Skip to content

Bump the npm_and_yarn group across 39 directories with 6 updates#138

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/extensions/5devs/npm_and_yarn-4b7386b7f8
Open

Bump the npm_and_yarn group across 39 directories with 6 updates#138
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/extensions/5devs/npm_and_yarn-4b7386b7f8

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github May 5, 2026

Bumps the npm_and_yarn group with 1 update in the /extensions/5devs directory: uuid.
Bumps the npm_and_yarn group with 1 update in the /extensions/aegis directory: protobufjs.
Bumps the npm_and_yarn group with 1 update in the /extensions/anki directory: axios.
Bumps the npm_and_yarn group with 1 update in the /extensions/authy directory: protobufjs.
Bumps the npm_and_yarn group with 2 updates in the /extensions/bmw directory: uuid and axios.
Bumps the npm_and_yarn group with 2 updates in the /extensions/charged directory: uuid and axios.
Bumps the npm_and_yarn group with 2 updates in the /extensions/chatgo directory: uuid and axios.
Bumps the npm_and_yarn group with 1 update in the /extensions/clarify directory: axios.
Bumps the npm_and_yarn group with 1 update in the /extensions/claude directory: uuid.
Bumps the npm_and_yarn group with 1 update in the /extensions/clipyai directory: uuid.
Bumps the npm_and_yarn group with 1 update in the /extensions/crisp directory: @supabase/auth-js.
Bumps the npm_and_yarn group with 1 update in the /extensions/cron directory: uuid.
Bumps the npm_and_yarn group with 1 update in the /extensions/css-gg directory: uuid.
Bumps the npm_and_yarn group with 1 update in the /extensions/dash directory: fast-xml-parser.
Bumps the npm_and_yarn group with 1 update in the /extensions/domainr directory: axios.
Bumps the npm_and_yarn group with 1 update in the /extensions/doutu directory: uuid.
Bumps the npm_and_yarn group with 1 update in the /extensions/essay directory: axios.
Bumps the npm_and_yarn group with 1 update in the /extensions/exif directory: @xmldom/xmldom.
Bumps the npm_and_yarn group with 1 update in the /extensions/fhir directory: fast-xml-parser.
Bumps the npm_and_yarn group with 1 update in the /extensions/forgejo directory: axios.
Bumps the npm_and_yarn group with 1 update in the /extensions/fuelx directory: axios.
Bumps the npm_and_yarn group with 1 update in the /extensions/gmail directory: uuid.
Bumps the npm_and_yarn group with 1 update in the /extensions/grok-ai directory: uuid.
Bumps the npm_and_yarn group with 1 update in the /extensions/harvest directory: axios.
Bumps the npm_and_yarn group with 1 update in the /extensions/ihosts directory: uuid.
Bumps the npm_and_yarn group with 1 update in the /extensions/klu-ai directory: axios.
Bumps the npm_and_yarn group with 1 update in the /extensions/mail directory: @xmldom/xmldom.
Bumps the npm_and_yarn group with 1 update in the /extensions/neon directory: axios.
Bumps the npm_and_yarn group with 1 update in the /extensions/safari directory: @xmldom/xmldom.
Bumps the npm_and_yarn group with 1 update in the /extensions/sm-ms directory: axios.
Bumps the npm_and_yarn group with 1 update in the /extensions/snapask directory: uuid.
Bumps the npm_and_yarn group with 1 update in the /extensions/spaces directory: uuid.
Bumps the npm_and_yarn group with 1 update in the /extensions/surge directory: axios.
Bumps the npm_and_yarn group with 1 update in the /extensions/svgo directory: fast-xml-parser.
Bumps the npm_and_yarn group with 1 update in the /extensions/tower directory: @xmldom/xmldom.
Bumps the npm_and_yarn group with 1 update in the /extensions/vault directory: uuid.
Bumps the npm_and_yarn group with 1 update in the /extensions/xcode directory: uuid.
Bumps the npm_and_yarn group with 1 update in the /extensions/youtube directory: uuid.
Bumps the npm_and_yarn group with 1 update in the /extensions/zerion directory: uuid.

