chore(deps): bump axios, zwave-js, @alcalzone/release-script, @alcalzone/release-script-plugin-iobroker and @iobroker/adapter-dev

[dependabot]

Bumps axios, zwave-js, @alcalzone/release-script, @alcalzone/release-script-plugin-iobroker and @iobroker/adapter-dev. These dependencies needed to be updated together.
Updates axios from 1.6.3 to 1.12.2

Release notes

Sourced from axios's releases.

Release v1.12.2

Release notes:

Bug Fixes

• fetch: use current global fetch instead of cached one when env fetch is not specified to keep MSW support; (#7030) (cf78825)

Contributors to this release

• Dmitriy Mozgovoy
• Noritaka Kobayashi

Release v1.12.1

Release notes:

Bug Fixes

• types: fixed env config types; (#7020) (b5f26b7)

Contributors to this release

• Dmitriy Mozgovoy

Release v1.12.0

Release notes:

Bug Fixes

• adding build artifacts (9ec86de)
• dont add dist on release (a2edc36)
• fetch-adapter: set correct Content-Type for Node FormData (#6998) (a9f47af)
• node: enforce maxContentLength for data: URLs (#7011) (945435f)
• package exports (#5627) (aa78ac2)
• params: removing '[' and ']' from URL encode exclude characters (#3316) (#5715) (6d84189)
• release pr run (fd7f404)
• types: change the type guard on isCancel (#5595) (0dbb7fd)

Features

• adapter: surface low‑level network error details; attach original error via cause (#6982) (78b290c)
• fetch: add fetch, Request, Response env config variables for the adapter; (#7003) (c959ff2)
• support reviver on JSON.parse (#5926) (2a97634), closes #5924
• types: extend AxiosResponse interface to include custom headers type (#6782) (7960d34)

Contributors to this release

• Willian Agostini
• Dmitriy Mozgovoy
• khani
• Ameer Assadi
• Emiedonmokumo Dick-Boro
• Zeroday BYTE

... (truncated)

Changelog

Sourced from axios's changelog.

1.12.2 (2025-09-14)

Bug Fixes

• fetch: use current global fetch instead of cached one when env fetch is not specified to keep MSW support; (#7030) (cf78825)

Contributors to this release

• Dmitriy Mozgovoy
• Noritaka Kobayashi

1.12.1 (2025-09-12)

Bug Fixes

• types: fixed env config types; (#7020) (b5f26b7)

Contributors to this release

• Dmitriy Mozgovoy

1.12.0 (2025-09-11)

Bug Fixes

• adding build artifacts (9ec86de)
• dont add dist on release (a2edc36)
• fetch-adapter: set correct Content-Type for Node FormData (#6998) (a9f47af)
• node: enforce maxContentLength for data: URLs (#7011) (945435f)
• package exports (#5627) (aa78ac2)
• params: removing '[' and ']' from URL encode exclude characters (#3316) (#5715) (6d84189)
• release pr run (fd7f404)
• types: change the type guard on isCancel (#5595) (0dbb7fd)

Features

• adapter: surface low‑level network error details; attach original error via cause (#6982) (78b290c)
• fetch: add fetch, Request, Response env config variables for the adapter; (#7003) (c959ff2)
• support reviver on JSON.parse (#5926) (2a97634), closes #5924
• types: extend AxiosResponse interface to include custom headers type (#6782) (7960d34)

Contributors to this release

• Willian Agostini
• Dmitriy Mozgovoy
• khani

... (truncated)

Commits

• e5a3336 chore(release): v1.12.2 (#7031)
• 38726c7 refactor: change if in else to else if (#7028)
• cf78825 fix(fetch): use current global fetch instead of cached one when env fetch is ...
• c26d00f refactor: remove redundant assignment (#7029)
• 9fb41a8 chore(ci): add local HTTP server for Karma tests; (#7022)
• 19f9f36 docs(readme): add custom fetch section; (#7024)
• 3cac78c chore(release): v1.12.1 (#7021)
• b5f26b7 fix(types): fixed env config types; (#7020)
• 0d8ad6e chore(release): v1.12.0 (#7013)
• fd7f404 fix: release pr run
• Additional commits viewable in compare view

Updates zwave-js from 10.23.6 to 15.14.0

Release notes

Sourced from zwave-js's releases.

Release v15.14.0

Features

• Support proxying Z-Wave traffic over the ESPHome protocol (#8093)

Bugfixes

• Fixed an issue where converting NVMs with unknown objects would fail due to unknown NVM section (#8095)
• Zniffer: improve support for parsing ZLF files created by the official Zniffer application (#8165)

Config file changes

• Add 800 series variant of Minoston MP22ZP (#8171)

Changes under the hood

• Implement utility to convert Zniffer traces to CSV (#8166)

Release v15.13.0

Features

• Support checking for all firmware updates at once, and support detecting devices unknown to the firmware update service (#8157)

Bugfixes

• Fixed an issue with migrating NVMs that contain a full list of supported CCs (#8140)
• After failing to leave bootloader, Z-Wave JS no longer keeps checking if the Serial API has started (#8133)
• Fixed an issue where the underlying serial stream (e.g. in the browser) could not be reused when destroying and recreating the driver instance (#8132)
• Stale Battery CC isLow values are now cleaned up on startup (#8092)

Config file changes

• Add Zooz ZEN75 (#7807)
• Bring Inovelli VZW32-SN up to date with latest firmware changes and restore parity with VZW31-SN (#8042)

Changes under the hood

• Add MCP powered prompt to scrape config files from manufacturer websites (#8099)

Release v15.12.0

Features

• Firmware updates that fail due to an XMODEM communication error are now retried automatically, reducing the risk to get stuck in bootloader until a new firmware is flashed (#8086)

Bugfixes

• Fixes an issue where the controller would indefinitely be considered as recovering from a jammed state, preventing commands from being re-transmitted (#8052)
• Fixed an issue where the key up event would be force-emitted too early on legacy devices that incorrectly report not to support the "slow refresh" capability (#8087)
• Canceling a "replace failed node" operation no longer prevents other inclusion/exclusion operations from being started (#8084)

Config file changes

• Add HomeSeer WS300 (#8074)

Release v15.11.0

Features

• Add support for defining Scene labels in config files (#7989)
• Disable SmartStart provisioning entries after 5 failed inclusion attempts (#8017)

Bugfixes

• Fixed an issue where Aeotec Z-Stick 5 would become unresponsive during NVM backup (#8047)

... (truncated)

Changelog

Sourced from zwave-js's changelog.

15.14.0 (2025-09-17)

Features

• Support proxying Z-Wave traffic over the ESPHome protocol (#8093)

Bugfixes

• Fixed an issue where converting NVMs with unknown objects would fail due to unknown NVM section (#8095)
• Zniffer: improve support for parsing ZLF files created by the official Zniffer application (#8165)

Config file changes

• Add 800 series variant of Minoston MP22ZP (#8171)

Changes under the hood

• Implement utility to convert Zniffer traces to CSV (#8166)

15.13.0 (2025-09-11)

Features

• Support checking for all firmware updates at once, and support detecting devices unknown to the firmware update service (#8157)

Bugfixes

• Fixed an issue with migrating NVMs that contain a full list of supported CCs (#8140)
• After failing to leave bootloader, Z-Wave JS no longer keeps checking if the Serial API has started (#8133)
• Fixed an issue where the underlying serial stream (e.g. in the browser) could not be reused when destroying and recreating the driver instance (#8132)
• Stale Battery CC isLow values are now cleaned up on startup (#8092)

Config file changes

• Add Zooz ZEN75 (#7807)
• Bring Inovelli VZW32-SN up to date with latest firmware changes and restore parity with VZW31-SN (#8042)

Changes under the hood

• Add MCP powered prompt to scrape config files from manufacturer websites (#8099)

15.12.0 (2025-08-19)

Features

• Firmware updates that fail due to an XMODEM communication error are now retried automatically, reducing the risk to get stuck in bootloader until a new firmware is flashed (#8086)

