Skip to content

build(deps): bump the backend-minor-patch group across 1 directory with 18 updates#1056

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/backend/backend-minor-patch-6e8e41f380
Open

build(deps): bump the backend-minor-patch group across 1 directory with 18 updates#1056
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/backend/backend-minor-patch-6e8e41f380

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Bumps the backend-minor-patch group with 17 updates in the /backend directory:

Package From To
@sentry/node 10.45.0 10.63.0
@stellar/stellar-sdk 14.5.0 14.6.1
dotenv 17.2.3 17.4.2
express-rate-limit 8.2.1 8.5.2
helmet 8.1.0 8.2.0
node-cron 4.2.1 4.6.0
pg 8.18.0 8.22.0
@types/pg 8.16.0 8.20.0
swagger-jsdoc 6.2.8 6.3.0
twilio 6.0.0 6.0.2
zod 4.3.6 4.4.3
@typescript-eslint/eslint-plugin 8.56.0 8.62.1
eslint-plugin-prettier 5.5.5 5.5.6
nodemon 3.1.11 3.1.14
prettier 3.8.1 3.9.4
ts-jest 29.4.6 29.4.11
tsx 4.21.0 4.23.0

Updates @sentry/node from 10.45.0 to 10.63.0

Release notes

Sourced from @​sentry/node's releases.

10.63.0

  • feat(browser): Add url.full attribute to resource spans (#21846)
  • feat(core): Add extendIntegration method (#21759)
  • feat(core): Add isTracingSuppressed to the async context strategy (#21785)
  • feat(core): Pass normalizedRequest to the sampling context for root spans (#21833)
  • feat(node): Add lru-memoizer diagnostics-channel integration to experimentalUseDiagnosticsChannelInjection (#21786)
  • feat(node): Expose channel-based, streamlined fastifyIntegration (#21706)
  • fix(browser): Defer sending session envelope until browser is idle (#21844)
  • fix(core): Improve waiting for tracing channel bindings (#21815)
  • fix(core): Serialize streamed span status message to sentry.status.message attribute (#21811)
  • fix(nextjs): Don't inject trace meta tags when Cache Components is enabled (#21141)
  • fix(opentelemetry): Strip leading ? and # from inferred http.query and http.fragment (#21848)
  • fix(tanstackstart-react): Drop server transactions for tunnel route requests (#21769)
  • chore: Add external contributor to CHANGELOG.md (#21832)
  • chore: Hoist transitive imports for bundles (#21858)
  • chore: Mark http.query/http.fragment stripping for v11 url.query migration (#21852)
  • docs: Use Cloudflare nodejs_compat flag (#21659)
  • feat(server-utils): Add lru-memoizer diagnostics-channel integration (#21786)
  • feat(server-utils): Expose channel-based, streamlined fastifyIntegration (#21706)
  • feat(server-utils): Restore caller context for callback tracing channels (#21863)
  • ref(core): Move spanStreamingIntegration setup into ServerRuntimeClient (#21814)
  • ref(node): Infer orchestrion integration names (#21834)
  • ref(node): Move node-fetch instrumentation away from InstrumentBase (#21778)
  • ref(node): Streamline Prisma instrumentation (v6 and v7) (#21819)
  • ref(node): Streamline vendored mysql instrumentation (#21568)
  • ref(server-utils): Ensure ts3.8 has diagnostics channel shim (#21845)
  • ref(server-utils): Move mysql orchestrion integration onto bindTracingChannelToSpan (#21865)
  • ref(server-utils): Set error attributes on span and simplify error info extraction (#21822)
  • test: Introduce .unordered in node-integration-tests (#21697)
  • test(cloudflare): Align CF types and compat flags (#21835)
  • test(e2e/hono): Isolate request-data extraction tests onto a dedicated route (#21869)
  • test(node-integration): Harden knex mysql2 healthcheck to fix flaky test (#21868)
  • test(node-integration-tests): Fix flaky postgresjs basic transaction/error ordering (#21870)
  • test(node-integration-tests): Retry transient docker compose up failures (#21860)
  • test(nuxt): Test mysql instrumentation with orchestrion bundler plugin (#21782)

Work in this release was contributed by @​suzunn. Thank you for your contribution!

Bundle size 📦

Path Size
@​sentry/browser 26.97 KB
@​sentry/browser - with treeshaking flags 25.44 KB

... (truncated)

Changelog

Sourced from @​sentry/node's changelog.

10.63.0

  • feat(browser): Add url.full attribute to resource spans (#21846)
  • feat(core): Add extendIntegration method (#21759)
  • feat(core): Add isTracingSuppressed to the async context strategy (#21785)
  • feat(core): Pass normalizedRequest to the sampling context for root spans (#21833)
  • feat(node): Add lru-memoizer diagnostics-channel integration to experimentalUseDiagnosticsChannelInjection (#21786)
  • feat(node): Expose channel-based, streamlined fastifyIntegration (#21706)
  • fix(browser): Defer sending session envelope until browser is idle (#21844)
  • fix(core): Improve waiting for tracing channel bindings (#21815)
  • fix(core): Serialize streamed span status message to sentry.status.message attribute (#21811)
  • fix(nextjs): Don't inject trace meta tags when Cache Components is enabled (#21141)
  • fix(opentelemetry): Strip leading ? and # from inferred http.query and http.fragment (#21848)
  • fix(tanstackstart-react): Drop server transactions for tunnel route requests (#21769)
  • chore: Add external contributor to CHANGELOG.md (#21832)
  • chore: Hoist transitive imports for bundles (#21858)
  • chore: Mark http.query/http.fragment stripping for v11 url.query migration (#21852)
  • docs: Use Cloudflare nodejs_compat flag (#21659)
  • feat(server-utils): Add lru-memoizer diagnostics-channel integration (#21786)
  • feat(server-utils): Expose channel-based, streamlined fastifyIntegration (#21706)
  • feat(server-utils): Restore caller context for callback tracing channels (#21863)
  • ref(core): Move spanStreamingIntegration setup into ServerRuntimeClient (#21814)
  • ref(node): Infer orchestrion integration names (#21834)
  • ref(node): Move node-fetch instrumentation away from InstrumentBase (#21778)
  • ref(node): Streamline Prisma instrumentation (v6 and v7) (#21819)
  • ref(node): Streamline vendored mysql instrumentation (#21568)
  • ref(server-utils): Ensure ts3.8 has diagnostics channel shim (#21845)
  • ref(server-utils): Move mysql orchestrion integration onto bindTracingChannelToSpan (#21865)
  • ref(server-utils): Set error attributes on span and simplify error info extraction (#21822)
  • test: Introduce .unordered in node-integration-tests (#21697)
  • test(cloudflare): Align CF types and compat flags (#21835)
  • test(e2e/hono): Isolate request-data extraction tests onto a dedicated route (#21869)
  • test(node-integration): Harden knex mysql2 healthcheck to fix flaky test (#21868)
  • test(node-integration-tests): Fix flaky postgresjs basic transaction/error ordering (#21870)
  • test(node-integration-tests): Retry transient docker compose up failures (#21860)
  • test(nuxt): Test mysql instrumentation with orchestrion bundler plugin (#21782)

Work in this release was contributed by @​suzunn. Thank you for your contribution!

10.62.0

Important Changes

  • feat(server-runtimes): Add v7 support for vercelAiIntegration (#21613)

... (truncated)

Commits
  • 2362e9f release: 10.63.0
  • 5b51d5e Merge pull request #21874 from getsentry/prepare-release/10.63.0
  • 4e16503 meta(changelog): Update changelog for 10.63.0
  • 690f778 test(node-integration): Harden knex mysql2 healthcheck to fix flaky test (#21...
  • 429cdaf test(node-integration-tests): Fix flaky postgresjs basic transaction/error or...
  • 35998e6 test(e2e/hono): Isolate request-data extraction tests onto a dedicated route ...
  • 88e7ad5 feat(server-utils): Expose channel-based, streamlined fastifyIntegration (#...
  • e316151 ref(server-utils): Move mysql orchestrion integration onto bindTracingChannel...
  • e7c24a5 feat(server-utils): Restore caller context for callback tracing channels (#21...
  • bf21b16 fix(nextjs): Don't inject trace meta tags when Cache Components is enabled (#...
  • Additional commits viewable in compare view

Updates @stellar/stellar-sdk from 14.5.0 to 14.6.1

Release notes

Sourced from @​stellar/stellar-sdk's releases.

v14.6.1

v14.6.1

Fixed

  • Fix assembleTransaction double-counting the resource fee when the input transaction already has Soroban data attached (e.g. when re-assembling a previously simulated transaction) (#1343).
  • Removed adding resourceFee in rpc.assembleTransaction as it's now handled by TransactionBuilder.build() (#1343).

Full Changelog: stellar/js-stellar-sdk@v14.6.0...v14.6.1

v14.6.0

v14.6.0

Added

  • Upgraded underlying @stellar/stellar-base library to include its new features and fixes (release notes).

Full Changelog: stellar/js-stellar-sdk@v14.5.0...v14.6.0

Changelog

Sourced from @​stellar/stellar-sdk's changelog.

v14.6.1

Fixed

  • Fix assembleTransaction double-counting the resource fee when the input transaction already has Soroban data attached (e.g. when re-assembling a previously simulated transaction) (#1343).
  • Removed adding resourceFee in assembleTransaction as it's now handled by TransactionBuilder.build() (#1343).

v14.6.0

Added

  • Upgraded underlying @stellar/stellar-base library to include its new features and fixes (release notes).
Commits

Updates dotenv from 17.2.3 to 17.4.2

Changelog

Sourced from dotenv's changelog.

17.4.2 (2026-04-12)

Changed

  • Improved skill files - tightened up details (#1009)

17.4.1 (2026-04-05)

Changed

  • Change text injecting to injected (#1005)

17.4.0 (2026-04-01)

Added

  • Add skills/ folder with focused agent skills: skills/dotenv/SKILL.md (core usage) and skills/dotenvx/SKILL.md (encryption, multiple environments, variable expansion) for AI coding agent discovery via the skills.sh ecosystem (npx skills add motdotla/dotenv)

Changed

  • Tighten up logs: ◇ injecting env (14) from .env (#1003)

17.3.1 (2026-02-12)

Changed

  • Fix as2 example command in README and update spanish README

17.3.0 (2026-02-12)

Added

  • Add a new README section on dotenv’s approach to the agentic future.

Changed

  • Rewrite README to get humans started more quickly with less noise while simultaneously making more accessible for llms and agents to go deeper into details.

17.2.4 (2026-02-05)

Changed

  • Make DotenvPopulateInput accept NodeJS.ProcessEnv type (#915)
  • Give back to dotenv by checking out my newest project vestauth. It is auth for agents. Thank you for using my software.
Commits

Updates express-rate-limit from 8.2.1 to 8.5.2

Release notes

Sourced from express-rate-limit's releases.

v8.5.2

You can view the changelog here.

v8.5.1

You can view the changelog here.

v8.5.0

You can view the changelog here.

v8.4.1

You can view the changelog here.

v8.4.0

You can view the changelog here.

v8.3.2

You can view the changelog here.

v8.3.1

You can view the changelog here.

v8.3.0

You can view the changelog here.

Commits
  • 9774693 8.5.2
  • 0e94cc0 v8.5.2 changelog
  • 9a583c5 feat: simplify IPv6 key generation (#633)
  • 4f4b3fb chore(deps-dev): bump lint-staged from 16.4.0 to 17.0.4 (#632)
  • 3c1d6c5 chore(deps-dev): bump the development-dependencies group with 7 updates (#631)
  • 18884b6 chore(deps): bump basic-ftp from 5.2.0 to 5.3.1 (#630)
  • dacc980 chore(deps): bump handlebars from 4.7.8 to 4.7.9 (#629)
  • 486d0c6 chore(deps): bump follow-redirects from 1.15.11 to 1.16.0 (#627)
  • 50cc3f6 8.5.1
  • 92c8e3e chore: bump ip-address library to latest (#626)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for express-rate-limit since your current version.


Updates helmet from 8.1.0 to 8.2.0

Changelog

Sourced from helmet's changelog.

8.2.0 - 2026-05-21

  • Cross-Origin-Opener-Policy: support noopener-allow-popups. See #522
  • Improve error message when passing duplicate options
Commits

Updates node-cron from 4.2.1 to 4.6.0

Release notes

Sourced from node-cron's releases.

v4.6.0

4.6.0 (2026-07-04)

Added

  • add cron.shutdown(timeout?) for graceful process teardown (#589) (35f1a61)
  • add unref option for heartbeat timers (#588) (35cb140)
  • day-of-month: Quartz-style W, L-n and ? modifiers (#570) (cbe379b)
  • emit task:failed when a background daemon exits unexpectedly (7bd91d6)
  • support cron expression nicknames (@​yearly, @​daily, etc.) (#579) (6a6e14e)

Fixed

  • background task state transition on stop/destroy without fork (#584) (9dbc6de)
  • clear jitter timeout on runner stop (#583) (28b8146)
  • CommonJS type resolution (#608) (ee9d294)
  • correct falied->failed typo in daemon task error log (#594) (66c6961)
  • correct shutdown listener typing that broke the build (#595) (7aac3ad)
  • correlate execute() by id, isolate event hooks, and stop counting manual runs toward maxExecutions (#607) (0f039a9)
  • daemon serialized task state with wrong field name (#587) (688d465)
  • expand inverted ranges with wrap-around instead of silently swapping (#602) (a10ae53)
  • harden cron.shutdown() teardown (#598) (a0b0d1f)
  • kill orphan child process on background task stop/destroy timeout (#582) (8179e10)
  • make concurrent background start() await the daemon and time out coordinator lookups (#605) (446f03a)
  • make lifecycle calls on a destroyed task safe no-ops (#600) (7fa9795)
  • prevent double destroy on registry remove (#585) (8ae9f06)
  • release-please: match existing v-prefixed tags (#575) (e43c152)
  • runner promise bugs that could hang scheduling or crash process (#581) (0ae62be)
  • unref the IPC channel so background tasks let the process exit (#599) (534e593)
  • validate the cron expression when scheduling a task (#603) (196e6cd)
  • validate() consistency and multi-asterisk expansion (#606) (8cf41c4)
  • weekday 7-to-0 conversion corrupting ranges (#580) (c8a3943)

Changed

  • replace chai and sinon with native vitest assertions (#590) (d29d07a)

v4.5.0

Added

  • lastRun() introspection getter on ScheduledTask: returns { date, result } after a successful execution, { date, error } after a failed one, or null before the first run.
  • Extended day-of-week tokens: <weekday>#<nth> (nth weekday of the month, e.g. 1#1 for the first Monday) and <weekday>L (last weekday of the month, e.g. 5L for the last Friday).

Performance

  • Cache Intl.DateTimeFormat instances per timezone instead of rebuilding on every call.
  • Parse the cron expression once per TimeMatcher instead of re-parsing in MatcherWalker.
  • Compute the GMT offset lazily (only when formatting ISO strings, not during the next-run search).
  • Replace crypto.randomBytes with crypto.randomUUID for internal ID generation.

... (truncated)

Changelog

Sourced from node-cron's changelog.

4.6.0 (2026-07-04)

Added

  • add cron.shutdown(timeout?) for graceful process teardown (#589) (35f1a61)
  • add unref option for heartbeat timers (#588) (35cb140)
  • day-of-month: Quartz-style W, L-n and ? modifiers (#570) (cbe379b)
  • emit task:failed when a background daemon exits unexpectedly (7bd91d6)
  • support cron expression nicknames (@​yearly, @​daily, etc.) (#579) (6a6e14e)

Fixed

  • background task state transition on stop/destroy without fork (#584) (9dbc6de)
  • clear jitter timeout on runner stop (#583) (28b8146)
  • CommonJS type resolution (#608) (ee9d294)
  • correct falied->failed typo in daemon task error log (#594) (66c6961)
  • correct shutdown listener typing that broke the build (#595) (7aac3ad)
  • correlate execute() by id, isolate event hooks, and stop counting manual runs toward maxExecutions (#607) (0f039a9)
  • daemon serialized task state with wrong field name (#587) (688d465)
  • expand inverted ranges with wrap-around instead of silently swapping (#602) (a10ae53)
  • harden cron.shutdown() teardown (#598) (a0b0d1f)
  • kill orphan child process on background task stop/destroy timeout (#582) (8179e10)
  • make concurrent background start() await the daemon and time out coordinator lookups (#605) (446f03a)
  • make lifecycle calls on a destroyed task safe no-ops (#600) (7fa9795)
  • prevent double destroy on registry remove (#585) (8ae9f06)
  • release-please: match existing v-prefixed tags (#575) (e43c152)
  • runner promise bugs that could hang scheduling or crash process (#581) (0ae62be)
  • unref the IPC channel so background tasks let the process exit (#599) (534e593)
  • validate the cron expression when scheduling a task (#603) (196e6cd)
  • validate() consistency and multi-asterisk expansion (#606) (8cf41c4)
  • weekday 7-to-0 conversion corrupting ranges (#580) (c8a3943)

Changed

  • replace chai and sinon with native vitest assertions (#590) (d29d07a)

[4.5.0] - 2026-06-21

Added

  • lastRun() introspection getter on ScheduledTask: returns { date, result } after a successful execution, { date, error } after a failed one, or null before the first run. (#557)
  • Extended day-of-week tokens: <weekday>#<nth> (nth weekday of the month, e.g. 1#1 for the first Monday) and <weekday>L (last weekday of the month, e.g. 5L for the last Friday). (#560)

Performance

... (truncated)

Commits
  • 0be2ca0 chore(main): release 4.6.0 (#576)
  • 813ab08 docs: note bundlers must keep node-cron external for background tasks (#610)
  • ee9d294 fix: CommonJS type resolution (#608)
  • 0f039a9 fix: correlate execute() by id, isolate event hooks, and stop counting manual...
  • 8cf41c4 fix: validate() consistency and multi-asterisk expansion (#606)
  • 446f03a fix: make concurrent background start() await the daemon and time out coordin...
  • 88647a6 docs: note DST fall-back behavior for sub-hourly schedules and the UTC workar...
  • 196e6cd fix: validate the cron expression when scheduling a task (#603)
  • 7bd91d6 feat: emit task:failed when a background daemon exits unexpectedly (#601)
  • a10ae53 fix: expand inverted ranges with wrap-around instead of silently swapping (#602)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for node-cron since your current version.


Updates pg from 8.18.0 to 8.22.0

Changelog

Sourced from pg's changelog.

pg@8.22.0

pg@8.21.0

pg@8.20.0

  • Add onConnect callback to pg.Pool constructor options allowing for async initialization of newly created & connected pooled clients.

pg@8.19.0

Commits

Updates @types/pg from 8.16.0 to 8.20.0

Commits

Updates swagger-jsdoc from 6.2.8 to 6.3.0

Release notes

Sourced from swagger-jsdoc's releases.

v6.3.0

What's Changed

New Contributors

Full Changelog: Surnet/swagger-jsdoc@v6.2.8...v6.3.0

Commits
  • 04cbcb6 Version Bump
  • a761cf7 Fix security vulnerabilities (#425)
  • cb90faf fix: replace mikeal/merge-release with direct npm publish, update actions to ...
  • 3ebd8d2 chore(deps): bump @​babel/runtime from 7.18.9 to 7.28.4 in /docusaurus (#434)
  • 51f408d chore(deps): bump @​babel/helpers from 7.18.9 to 7.28.4 in /docusaurus (#433)
  • 3778b42 fix: Update Glob to fix memory leak issue from inflight (#430)
  • 2325600 Merge pull request #363 from nejclovrencic/fix/extract-annotations-error-hand...
  • f92ee06 Update express and body-parser to fix qs vulnerability
  • fc52de9 Update yarn.lock
  • af64d34 Add try catch to build function for loop
  • Additional commits viewable in compare view

Updates twilio from 6.0.0 to 6.0.2

Release notes

Sourced from twilio's releases.

6.0.2

Release Notes

Conversations

  • update actions api visibility

Memory

  • 2026-05-07

  • Content updates:
  • include store api

Docs

6.0.1

Release Notes

Twiml

  • Set recording_configuration_id attribute to public visibility in <Conference>, <Dial>, <Record> verbs and <Recording> noun

Api

  • Add RecordingConfigurationId parameter for CreateCall, CreateCallRecording, CreateConferenceRecording, and CreateParticipant endpoints

Authy

  • Changelog

  • v1

  • Added Authy API v1 under /v1 — initial onboarding of Public API (/v1/protected/*), Device API (/v1/json/*), and Dashboard API (/v1/dashboard/*) behind REST Proxy using transparent proxy mode.

Data-ingress

  • 2026-04-21

  • Content updates:
  • Updated description for CreateDataSync
  • Updated description for DeleteCloudAppDataset
  • Updated description for DeleteWarehouseDataset
  • 2026-04-20

  • Minor updates (formatting, metadata)
  • 2026-04-17

  • updated operationId for dataplane APIs,Minor updates (formatting, metadata)
  • 2026-04-15

  • libraryVisibility to private
  • 2026-04-14

  • Added 1 new path(s):
  • /v1/DataSyncs/Latest (GetLatestDataSyncs)

Memory

  • 2026-04-21

  • Content updates:
  • Remove Prefer/Async-Operation headers
  • 2026-04-21

  • Content updates:

... (truncated)

Changelog

Sourced from twilio's changelog.

[2026-05-07] Version 6.0.2

Conversations

  • update actions api visibility

Memory

  • 2026-05-07

  • Content updates:
  • include store api

[2026-05-06] Version 6.0.1

Twiml

  • Set recording_configuration_id attribute to public visibility in <Conference>, <Dial>, <Record> verbs and <Recording> noun

Api

  • Add RecordingConfigurationId parameter for CreateCall, CreateCallRecording, CreateConferenceRecording, and CreateParticipant endpoints

Authy

  • Changelog

  • v1

  • Added Authy API v1 under /v1 — initial onboarding of Public API (/v1/protected/*), Device API (/v1/json/*), and Dashboard API (/v1/dashboard/*) behind REST Proxy using transparent proxy mode.

Data-ingress

  • 2026-04-21

  • Content updates:
  • Updated description for CreateDataSync
  • Updated description for DeleteCloudAppDataset
  • Updated description for DeleteWarehouseDataset
  • 2026-04-20

  • Minor updates (formatting, metadata)
  • 2026-04-17

  • updated operationId for dataplane APIs,Minor updates (formatting, metadata)
  • 2026-04-15

  • libraryVisibility to private
  • 2026-04-14

  • Added 1 new path(s):
  • /v1/DataSyncs/Latest (GetLatestDataSyncs)

Memory

  • 2026-04-21

  • Content updates:
  • Remove Prefer/Async-Operation headers
  • 2026-04-21

  • Content updates:
  • Added 301 response for ListIdentifiers and GetIdentifier
  • Added 308 response for DeleteProfile, CreateIdentifier, PatchIdentifier, and DeleteIdentifier
  • ...

    Description has been truncated

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 22, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/backend/backend-minor-patch-6e8e41f380 branch 4 times, most recently from 1b3ff19 to a386652 Compare June 29, 2026 09:22
@ogazboiz

ogazboiz commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

@dependabot rebase

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/backend/backend-minor-patch-6e8e41f380 branch 2 times, most recently from e9dd266 to d3e795c Compare July 1, 2026 00:42
…th 18 updates

Bumps the backend-minor-patch group with 17 updates in the /backend directory:

| Package | From | To |
| --- | --- | --- |
| [@sentry/node](https://github.com/getsentry/sentry-javascript) | `10.45.0` | `10.63.0` |
| [@stellar/stellar-sdk](https://github.com/stellar/js-stellar-sdk) | `14.5.0` | `14.6.1` |
| [dotenv](https://github.com/motdotla/dotenv) | `17.2.3` | `17.4.2` |
| [express-rate-limit](https://github.com/express-rate-limit/express-rate-limit) | `8.2.1` | `8.5.2` |
| [helmet](https://github.com/helmetjs/helmet) | `8.1.0` | `8.2.0` |
| [node-cron](https://github.com/node-cron/node-cron) | `4.2.1` | `4.6.0` |
| [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.18.0` | `8.22.0` |
| [@types/pg](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/pg) | `8.16.0` | `8.20.0` |
| [swagger-jsdoc](https://github.com/Surnet/swagger-jsdoc) | `6.2.8` | `6.3.0` |
| [twilio](https://github.com/twilio/twilio-node) | `6.0.0` | `6.0.2` |
| [zod](https://github.com/colinhacks/zod) | `4.3.6` | `4.4.3` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.56.0` | `8.62.1` |
| [eslint-plugin-prettier](https://github.com/prettier/eslint-plugin-prettier) | `5.5.5` | `5.5.6` |
| [nodemon](https://github.com/remy/nodemon) | `3.1.11` | `3.1.14` |
| [prettier](https://github.com/prettier/prettier) | `3.8.1` | `3.9.4` |
| [ts-jest](https://github.com/kulshekhar/ts-jest) | `29.4.6` | `29.4.11` |
| [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.23.0` |



Updates `@sentry/node` from 10.45.0 to 10.63.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](getsentry/sentry-javascript@10.45.0...10.63.0)

Updates `@stellar/stellar-sdk` from 14.5.0 to 14.6.1
- [Release notes](https://github.com/stellar/js-stellar-sdk/releases)
- [Changelog](https://github.com/stellar/js-stellar-sdk/blob/main/CHANGELOG.md)
- [Commits](stellar/js-stellar-sdk@v14.5.0...v14.6.1)

Updates `dotenv` from 17.2.3 to 17.4.2
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](motdotla/dotenv@v17.2.3...v17.4.2)

Updates `express-rate-limit` from 8.2.1 to 8.5.2
- [Release notes](https://github.com/express-rate-limit/express-rate-limit/releases)
- [Commits](express-rate-limit/express-rate-limit@v8.2.1...v8.5.2)

Updates `helmet` from 8.1.0 to 8.2.0
- [Changelog](https://github.com/helmetjs/helmet/blob/main/CHANGELOG.md)
- [Commits](helmetjs/helmet@v8.1.0...v8.2.0)

Updates `node-cron` from 4.2.1 to 4.6.0
- [Release notes](https://github.com/node-cron/node-cron/releases)
- [Changelog](https://github.com/node-cron/node-cron/blob/main/CHANGELOG.md)
- [Commits](node-cron/node-cron@v4.2.1...v4.6.0)

Updates `pg` from 8.18.0 to 8.22.0
- [Changelog](https://github.com/brianc/node-postgres/blob/master/CHANGELOG.md)
- [Commits](https://github.com/brianc/node-postgres/commits/pg@8.22.0/packages/pg)

Updates `@types/pg` from 8.16.0 to 8.20.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/pg)

Updates `swagger-jsdoc` from 6.2.8 to 6.3.0
- [Release notes](https://github.com/Surnet/swagger-jsdoc/releases)
- [Changelog](https://github.com/Surnet/swagger-jsdoc/blob/master/CHANGELOG.md)
- [Commits](Surnet/swagger-jsdoc@v6.2.8...v6.3.0)

Updates `twilio` from 6.0.0 to 6.0.2
- [Release notes](https://github.com/twilio/twilio-node/releases)
- [Changelog](https://github.com/twilio/twilio-node/blob/main/CHANGES.md)
- [Commits](twilio/twilio-node@6.0.0...6.0.2)

Updates `zod` from 4.3.6 to 4.4.3
- [Release notes](https://github.com/colinhacks/zod/releases)
- [Commits](colinhacks/zod@v4.3.6...v4.4.3)

Updates `@types/pg` from 8.16.0 to 8.20.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/pg)

Updates `@typescript-eslint/eslint-plugin` from 8.56.0 to 8.62.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.62.1/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.56.0 to 8.62.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.62.1/packages/parser)

Updates `eslint-plugin-prettier` from 5.5.5 to 5.5.6
- [Release notes](https://github.com/prettier/eslint-plugin-prettier/releases)
- [Changelog](https://github.com/prettier/eslint-plugin-prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/eslint-plugin-prettier@v5.5.5...v5.5.6)

Updates `nodemon` from 3.1.11 to 3.1.14
- [Release notes](https://github.com/remy/nodemon/releases)
- [Commits](remy/nodemon@v3.1.11...v3.1.14)

Updates `prettier` from 3.8.1 to 3.9.4
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.8.1...3.9.4)

Updates `ts-jest` from 29.4.6 to 29.4.11
- [Release notes](https://github.com/kulshekhar/ts-jest/releases)
- [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md)
- [Commits](kulshekhar/ts-jest@v29.4.6...v29.4.11)

Updates `tsx` from 4.21.0 to 4.23.0
- [Release notes](https://github.com/privatenumber/tsx/releases)
- [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs)
- [Commits](privatenumber/tsx@v4.21.0...v4.23.0)

---
updated-dependencies:
- dependency-name: "@sentry/node"
  dependency-version: 10.59.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend-minor-patch
- dependency-name: "@stellar/stellar-sdk"
  dependency-version: 14.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend-minor-patch
- dependency-name: "@types/pg"
  dependency-version: 8.20.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: backend-minor-patch
- dependency-name: "@types/pg"
  dependency-version: 8.20.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: backend-minor-patch
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-version: 8.61.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: backend-minor-patch
- dependency-name: "@typescript-eslint/parser"
  dependency-version: 8.61.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: backend-minor-patch
- dependency-name: dotenv
  dependency-version: 17.4.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend-minor-patch
- dependency-name: eslint-plugin-prettier
  dependency-version: 5.5.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: backend-minor-patch
- dependency-name: express-rate-limit
  dependency-version: 8.5.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend-minor-patch
- dependency-name: helmet
  dependency-version: 8.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend-minor-patch
- dependency-name: node-cron
  dependency-version: 4.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend-minor-patch
- dependency-name: nodemon
  dependency-version: 3.1.14
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: backend-minor-patch
- dependency-name: pg
  dependency-version: 8.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend-minor-patch
- dependency-name: prettier
  dependency-version: 3.8.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: backend-minor-patch
- dependency-name: swagger-jsdoc
  dependency-version: 6.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend-minor-patch
- dependency-name: ts-jest
  dependency-version: 29.4.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: backend-minor-patch
- dependency-name: tsx
  dependency-version: 4.22.4
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: backend-minor-patch
- dependency-name: twilio
  dependency-version: 6.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: backend-minor-patch
- dependency-name: zod
  dependency-version: 4.4.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/backend/backend-minor-patch-6e8e41f380 branch from d3e795c to 91819bf Compare July 6, 2026 00:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant