob` from 10.4.5 to 10.5.0 - [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md) - [Commits](isaacs/node-glob@v10.4.5...v10.5.0) Updates `minimatch` from 9.0.5 to 9.0.9 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) Updates `lodash` from 4.17.21 to 4.17.23 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) Updates `on-headers` from 1.0.2 to 1.1.0 - [Release notes](https://github.com/jshttp/on-headers/releases) - [Changelog](https://github.com/jshttp/on-headers/blob/master/HISTORY.md) - [Commits](jshttp/on-headers@v1.0.2...v1.1.0) Updates `qs` from 6.13.0 to 6.14.2 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.13.0...v6.14.2) Updates `@anthropic-ai/claude-code` from 1.0.83 to 2.1.7 - [Release notes](https://github.com/anthropics/claude-code/releases) - [Changelog](https://github.com/anthropics/claude-code/blob/main/CHANGELOG.md) - [Commits](https://github.com/anthropics/claude-code/commits/v2.1.7) Updates `vite` from 5.4.19 to 8.0.0 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/create-vite@8.0.0/packages/vite) Updates `vite` from 5.4.19 to 8.0.0 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/create-vite@8.0.0/packages/vite) Updates `brace-expansion` from 2.0.1 to 2.0.2 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@v2.0.1...v2.0.2) Updates `glob` from 10.4.5 to 10.5.0 - [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md) - [Commits](isaacs/node-glob@v10.4.5...v10.5.0) Updates `minimatch` from 9.0.5 to 9.0.9 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) Updates `lodash` from 4.17.21 to 4.17.23 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) Updates `on-headers` from 1.0.2 to 1.1.0 - [Release notes](https://github.com/jshttp/on-headers/releases) - [Changelog](https://github.com/jshttp/on-headers/blob/master/HISTORY.md) - [Commits](jshttp/on-headers@v1.0.2...v1.1.0) Updates `qs` from 6.13.0 to 6.14.2 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.13.0...v6.14.2) Updates `vite` from 5.4.19 to 8.0.0 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/create-vite@8.0.0/packages/vite) Updates `vite` from 5.4.19 to 8.0.0 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/create-vite@8.0.0/packages/vite) Updates `brace-expansion` from 2.0.1 to 2.0.2 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@v2.0.1...v2.0.2) Updates `glob` from 10.4.5 to 10.5.0 - [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md) - [Commits](isaacs/node-glob@v10.4.5...v10.5.0) Updates `minimatch` from 9.0.5 to 9.0.9 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) Updates `lodash` from 4.17.21 to 4.17.23 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) Updates `on-headers` from 1.0.2 to 1.1.0 - [Release notes](https://github.com/jshttp/on-headers/releases) - [Changelog](https://github.com/jshttp/on-headers/blob/master/HISTORY.md) - [Commits](jshttp/on-headers@v1.0.2...v1.1.0) Updates `qs` from 6.13.0 to 6.14.2 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.13.0...v6.14.2) Updates `@anthropic-ai/claude-code` from 1.0.83 to 2.1.7 - [Release notes](https://github.com/anthropics/claude-code/releases) - [Changelog](https://github.com/anthropics/claude-code/blob/main/CHANGELOG.md) - [Commits](https://github.com/anthropics/claude-code/commits/v2.1.7) --- updated-dependencies: - dependency-name: axios dependency-version: 1.13.5 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: js-yaml dependency-version: 4.1.1 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: multer dependency-version: 2.1.1 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 8.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 8.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@smithy/config-resolver" dependency-version: 4.4.11 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: fast-xml-parser dependency-version: 5.4.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: form-data dependency-version: 4.0.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: glob dependency-version: 10.5.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-version: 9.0.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jws dependency-version: 3.2.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash dependency-version: 4.17.23 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: on-headers dependency-version: 1.1.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-version: 6.14.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 8.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 8.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: brace-expansion dependency-version: 2.0.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: glob dependency-version: 10.5.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-version: 9.0.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash dependency-version: 4.17.23 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: on-headers dependency-version: 1.1.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-version: 6.14.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@anthropic-ai/claude-code" dependency-version: 2.1.7 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 8.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 8.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: brace-expansion dependency-version: 2.0.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: glob dependency-version: 10.5.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-version: 9.0.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash dependency-version: 4.17.23 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: on-headers dependency-version: 1.1.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-version: 6.14.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 8.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 8.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: brace-expansion dependency-version: 2.0.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: glob dependency-version: 10.5.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-version: 9.0.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: lodash dependency-version: 4.17.23 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: on-headers dependency-version: 1.1.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-version: 6.14.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@anthropic-ai/claude-code" dependency-version: 2.1.7 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>

cloudflare-workers-and-pages · 2026-03-14T07:52:18Z

Deploying with Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
❌ Deployment failed View logs	chittyscore	`82437f8`	Mar 14 2026, 07:52 AM

chatgpt-codex-connector · 2026-03-14T07:52:19Z

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 14, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 4 directories with 15 updates#9

Bump the npm_and_yarn group across 4 directories with 15 updates#9
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/chittypm/chittychain/npm_and_yarn-99ab8a275f

dependabot Bot commented on behalf of github Mar 14, 2026

Uh oh!

cloudflare-workers-and-pages Bot commented Mar 14, 2026 •

edited

Loading

Uh oh!

chatgpt-codex-connector Bot commented Mar 14, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Mar 14, 2026

v1.13.5

Release 1.13.5

Highlights

Changes

Security

Fixes

Features / Improvements

Documentation

CI / Maintenance

New Contributors

v1.13.4

Overview

What's New in v1.13.4

Bug Fixes

Changelog

1.13.3 (2026-01-20)

Bug Fixes

Features

Reverts

Contributors to this release

[4.1.1] - 2025-11-12

Security

v2.1.1

Important

What's Changed

New Contributors

v2.1.0

Important

What's Changed

New Contributors

2.1.1

2.1.0

2.0.2

create-vite@8.0.0

plugin-legacy@8.0.0

v8.0.0

v8.0.0-beta.18

v8.0.0-beta.17

v8.0.0-beta.16

v8.0.0-beta.15

v8.0.0-beta.14

v8.0.0-beta.13

v8.0.0-beta.12

v8.0.0-beta.11

v8.0.0-beta.10

v8.0.0-beta.9

v8.0.0-beta.8

v8.0.0-beta.7

v8.0.0-beta.6

v8.0.0-beta.5

8.0.0 (2026-03-12)

⚠ BREAKING CHANGES

Features

create-vite@8.0.0

plugin-legacy@8.0.0

v8.0.0

v8.0.0-beta.18

v8.0.0-beta.17

v8.0.0-beta.16

v8.0.0-beta.15

v8.0.0-beta.14

v8.0.0-beta.13

v8.0.0-beta.12

v8.0.0-beta.11

v8.0.0-beta.10

v8.0.0-beta.9

v8.0.0-beta.8

v8.0.0-beta.7

v8.0.0-beta.6

v8.0.0-beta.5

8.0.0 (2026-03-12)

⚠ BREAKING CHANGES

Features

@​smithy/config-resolver@​4.4.11

Patch Changes

4.4.11

Patch Changes

4.4.10

`@smithy/config-resolver@4`.4.11

cloudflare-workers-and-pages Bot commented Mar 14, 2026 •

edited

Loading