Bugfixes

• Fixes an issue where the controller would indefinitely be considered as recovering from a jammed state, preventing commands from being re-transmitted (#8052)
• Fixed an issue where the key up event would be force-emitted too early on legacy devices that incorrectly report not to support the "slow refresh" capability (#8087)
• Canceling a "replace failed node" operation no longer prevents other inclusion/exclusion operations from being started (#8084)

Config file changes

• Add HomeSeer WS300 (#8074)

15.11.0 (2025-08-11)

Features

• Add support for defining Scene labels in config files (#7989)
• Disable SmartStart provisioning entries after 5 failed inclusion attempts (#8017)

Bugfixes

• Fixed an issue where Aeotec Z-Stick 5 would become unresponsive during NVM backup (#8047)

... (truncated)

Commits

• 611914e chore: release v15.14.0
• f3a2f24 chore: update changelog
• 2b87a3e feat: add serial bindings for Z-Wave over ESPHome protocol (#8093)
• 8b51961 chore: update submodules
• 56f3aa7 feat(config): add 800 series variant of Minoston MP22ZP (#8171)
• 846a07c chore: rework tool usage for "author config from web" prompt (#8172)
• d3cf4d3 fix: preserve known NVM section when dumping NVM (#8095)
• 413bd38 chore: improve AI agent configuration (#8167)
• 3fd9f3c chore: implement utility to convert Zniffer traces to CSV (#8166)
• b355d57 fix(zniffer): parse multiple frames from ZLF, support attachments (#8165)
• Additional commits viewable in compare view

Updates @alcalzone/release-script from 3.5.9 to 3.8.0

Release notes

Sourced from @​alcalzone/release-script's releases.

Release v3.8.0

• git plugin: allow to skip push stage via noPush option

Release v3.7.3

• package plugin: Support monorepos managed with Yarn v4

Release v3.7.2

• iobroker plugin: Fixed issue in changelog cleanup routine introduced in 3.7.1

Release v3.7.1

• iobroker plugin: Detect more author names and @ mentions in the changelog

Release v3.7.0

• Added -lf option to run the lock file update with the --force flag
• Dependency upgrades

Release v3.6.0

• git plugin: Add the --tagOnly flag to only create a tag without pushing the commit to the release branch.

Changelog

Sourced from @​alcalzone/release-script's changelog.

3.8.0 (2024-07-23)

• git plugin: allow to skip push stage via noPush option

3.7.3 (2024-07-05)

• package plugin: Support monorepos managed with Yarn v4

3.7.2 (2024-06-24)

• iobroker plugin: Fixed issue in changelog cleanup routine introduced in 3.7.1

3.7.1 (2024-06-12)

• iobroker plugin: Detect more author names and @ mentions in the changelog

3.7.0 (2023-11-29)

• Added -lf option to run the lock file update with the --force flag
• Dependency upgrades

3.6.0 (2023-07-03)

• git plugin: Add the --tagOnly flag to only create a tag without pushing the commit to the release branch.

Commits

• 9a14f20 chore: release v3.8.0
• a0c7d17 feat: add option to skip pushing to remote (#172)
• 4da181d chore: release v3.7.3
• a4982dc fix: only set --all flag for Yarn 4
• aff2d0f fix: yarn v4 support for monorepos (#171)
• 0ce8359 chore: release v3.7.2
• 564ae9b fix: set unicode flag for author name regex (#170)
• 74822d4 chore: release v3.7.1
• 3c0c9fd Run workflows with node 20, dropped node 14 and 16 support (#169)
• ee8c4b4 build: bump tar from 6.1.11 to 6.2.1 (#167)
• Additional commits viewable in compare view

Updates @alcalzone/release-script-plugin-iobroker from 3.5.9 to 3.7.2

Release notes

Sourced from @​alcalzone/release-script-plugin-iobroker's releases.

Release v3.7.2

• iobroker plugin: Fixed issue in changelog cleanup routine introduced in 3.7.1

Release v3.7.1

• iobroker plugin: Detect more author names and @ mentions in the changelog

Release v3.7.0

• Added -lf option to run the lock file update with the --force flag
• Dependency upgrades

Release v3.6.0

• git plugin: Add the --tagOnly flag to only create a tag without pushing the commit to the release branch.

Changelog

Sourced from @​alcalzone/release-script-plugin-iobroker's changelog.

3.7.2 (2024-06-24)

• iobroker plugin: Fixed issue in changelog cleanup routine introduced in 3.7.1

3.7.1 (2024-06-12)

• iobroker plugin: Detect more author names and @ mentions in the changelog

3.7.0 (2023-11-29)

• Added -lf option to run the lock file update with the --force flag
• Dependency upgrades

3.6.0 (2023-07-03)

• git plugin: Add the --tagOnly flag to only create a tag without pushing the commit to the release branch.

Commits

• 0ce8359 chore: release v3.7.2
• 564ae9b fix: set unicode flag for author name regex (#170)
• 74822d4 chore: release v3.7.1
• 3c0c9fd Run workflows with node 20, dropped node 14 and 16 support (#169)
• ee8c4b4 build: bump tar from 6.1.11 to 6.2.1 (#167)
• 78a3509 build: bump @​babel/traverse from 7.17.3 to 7.24.1 (#163)
• c5f0fdb build: bump ip from 1.1.5 to 1.1.9 (#164)
• a7afb52 build: bump follow-redirects from 1.15.4 to 1.15.6 (#166)
• 0ad727c build: bump follow-redirects from 1.15.3 to 1.15.4 (#157)
• fe5aa0d fix: match non-ASCII author names and @ (#161)
• Additional commits viewable in compare view

Updates @iobroker/adapter-dev from 1.2.0 to 1.5.0

Release notes

Sourced from @​iobroker/adapter-dev's releases.

Release v1.5.0

• (@Apollon77/@​copilot) Add DeepL API support for higher quality translations. Set DEEPL_API_KEY environment variable to use DeepL as the preferred translation service. DeepL is prioritized over Google Translate when available.
• (@Apollon77/@​copilot) Add remove-translations (rt) and remove-key (rk) commands for translation management. New commands allow removing translation keys from language files efficiently
• (@Apollon77/@​copilot) Enhanced translation error messages for empty string keys with clearer error context and actionable guidance
• (@Apollon77/@​copilot) Add --rebuild option to translate command for complete regeneration of translation files
• (@Apollon77/@​copilot) Detect and preserve original indentation in JSON files during translation. Files using tab indentation or different space amounts are now preserved correctly instead of being converted to 4-space indentation.
• (@Apollon77/@​copilot) Sort JSON keys alphabetically in all generated translation files
• (@Apollon77/@​copilot) ESM support for TypeScript build format option. The --typescriptFormat option now accepts both cjs (CommonJS) and esm (ES modules) formats
• (@Apollon77/@​copilot) Enhanced handling of rate limits for translations and persist as much progress as possible.

Release v1.4.0

• (ticaki) rimraf replaced by by internal tool.
• (hombach) change year to 2025
• (hombach) Fix two vulnerabilities
• (hombach) Bump dev dependencies
• (hombach) add tests for node.js 22, remove node 16 tests
• (@​GermanBluefox) Added convert command to convert old i18n structure to new one
• (@​GermanBluefox) Packages were updated
• (@​UncleSamSwiss) Change default path for translation JSON files to admin/i18n/en.json; the old path is still supported for existing repositories

Release v1.3.0

• (kleinOr/Apollon77) Detects and keeps space indentation of io-package
• (Steiger04) Fix handling of dot keys for esbuild
• (Steiger04) Update esbuild and adjust watch mode
• (Steiger04) process.env.NODE_ENV is now also available server side

Commits

• 794bbcb chore: release v1.5.0
• ee70cbb prepare release
• 21def91 Add DeepL API support for higher quality translations (#367)
• 7b36516 Stop translation attempts when rate-limited by Google Translate API and prese...
• bc33748 changelog
• f664fea Add remove-translations and remove-key commands for translation management (#...
• e7568f6 Enhance translation error messages for empty string keys (#365)
• b16a67f Migrate to ESLint 9 and @​iobroker/eslint-config (#363)
• 6830f1e Add --rebuild option to translate command for complete regeneration of transl...
• 4e80716 Detect and preserve original indentation in JSON files during translation (#356)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[dependabot]

Superseded by #1112.