Updates uuid from 10.0.0 to 14.0.0

Release notes

Sourced from uuid's releases.

v14.0.0

14.0.0 (2026-04-19)

⚠ BREAKING CHANGES

  • expect crypto to be global everywhere (requires node@20+) (#935)
  • drop node@18 support (#934)

Features

Bug Fixes

  • expect crypto to be global everywhere (requires node@20+) (#935) (f2c235f)
  • Use GITHUB_TOKEN for release-please and enable npm provenance (#925) (ffa3138)

v13.0.2

13.0.2 (2026-05-04)

Bug Fixes

  • rerelease to fix provenance. (49ccb35)

v13.0.1

13.0.1 (2026-04-27)

Bug Fixes

v13.0.0

13.0.0 (2025-09-08)

⚠ BREAKING CHANGES

  • make browser exports the default (#901)

Bug Fixes

v12.0.1

12.0.1 (2026-04-29)

... (truncated)

Changelog

Sourced from uuid's changelog.

14.0.0 (2026-04-19)

Security

  • Fixes GHSA-w5hq-g745-h8pq: v3(), v5(), and v6() did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid offset was provided. A RangeError is now thrown if offset < 0 or offset + 16 > buf.length.

⚠ BREAKING CHANGES

  • crypto is now expected to be globally defined (requires node@20+) (#935)
  • drop node@18 support (#934)
  • upgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years

13.0.0 (2025-09-08)

⚠ BREAKING CHANGES

  • make browser exports the default (#901)

Bug Fixes

12.0.0 (2025-09-05)

⚠ BREAKING CHANGES

  • update to typescript@5.2 (#887)
  • remove CommonJS support (#886)
  • drop node@16 support (#883)

Features

Bug Fixes

11.1.0 (2025-02-19)

... (truncated)

Commits
  • 7c1ea08 chore(main): release 14.0.0 (#926)
  • 3d2c5b0 Merge commit from fork
  • f2c235f fix!: expect crypto to be global everywhere (requires node@20+) (#935)
  • 529ef08 chore: upgrade TypeScript and fixup types (#927)
  • 086fd79 chore: update dependencies (#933)
  • dc4ddb8 feat!: drop node@18 support (#934)
  • 0f1f9c9 chore: switch to Biome for parsing and linting (#932)
  • e2879e6 chore: use maintained version of npm-run-all (#930)
  • ffa3138 fix: Use GITHUB_TOKEN for release-please and enable npm provenance (#925)
  • 0423d49 docs: remove obsolete v1 option notes (#915)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for uuid since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.


Updates protobufjs from 7.3.2 to 7.5.5

Release notes

Sourced from protobufjs's releases.

v7.5.5

This release backports two reported security issues to 7.x branch.

  • fix: do not allow setting __proto__ in Message constructor (#2126)
  • fix: filter invalid characters from the type name (#2127)

Full Changelog: protobufjs/protobuf.js@protobufjs-v7.5.4...protobufjs-v7.5.5

protobufjs: v7.5.4

7.5.4 (2025-08-15)

Bug Fixes

protobufjs: v7.5.3

7.5.3 (2025-05-28)

Bug Fixes

  • descriptor extensions handling post-editions (#2075) (6e255d4)

protobufjs: v7.5.2

7.5.2 (2025-05-14)

Bug Fixes

protobufjs: v7.5.1

7.5.1 (2025-05-08)

Bug Fixes

  • optimize regressions from editions implementations (#2066) (6406d4c)
  • reserved field inside group blocks fail parsing (#2058) (56782bf)

protobufjs: v7.5.0

7.5.0 (2025-04-15)

Features

  • add Edition 2023 Support (f04ded3)
  • add Edition 2023 Support (ac9a3b9)

... (truncated)

Changelog

Sourced from protobufjs's changelog.

Changelog

8.0.3 (2026-04-27)

Bug Fixes

8.0.2 (2026-04-27)

Bug Fixes

8.0.1 (2026-03-11)

Bug Fixes

  • bump protobufjs dependency version for cli package (#2128) (549b05e)
  • correct json syntax in tsconfig.json (#2120) (8065625)
  • descriptor: guard oneof index for non-Type parents (#2122) (1cac5cf)
  • do not allow setting proto in Message constructor (#2126) (f05e3c3)
  • filter invalid characters from the type name (#2127) (535df44)

8.0.0 (2025-12-16)

⚠ BREAKING CHANGES

  • add Edition 2024 Support (#2060)

Features

7.5.4 (2025-08-15)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by fenster, a new releaser for protobufjs since your current version.


Updates axios from 1.8.4 to 1.15.2

Release notes

Sourced from axios's releases.

v1.15.2

This release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in allowedSocketPaths allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.

🔒 Security Fixes

  • Prototype Pollution Hardening (HTTP Adapter): Hardened the Node HTTP adapter and resolveConfig/mergeConfig/validator paths to read only own properties and use null-prototype config objects, preventing polluted auth, baseURL, socketPath, beforeRedirect, and insecureHTTPParser from influencing requests. (#10779)
  • SSRF via socketPath: Rejects non-string socketPath values and adds an opt-in allowedSocketPaths config option to restrict permitted Unix domain socket paths, returning AxiosError ERR_BAD_OPTION_VALUE on mismatch. (#10777)
  • Supply-chain Hardening: Added .npmrc with ignore-scripts=true, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded SECURITY.md/THREATMODEL.md with provenance verification (npm audit signatures), 60-day resolution policy, and maintainer incident-response runbook. (#10776)

🚀 New Features

  • allowedSocketPaths Config Option: New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (#10777)

🐛 Bug Fixes

  • Keep-alive Socket Memory Leak: Installs a single per-socket error listener tracking the active request via kAxiosSocketListener/kAxiosCurrentReq, eliminating per-request listener accumulation, MaxListenersExceededWarning, and linear heap growth under concurrent or long-running keep-alive workloads (fixes #10780). (#10788)

🔧 Maintenance & Chores

  • Changelog: Updated CHANGELOG.md with v1.15.1 release notes. (#10781)

Full Changelog

v1.15.1

This release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.

🔒 Security Fixes

  • Header Injection Hardening: Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (#10749)
  • CRLF Stripping in Multipart Headers: Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (#10758)
  • Prototype Pollution / Auth Bypass: Replaced unsafe in checks with hasOwnProperty to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (#10761, #10760)
  • withXSRFToken Truthy Bypass: Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (#10762)
  • maxBodyLength With Zero Redirects: Enforces maxBodyLength even when maxRedirects is set to 0, closing a bypass path for oversized request bodies. (#10753)
  • Streamed Response maxContentLength Bypass: Applies maxContentLength to streamed responses that previously bypassed the cap. (#10754)
  • Follow-up CVE Completion: Completes an earlier incomplete CVE fix to fully close the regression window. (#10755)

🚀 New Features

  • AI-Based Docs Translations: Initial scaffold for AI-assisted translations of the documentation site. (#10705)
  • Location Request Header Type: Adds Location to CommonRequestHeadersList for accurate typing of redirect-aware requests. (#7528)

🐛 Bug Fixes

  • FormData Handling: Removes Content-Type when no boundary is present on FormData fetch requests, supports multi-select fields, cancels request.body instead of the source stream on fetch abort, and fixes a recursion bug in form-data serialisation. (#7314, #10676, #10702, #10726)
  • HTTP Adapter: Handles socket-only request errors without leaking keep-alive listeners. (#10576)
  • Progress Events: Clamps loaded to total for computable upload/download progress events. (#7458)
  • Types: Aligns runWhen type with the runtime behaviour in InterceptorManager and makes response header keys case-insensitive. (#7529, #10677)
  • buildFullPath: Uses strict equality in the base/relative URL check. (#7252)
  • AxiosURLSearchParams Regex: Improves the regex used for param serialisation to avoid edge-case mismatches. (#10736)
  • Resilient Value Parsing: Parses out header/config values instead of throwing on malformed input. (#10687)

... (truncated)

Changelog

Sourced from axios's changelog.

v1.15.2 - April 21, 2026

This release delivers prototype-pollution hardening for the Node HTTP adapter, adds an opt-in allowedSocketPaths allowlist to mitigate SSRF via Unix domain sockets, fixes a keep-alive socket memory leak, and ships supply-chain hardening across CI and security docs.

🔒 Security Fixes

  • Prototype Pollution Hardening (HTTP Adapter): Hardened the Node HTTP adapter and resolveConfig/mergeConfig/validator paths to read only own properties and use null-prototype config objects, preventing polluted auth, baseURL, socketPath, beforeRedirect, and insecureHTTPParser from influencing requests. (#10779)
  • SSRF via socketPath: Rejects non-string socketPath values and adds an opt-in allowedSocketPaths config option to restrict permitted Unix domain socket paths, returning AxiosError ERR_BAD_OPTION_VALUE on mismatch. (#10777)
  • Supply-chain Hardening: Added .npmrc with ignore-scripts=true, lockfile lint CI, non-blocking reproducible build diff, scoped CODEOWNERS, expanded SECURITY.md/THREATMODEL.md with provenance verification (npm audit signatures), 60-day resolution policy, and maintainer incident-response runbook. (#10776)

🚀 New Features

  • allowedSocketPaths Config Option: New request config option (and TypeScript types) to allowlist Unix domain socket paths used by the Node http adapter; backwards compatible when unset. (#10777)

🐛 Bug Fixes

  • Keep-alive Socket Memory Leak: Installs a single per-socket error listener tracking the active request via kAxiosSocketListener/kAxiosCurrentReq, eliminating per-request listener accumulation, MaxListenersExceededWarning, and linear heap growth under concurrent or long-running keep-alive workloads (fixes #10780). (#10788)

🔧 Maintenance & Chores

  • Changelog: Updated CHANGELOG.md with v1.15.1 release notes. (#10781)

Full Changelog

v1.15.1 - April 19, 2026

This release ships a coordinated set of security hardening fixes across headers, body/redirect limits, multipart handling, and XSRF/prototype-pollution vectors, alongside a broad sweep of bug fixes, test migrations, and threat-model documentation updates.

🔒 Security Fixes

  • Header Injection Hardening: Tightened validation and sanitisation across request header construction to close the header-injection attack surface. (#10749)

  • CRLF Stripping in Multipart Headers: Correctly strips CR/LF from multipart header values to prevent injection via field names and filenames. (#10758)

  • Prototype Pollution / Auth Bypass: Replaced unsafe in checks with hasOwnProperty to prevent authentication bypass via prototype pollution on config objects, with additional regression tests. (#10761, #10760)

  • withXSRFToken Truthy Bypass: Short-circuits on any truthy non-boolean value, so an ambiguous config no longer silently leaks the XSRF token cross-origin. (#10762)

  • maxBodyLength With Zero Redirects: Enforces maxBodyLength even when maxRedirects is set to 0, closing a bypass path for oversized request bodies. (#10753)

  • Streamed Response maxContentLength Bypass: Applies maxContentLength to streamed responses that previously bypassed the cap. (#10754)

  • Follow-up CVE Completion: Completes an earlier incomplete CVE fix to fully close the regression window. (#10755)

🚀 New Features

  • AI-Based Docs Translations: Initial scaffold for AI-assisted translations of the documentation site. (#10705)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for axios since your current version.

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Updates protobufjs from 7.3.2 to 7.5.5

Release notes

Sourced from protobufjs's releases.

v7.5.5

This release backports two reported security issues to 7.x branch.

  • fix: do not allow setting __proto__ in Message constructor (#2126)
  • fix: filter invalid characters from the type name (#2127)

Full Changelog: protobufjs/protobuf.js@protobufjs-v7.5.4...protobufjs-v7.5.5

protobufjs: v7.5.4

7.5.4 (2025-08-15)

Bug Fixes

protobufjs: v7.5.3

7.5.3 (2025-05-28)

Bug Fixes

  • descriptor extensions handling post-editions (#2075) (6e255d4)

protobufjs: v7.5.2

7.5.2 (2025-05-14)

Bug Fixes

protobufjs: v7.5.1

7.5.1 (2025-05-08)

Bug Fixes

  • optimize regressions from editions implementations (#2066) (6406d4c)
  • reserved field inside group blocks fail parsing (#2058) (56782bf)

protobufjs: v7.5.0

7.5.0 (2025-04-15)

Features

  • add Edition 2023 Support (f04ded3)
  • add Edition 2023 Support (ac9a3b9)

... (truncated)

Changelog

Sourced from protobufjs's changelog.

Changelog

8.0.3 (2026-04-27)

Bug Fixes

8.0.2 (2026-04-27)

Bug Fixes

8.0.1 (2026-03-11)

Bug Fixes

  • bump protobufjs dependency version for cli package (#2128) (549b05e)
  • correct json syntax in tsconfig.json (#2120) (8065625)
  • descriptor: guard oneof index for non-Type parents (#2122) (1cac5cf)
  • do not allow setting proto in Message constructor (#2126) (f05e3c3)
  • filter invalid characters from the type name (#2127) (535df44)

8.0.0 (2025-12-16)

⚠ BREAKING CHANGES

  • add Edition 2024 Support (#2060)

Features

7.5.4 (2025-08-15)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by fenster, a new releaser for protobufjs since your current version.


Updates uuid from 9.0.1 to 14.0.0

Release notes

Sourced from uuid's releases.

v14.0.0

14.0.0 (2026-04-19)

⚠ BREAKING CHANGES

  • expect crypto to be global everywhere (requires node@20+) (#935)
  • drop node@18 support (#934)

Features

Bug Fixes

  • expect crypto to be global everywhere (requires node@20+) (#935) (f2c235f)
  • Use GITHUB_TOKEN for release-please and enable npm provenance (#925) (ffa3138)

v13.0.2

13.0.2 (2026-05-04)

Bug Fixes

  • rerelease to fix provenance. (49ccb35)

v13.0.1

13.0.1 (2026-04-27)

Bug Fixes

v13.0.0

13.0.0 (2025-09-08)

⚠ BREAKING CHANGES

  • make browser exports the default (#901)

Bug Fixes

v12.0.1

12.0.1 (2026-04-29)

... (truncated)

Changelog

Sourced from uuid's changelog.

14.0.0 (2026-04-19)

Security

  • Fixes GHSA-w5hq-g745-h8pq: v3(), v5(), and v6() did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid offset was provided. A RangeError is now thrown if offset < 0 or offset + 16 > buf.length.

⚠ BREAKING CHANGES

  • crypto is now expected to be globally defined (requires node@20+) (#935)
  • drop node@18 support (#934)
  • upgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years

13.0.0 (2025-09-08)

⚠ BREAKING CHANGES

  • make browser exports the default (#901)

Bug Fixes

12.0.0 (2025-09-05)

⚠ BREAKING CHANGES

  • update to typescript@5.2 (#887)
  • remove CommonJS support (#886)
  • drop node@16 support (#883)

Features

Bug Fixes

11.1.0 (2025-02-19)

... (truncated)

Commits
  • 7c1ea08 chore(main): release 14.0.0 (#926)
  • 3d2c5b0 Merge commit from fork
  • f2c235f fix!: expect crypto to be global everywhere (requires node@20+) (#935)
  • 529ef08 chore: upgrade TypeScript and fixup types (#927)
  • 086fd79 chore: update dependencies (#933)
  • dc4ddb8 feat!: drop node@18 support (#934)
  • 0f1f9c9 chore: switch to Biome for parsing and linting (#932)
  • e2879e6 chore: use maintained version of npm-run-all (#930)
  • ffa3138 fix: Use GITHUB_TOKEN for release-please and enable npm provenance (#925)
  • 0423d49 docs: remove obsolete v1 option notes (#915)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for uuid since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.


Updates axios from 1.8.4 to 1.15.2

Release notes

Sourced from

@dependabot
Bump the npm_and_yarn group across 39 directories with 6 updates
b8054ad 
Bumps the npm_and_yarn group with 1 update in the /extensions/5devs directory: [uuid](https://github.com/uuidjs/uuid).
Bumps the npm_and_yarn group with 1 update in the /extensions/aegis directory: [protobufjs](https://github.com/protobufjs/protobuf.js).
Bumps the npm_and_yarn group with 1 update in the /extensions/anki directory: [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 1 update in the /extensions/authy directory: [protobufjs](https://github.com/protobufjs/protobuf.js).
Bumps the npm_and_yarn group with 2 updates in the /extensions/bmw directory: [uuid](https://github.com/uuidjs/uuid) and [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 2 updates in the /extensions/charged directory: [uuid](https://github.com/uuidjs/uuid) and [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 2 updates in the /extensions/chatgo directory: [uuid](https://github.com/uuidjs/uuid) and [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 1 update in the /extensions/clarify directory: [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 1 update in the /extensions/claude directory: [uuid](https://github.com/uuidjs/uuid).
Bumps the npm_and_yarn group with 1 update in the /extensions/clipyai directory: [uuid](https://github.com/uuidjs/uuid).
Bumps the npm_and_yarn group with 1 update in the /extensions/crisp directory: [@supabase/auth-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/auth-js).
Bumps the npm_and_yarn group with 1 update in the /extensions/cron directory: [uuid](https://github.com/uuidjs/uuid).
Bumps the npm_and_yarn group with 1 update in the /extensions/css-gg directory: [uuid](https://github.com/uuidjs/uuid).
Bumps the npm_and_yarn group with 1 update in the /extensions/dash directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).
Bumps the npm_and_yarn group with 1 update in the /extensions/domainr directory: [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 1 update in the /extensions/doutu directory: [uuid](https://github.com/uuidjs/uuid).
Bumps the npm_and_yarn group with 1 update in the /extensions/essay directory: [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 1 update in the /extensions/exif directory: [@xmldom/xmldom](https://github.com/xmldom/xmldom).
Bumps the npm_and_yarn group with 1 update in the /extensions/fhir directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).
Bumps the npm_and_yarn group with 1 update in the /extensions/forgejo directory: [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 1 update in the /extensions/fuelx directory: [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 1 update in the /extensions/gmail directory: [uuid](https://github.com/uuidjs/uuid).
Bumps the npm_and_yarn group with 1 update in the /extensions/grok-ai directory: [uuid](https://github.com/uuidjs/uuid).
Bumps the npm_and_yarn group with 1 update in the /extensions/harvest directory: [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 1 update in the /extensions/ihosts directory: [uuid](https://github.com/uuidjs/uuid).
Bumps the npm_and_yarn group with 1 update in the /extensions/klu-ai directory: [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 1 update in the /extensions/mail directory: [@xmldom/xmldom](https://github.com/xmldom/xmldom).
Bumps the npm_and_yarn group with 1 update in the /extensions/neon directory: [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 1 update in the /extensions/safari directory: [@xmldom/xmldom](https://github.com/xmldom/xmldom).
Bumps the npm_and_yarn group with 1 update in the /extensions/sm-ms directory: [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 1 update in the /extensions/snapask directory: [uuid](https://github.com/uuidjs/uuid).
Bumps the npm_and_yarn group with 1 update in the /extensions/spaces directory: [uuid](https://github.com/uuidjs/uuid).
Bumps the npm_and_yarn group with 1 update in the /extensions/surge directory: [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 1 update in the /extensions/svgo directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).
Bumps the npm_and_yarn group with 1 update in the /extensions/tower directory: [@xmldom/xmldom](https://github.com/xmldom/xmldom).
Bumps the npm_and_yarn group with 1 update in the /extensions/vault directory: [uuid](https://github.com/uuidjs/uuid).
Bumps the npm_and_yarn group with 1 update in the /extensions/xcode directory: [uuid](https://github.com/uuidjs/uuid).
Bumps the npm_and_yarn group with 1 update in the /extensions/youtube directory: [uuid](https://github.com/uuidjs/uuid).
Bumps the npm_and_yarn group with 1 update in the /extensions/zerion directory: [uuid](https://github.com/uuidjs/uuid).


Updates `uuid` from 10.0.0 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v10.0.0...v14.0.0)

Updates `protobufjs` from 7.3.2 to 7.5.5
- [Release notes](https://github.com/protobufjs/protobuf.js/releases)
- [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md)
- [Commits](protobufjs/protobuf.js@protobufjs-v7.3.2...protobufjs-v7.5.5)

Updates `axios` from 1.8.4 to 1.15.2
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.8.4...v1.15.2)

Updates `protobufjs` from 7.3.2 to 7.5.5
- [Release notes](https://github.com/protobufjs/protobuf.js/releases)
- [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md)
- [Commits](protobufjs/protobuf.js@protobufjs-v7.3.2...protobufjs-v7.5.5)

Updates `uuid` from 9.0.1 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v10.0.0...v14.0.0)

Updates `axios` from 1.8.4 to 1.15.2
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.8.4...v1.15.2)

Updates `uuid` from 9.0.0 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v10.0.0...v14.0.0)

Updates `axios` from 1.8.4 to 1.15.2
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.8.4...v1.15.2)

Updates `uuid` from 9.0.1 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v10.0.0...v14.0.0)

Updates `axios` from 1.10.0 to 1.15.2
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.8.4...v1.15.2)

Updates `axios` from 1.9.0 to 1.15.2
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.8.4...v1.15.2)

Updates `uuid` from 9.0.1 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v10.0.0...v14.0.0)

Updates `uuid` from 11.1.0 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v10.0.0...v14.0.0)

Updates `@supabase/auth-js` from 2.64.2 to 2.105.3
- [Release notes](https://github.com/supabase/supabase-js/releases)
- [Changelog](https://github.com/supabase/supabase-js/blob/develop/packages/core/auth-js/CHANGELOG.md)
- [Commits](https://github.com/supabase/supabase-js/commits/v2.105.3/packages/core/auth-js)

Updates `uuid` from 9.0.1 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v10.0.0...v14.0.0)

Updates `uuid` from 9.0.0 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v10.0.0...v14.0.0)

Updates `fast-xml-parser` from 3.20.3 to 5.7.0
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](NaturalIntelligence/fast-xml-parser@v3.20.3...v5.7.0)

Updates `axios` from 0.21.4 to 0.31.1
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.8.4...v1.15.2)

Updates `uuid` from 9.0.1 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v10.0.0...v14.0.0)

Updates `axios` from 1.10.0 to 1.15.2
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.8.4...v1.15.2)

Updates `@xmldom/xmldom` from 0.8.10 to 0.8.13
- [Release notes](https://github.com/xmldom/xmldom/releases)
- [Changelog](https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md)
- [Commits](xmldom/xmldom@0.8.10...0.8.13)

Updates `fast-xml-parser` from 5.2.5 to 5.7.0
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](NaturalIntelligence/fast-xml-parser@v3.20.3...v5.7.0)

Updates `axios` from 1.10.0 to 1.15.2
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.8.4...v1.15.2)

Updates `axios` from 1.11.0 to 1.16.0
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.8.4...v1.15.2)

Removes `uuid`

Updates `uuid` from 9.0.1 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v10.0.0...v14.0.0)

Updates `axios` from 0.23.0 to 0.31.1
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.8.4...v1.15.2)

Updates `uuid` from 8.3.2 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v10.0.0...v14.0.0)

Updates `axios` from 1.6.7 to 1.16.0
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.8.4...v1.15.2)

Updates `@xmldom/xmldom` from 0.8.10 to 0.8.13
- [Release notes](https://github.com/xmldom/xmldom/releases)
- [Changelog](https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md)
- [Commits](xmldom/xmldom@0.8.10...0.8.13)

Updates `axios` from 1.10.0 to 1.16.0
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.8.4...v1.15.2)

Updates `@xmldom/xmldom` from 0.8.10 to 0.8.13
- [Release notes](https://github.com/xmldom/xmldom/releases)
- [Changelog](https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md)
- [Commits](xmldom/xmldom@0.8.10...0.8.13)

Updates `axios` from 1.10.0 to 1.15.2
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.8.4...v1.15.2)

Removes `uuid`

Updates `uuid` from 8.3.2 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v10.0.0...v14.0.0)

Updates `axios` from 1.11.0 to 1.15.2
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.8.4...v1.15.2)

Removes `fast-xml-parser`

Updates `@xmldom/xmldom` from 0.8.10 to 0.8.13
- [Release notes](https://github.com/xmldom/xmldom/releases)
- [Changelog](https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md)
- [Commits](xmldom/xmldom@0.8.10...0.8.13)

Removes `uuid`

Updates `uuid` from 9.0.0 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v10.0.0...v14.0.0)

Updates `uuid` from 8.3.2 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v10.0.0...v14.0.0)

Updates `uuid` from 9.0.1 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v10.0.0...v14.0.0)

---
updated-dependencies:
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: protobufjs
  dependency-version: 7.5.5
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.15.2
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: protobufjs
  dependency-version: 7.5.5
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.15.2
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.15.2
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.15.2
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.15.2
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@supabase/auth-js"
  dependency-version: 2.105.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: fast-xml-parser
  dependency-version: 5.7.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 0.31.1
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.15.2
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@xmldom/xmldom"
  dependency-version: 0.8.13
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: fast-xml-parser
  dependency-version: 5.7.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.15.2
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.16.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 0.31.1
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.16.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@xmldom/xmldom"
  dependency-version: 0.8.13
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.16.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@xmldom/xmldom"
  dependency-version: 0.8.13
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.15.2
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.15.2
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: fast-xml-parser
  dependency-version: 
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@xmldom/xmldom"
  dependency-version: 0.8.13
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 5, 2026
@dependabot dependabot Bot mentioned this pull request May 5, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants