chore(deps)(deps): bump the transitive group across 1 directory with 28 updates by dependabot[bot] · Pull Request #850 · OriginTrail/dkg

dependabot · 2026-05-31T23:39:05Z

Bumps the transitive group with 28 updates in the / directory:

Package	From	To
@libp2p/peer-id	`6.0.9`	`6.0.11`
js-yaml	`4.1.1`	`4.2.0`
@libp2p/autonat	`3.0.20`	`3.0.22`
@libp2p/bootstrap	`12.0.22`	`12.0.25`
@libp2p/circuit-relay-v2	`4.2.5`	`4.2.7`
@libp2p/crypto	`5.1.18`	`5.1.20`
@libp2p/dcutr	`3.0.20`	`3.0.22`
@libp2p/identify	`4.1.6`	`4.1.8`
@libp2p/interface	`3.2.2`	`3.2.4`
@libp2p/kad-dht	`16.2.7`	`16.3.3`
@libp2p/mdns	`12.0.22`	`12.0.25`
@libp2p/ping	`3.1.5`	`3.1.7`
@libp2p/tcp	`11.0.20`	`11.0.22`
@libp2p/websockets	`10.1.13`	`10.1.15`
libp2p	`3.3.1`	`3.3.4`
protobufjs	`8.3.0`	`8.6.3`
ajv	`8.18.0`	`8.20.0`
@openzeppelin/contracts	`5.4.0`	`5.6.1`
force-graph	`1.51.1`	`1.51.4`
oxigraph	`0.5.5`	`0.5.8`
@modelcontextprotocol/sdk	`1.27.1`	`1.29.0`
yaml	`2.8.3`	`2.9.0`
react	`19.2.4`	`19.2.7`
react-dom	`19.2.4`	`19.2.7`
@openuidev/react-lang	`0.2.3`	`0.2.6`
lucide-react	`1.14.0`	`1.18.0`
shiki	`4.0.2`	`4.2.0`
zustand	`5.0.12`	`5.0.14`

Updates @libp2p/peer-id from 6.0.9 to 6.0.11

Release notes

Sourced from @libp2p/peer-id's releases.

peer-id: v6.0.11

6.0.11 (2026-06-13)

Dependencies

The following workspace dependencies were updated

dependencies

@libp2p/crypto bumped from ^5.1.19 to ^5.1.20

@libp2p/interface bumped from ^3.2.3 to ^3.2.4

peer-id: v6.0.10

6.0.10 (2026-05-30)

Dependencies

upgrade multiformats to 14 and multiaddr to 13.0.3 (#3526) (5b8813a)

upgrade to aegir v48 (#3495) (29797a5)

The following workspace dependencies were updated

dependencies

@libp2p/crypto bumped from ^5.1.18 to ^5.1.19

@libp2p/interface bumped from ^3.2.2 to ^3.2.3

Commits

851395e chore: release main (#3353)
977a3c5 fix: log formatting
8a5bab0 chore: release main (#3352)
e2bdc7e chore: downgrade dep
10d54c1 deps: bump @types/sinon from 17.0.4 to 20.0.0 (#3349)
d02bb8f chore: bump which from 5.0.0 to 6.0.0 (#3348)
ea43a57 deps: bump delay from 6.0.0 to 7.0.0 (#3345)
8cebf63 fix: log aggregate errors recursively
See full diff in compare view

Updates js-yaml from 4.1.1 to 4.2.0

Changelog

Sourced from js-yaml's changelog.

[4.2.0] - 2026-06-01

Added

Added docs/safety.md with notes about processing untrusted YAML.

Added maxDepth (100) loader option. Not a problem, but gives a better exception instead of RangeError on stack overflow.

Added maxMergeSeqLength (20) loader option. Not a problem after merge fix, but an additional restriction for safety.

Added sourcemaps to dist/ builds.

Changed

Stop resolving numbers with underscores as numeric scalars, #627.

Switched dev toolchains to Vite / neostandard.

Updated demo.

Reorganized tests.

dist/ files are no longer kept in the repository.

Fixed

Fix parsing of properties on the first implicit block mapping key, #62.

Fix trailing whitespace handling when folding flow scalar lines, #307.

Reject top-level block scalars without content indentation, #280.

Ensure numbers survive round-trip, #737.

Fix test coverage for issue #221.

Fix flow scalar trailing whitespace folding, #307.

Fix digits in YAML named tag handles.

Security

Fix potential DoS via quadratic complexity in merge - deduplicate repeated elements (makes sense for malformed files > 10K).

[3.14.2] - 2025-11-15

Security

Backported v4.1.1 fix to v3

Commits

See full diff in compare view

Updates @libp2p/autonat from 3.0.20 to 3.0.22

Release notes

Sourced from @libp2p/autonat's releases.

dcutr: v3.0.22

3.0.22 (2026-06-13)

Dependencies

update uint8array related deps (#3542) (54ec417)

The following workspace dependencies were updated

dependencies

@libp2p/interface bumped from ^3.2.3 to ^3.2.4

@libp2p/interface-internal bumped from ^3.1.6 to ^3.1.7

@libp2p/utils bumped from ^7.2.2 to ^7.2.3

autonat: v3.0.22

3.0.22 (2026-06-13)

Dependencies

update uint8array related deps (#3542) (54ec417)

The following workspace dependencies were updated

dependencies

@libp2p/interface bumped from ^3.2.3 to ^3.2.4

@libp2p/interface-internal bumped from ^3.1.6 to ^3.1.7

@libp2p/peer-collections bumped from ^7.0.21 to ^7.0.22

@libp2p/peer-id bumped from ^6.0.10 to ^6.0.11

@libp2p/utils bumped from ^7.2.2 to ^7.2.3

devDependencies

@libp2p/crypto bumped from ^5.1.19 to ^5.1.20

@libp2p/logger bumped from ^6.2.8 to ^6.2.9

plaintext: v3.0.22

3.0.22 (2026-06-13)

Dependencies

update uint8array related deps (#3542) (54ec417)

The following workspace dependencies were updated

dependencies

@libp2p/crypto bumped from ^5.1.19 to ^5.1.20

@libp2p/interface bumped from ^3.2.3 to ^3.2.4

@libp2p/peer-id bumped from ^6.0.10 to ^6.0.11

@libp2p/utils bumped from ^7.2.2 to ^7.2.3

devDependencies

@libp2p/crypto bumped from ^5.1.19 to ^5.1.20

@libp2p/logger bumped from ^6.2.8 to ^6.2.9

dcutr: v3.0.21

3.0.21 (2026-05-30)

... (truncated)

Commits

2374e7d chore: release main (#2506)
de3f7ae fix: WebTransport stream now extends abstract stream (#2514)
c824323 fix: support validating asymmetric addresses (#2515)
3d7a9da feat: add cuckoo filter (#2510)
3bc94b4 fix: begin routing table refresh after routing table has started (#2511)
9e9a32b fix: return self in FIND_NODE for self (#2512)
4afd7a9 feat: add peer filter (#2508)
e1923b0 feat: add bloom filter (#2507)
998fcaf feat: add random walk component (#2501)
90cfd25 deps: bump node-datachannel from 0.7.0 to 0.8.0 (#2504)
Additional commits viewable in compare view

Updates @libp2p/bootstrap from 12.0.22 to 12.0.25

Release notes

Sourced from @libp2p/bootstrap's releases.

mplex: v12.0.25

12.0.25 (2026-06-13)

Bug Fixes

use getRandomValues from WebCrypto (#3540) (404c782)

Dependencies

update uint8array related deps (#3542) (54ec417)

The following workspace dependencies were updated

dependencies

@libp2p/interface bumped from ^3.2.3 to ^3.2.4

@libp2p/utils bumped from ^7.2.2 to ^7.2.3

devDependencies

@libp2p/interface-compliance-tests bumped from ^7.0.24 to ^7.0.25

@libp2p/logger bumped from ^6.2.8 to ^6.2.9

Commits

0109b50 chore: release main (#3543)
5e07d59 docs(kad-dht): correct the alpha option default in the JSDoc (#3541)
404c782 fix: use getRandomValues from WebCrypto (#3540)
54ec417 deps: update uint8array related deps (#3542)
88b0ecb chore: release main (#3533)
7ae12f9 fix(gossipsub): remove closed outbound streams from the registry (#3531)
a34745c chore: remove @types/node from gossipsub (#3532)
7550173 refactor(kad-dht): only check dialability for closer peers (#3528)
17557e8 chore: release main (#3524)
160a245 fix(utils): abort message stream when sendData throws during drain flush (#3527)
Additional commits viewable in compare view

Updates @libp2p/circuit-relay-v2 from 4.2.5 to 4.2.7

Commits

0109b50 chore: release main (#3543)
5e07d59 docs(kad-dht): correct the alpha option default in the JSDoc (#3541)
404c782 fix: use getRandomValues from WebCrypto (#3540)
54ec417 deps: update uint8array related deps (#3542)
88b0ecb chore: release main (#3533)
7ae12f9 fix(gossipsub): remove closed outbound streams from the registry (#3531)
a34745c chore: remove @types/node from gossipsub (#3532)
7550173 refactor(kad-dht): only check dialability for closer peers (#3528)
17557e8 chore: release main (#3524)
160a245 fix(utils): abort message stream when sendData throws during drain flush (#3527)
Additional commits viewable in compare view

Updates @libp2p/crypto from 5.1.18 to 5.1.20

Release notes

Sourced from @libp2p/crypto's releases.

crypto: v5.1.20

5.1.20 (2026-06-13)

Bug Fixes

use getRandomValues from WebCrypto (#3540) (404c782)

Dependencies

update uint8array related deps (#3542) (54ec417)

The following workspace dependencies were updated

dependencies

@libp2p/interface bumped from ^3.2.3 to ^3.2.4

Commits

0109b50 chore: release main (#3543)
5e07d59 docs(kad-dht): correct the alpha option default in the JSDoc (#3541)
404c782 fix: use getRandomValues from WebCrypto (#3540)
54ec417 deps: update uint8array related deps (#3542)
88b0ecb chore: release main (#3533)
7ae12f9 fix(gossipsub): remove closed outbound streams from the registry (#3531)
a34745c chore: remove @types/node from gossipsub (#3532)
7550173 refactor(kad-dht): only check dialability for closer peers (#3528)
17557e8 chore: release main (#3524)
160a245 fix(utils): abort message stream when sendData throws during drain flush (#3527)
Additional commits viewable in compare view

Updates @libp2p/dcutr from 3.0.20 to 3.0.22

Release notes

Sourced from @libp2p/dcutr's releases.

dcutr: v3.0.22

3.0.22 (2026-06-13)

Dependencies

update uint8array related deps (#3542) (54ec417)

The following workspace dependencies were updated

dependencies

@libp2p/interface bumped from ^3.2.3 to ^3.2.4

@libp2p/interface-internal bumped from ^3.1.6 to ^3.1.7

@libp2p/utils bumped from ^7.2.2 to ^7.2.3

autonat: v3.0.22

3.0.22 (2026-06-13)

Dependencies

update uint8array related deps (#3542) (54ec417)

The following workspace dependencies were updated

dependencies

@libp2p/interface bumped from ^3.2.3 to ^3.2.4

@libp2p/interface-internal bumped from ^3.1.6 to ^3.1.7

@libp2p/peer-collections bumped from ^7.0.21 to ^7.0.22

@libp2p/peer-id bumped from ^6.0.10 to ^6.0.11

@libp2p/utils bumped from ^7.2.2 to ^7.2.3

devDependencies

@libp2p/crypto bumped from ^5.1.19 to ^5.1.20

@libp2p/logger bumped from ^6.2.8 to ^6.2.9

plaintext: v3.0.22

3.0.22 (2026-06-13)

Dependencies

update uint8array related deps (#3542) (54ec417)

The following workspace dependencies were updated

dependencies

@libp2p/crypto bumped from ^5.1.19 to ^5.1.20

@libp2p/interface bumped from ^3.2.3 to ^3.2.4

@libp2p/peer-id bumped from ^6.0.10 to ^6.0.11

@libp2p/utils bumped from ^7.2.2 to ^7.2.3

devDependencies

@libp2p/crypto bumped from ^5.1.19 to ^5.1.20

@libp2p/logger bumped from ^6.2.8 to ^6.2.9

dcutr: v3.0.21

3.0.21 (2026-05-30)

... (truncated)

Commits

2374e7d chore: release main (#2506)
de3f7ae fix: WebTransport stream now extends abstract stream (#2514)
c824323 fix: support validating asymmetric addresses (#2515)
3d7a9da feat: add cuckoo filter (#2510)
3bc94b4 fix: begin routing table refresh after routing table has started (#2511)
9e9a32b fix: return self in FIND_NODE for self (#2512)
4afd7a9 feat: add peer filter (#2508)
e1923b0 feat: add bloom filter (#2507)
998fcaf feat: add random walk component (#2501)
90cfd25 deps: bump node-datachannel from 0.7.0 to 0.8.0 (#2504)
Additional commits viewable in compare view

Updates @libp2p/identify from 4.1.6 to 4.1.8

Release notes

Sourced from @libp2p/identify's releases.

identify: v4.1.8

4.1.8 (2026-06-13)

Dependencies

update uint8array related deps (#3542) (54ec417)

The following workspace dependencies were updated

dependencies

@libp2p/crypto bumped from ^5.1.19 to ^5.1.20

@libp2p/interface bumped from ^3.2.3 to ^3.2.4

@libp2p/interface-internal bumped from ^3.1.6 to ^3.1.7

@libp2p/peer-id bumped from ^6.0.10 to ^6.0.11

@libp2p/peer-record bumped from ^9.0.11 to ^9.0.12

@libp2p/utils bumped from ^7.2.2 to ^7.2.3

devDependencies

@libp2p/logger bumped from ^6.2.8 to ^6.2.9

fetch: v4.1.7

4.1.7 (2026-06-13)

Dependencies

update uint8array related deps (#3542) (54ec417)

The following workspace dependencies were updated

dependencies

@libp2p/interface bumped from ^3.2.3 to ^3.2.4

@libp2p/interface-internal bumped from ^3.1.6 to ^3.1.7

@libp2p/utils bumped from ^7.2.2 to ^7.2.3

devDependencies

@libp2p/crypto bumped from ^5.1.19 to ^5.1.20

@libp2p/peer-id bumped from ^6.0.10 to ^6.0.11

identify: v4.1.7

4.1.7 (2026-05-30)

Dependencies

upgrade multiformats to 14 and multiaddr to 13.0.3 (#3526) (5b8813a)

upgrade to aegir v48 (#3495) (29797a5)

The following workspace dependencies were updated

dependencies

@libp2p/crypto bumped from ^5.1.18 to ^5.1.19

@libp2p/interface bumped from ^3.2.2 to ^3.2.3

@libp2p/interface-internal bumped from ^3.1.5 to ^3.1.6

@libp2p/peer-id bumped from ^6.0.9 to ^6.0.10

@libp2p/peer-record bumped from ^9.0.10 to ^9.0.11

@libp2p/utils bumped from ^7.2.1 to ^7.2.2

... (truncated)

Commits

fd4aea3 chore: release main (#2641)
f30e2ee fix: replace debug with weald to remove CJS deps (#2648)
944935f deps: bump aegir from 43.0.3 to 44.0.1 (#2603)
4c75575 chore: release main (#2619)
a8ec2bc docs: typo in protocol fetch (#2638)
a82ff82 fix: add ipv6Check regex for private address (#2624)
34cf1f7 fix: increase default cuckoo filter fingerprint size (#2636)
aa5528f deps: bump node-datachannel from 0.10.1 to 0.11.0 (#2635)
8b31142 ci: bump codecov/codecov-action from 4.4.1 to 4.5.0 (#2632)
9e92b0c fix: increase WebRTC max datachannel message size (#2627)
Additional commits viewable in compare view

Updates @libp2p/interface from 3.2.2 to 3.2.4

Release notes

Sourced from @libp2p/interface's releases.

interface: v3.2.4

3.2.4 (2026-06-13)

Dependencies

update uint8array related deps (#3542) (54ec417)

interface: v3.2.3

3.2.3 (2026-05-30)

Dependencies

upgrade multiformats to 14 and multiaddr to 13.0.3 (#3526) (5b8813a)

upgrade to aegir v48 (#3495) (29797a5)

Commits

5c1e8cc chore: release main (#3482)
d1ab982 fix(gossipsub): use monotonic seqnos (#3487)
3a5e46e fix: emit self:peer:update on observed address removal (#3483)
10b2bdf deps: update node-datachannel to 0.32.x (#3481)
2a19115 chore: release main (#3474)
baf3ddb chore: use random bytes for echo (#3477)
61d594a fix(autonat-v2): spurious exceptions (#3400)
d57fe74 feat(utils): add tryGetNetConfig helper (#3471)
5466a8d feat: export TLS utils (#3476)
cbfda2c feat: add isKeychain function (#3473)
Additional commits viewable in compare view

Updates @libp2p/kad-dht from 16.2.7 to 16.3.3

Release notes

Sourced from @libp2p/kad-dht's releases.

kad-dht: v16.3.3

16.3.3 (2026-06-13)

Bug Fixes

use getRandomValues from WebCrypto (#3540) (404c782)

Documentation

kad-dht: correct the alpha option default in the JSDoc (#3541) (5e07d59)

Dependencies

update uint8array related deps (#3542) (54ec417)

The following workspace dependencies were updated

dependencies

@libp2p/crypto bumped from ^5.1.19 to ^5.1.20

@libp2p/interface bumped from ^3.2.3 to ^3.2.4

@libp2p/interface-internal bumped from ^3.1.6 to ^3.1.7

@libp2p/peer-collections bumped from ^7.0.21 to ^7.0.22

@libp2p/peer-id bumped from ^6.0.10 to ^6.0.11

@libp2p/ping bumped from ^3.1.6 to ^3.1.7

@libp2p/record bumped from ^4.0.13 to ^4.0.14

@libp2p/utils bumped from ^7.2.2 to ^7.2.3

devDependencies

@libp2p/logger bumped from ^6.2.8 to ^6.2.9

@libp2p/peer-store bumped from ^12.0.21 to ^12.0.22

kad-dht: v16.3.2

16.3.2 (2026-06-06)

Refactors

kad-dht: only check dialability for closer peers (#3528) (7550173)

kad-dht: v16.3.1

16.3.1 (2026-05-30)

Dependencies

upgrade multiformats to 14 and multiaddr to 13.0.3 (#3526) (5b8813a)

upgrade to aegir v48 (#3495) (29797a5)

The following workspace dependencies were updated

dependencies

@libp2p/crypto bumped from ^5.1.18 to ^5.1.19

... (truncated)

Commits

0109b50 chore: release main (#3543)
5e07d59 docs(kad-dht): correct the alpha option default in the JSDoc (#3541)
404c782 fix: use getRandomValues from WebCrypto (#3540)
54ec417 deps: update uint8array related deps (#3542)
88b0ecb chore: release main (#3533)
7ae12f9 fix(gossipsub): remove closed outbound streams from the registry (#3531)
a34745c chore: remove @types/node from gossipsub (#3532)
7550173 refactor(kad-dht): only check dialability for closer peers (#3528)
17557e8 chore: release main (#3524)
160a245 fix(utils): abort message stream when sendData throws during drain flush (#3527)
Additional commits viewable in compare view

Updates @libp2p/mdns from 12.0.22 to 12.0.25

Release notes

Sourced from @libp2p/mdns's releases.

mplex: v12.0.25

12.0.25 (2026-06-13)

Bug Fixes

use getRandomValues from WebCrypto (#3540) (404c782)

Dependencies

update uint8array related deps (#3542) (54ec417)

The following workspace dependencies were updated

dependencies

@libp2p/interface bumped from ^3.2.3 to ^3.2.4

@libp2p/utils bumped from ^7.2.2 to ^7.2.3

devDependencies

@libp2p/interface-compliance-tests bumped from ^7.0.24 to ^7.0.25

@libp2p/logger bumped from ^6.2.8 to ^6.2.9

Commits

0109b50 chore: release main (#3543)
5e07d59 docs(kad-dht): correct the alpha option default in the JSDoc (#3541)
404c782 fix: use getRandomValues from WebCrypto (#3540)
54ec417 deps: update uint8array related deps (#3542)
88b0ecb chore: release main (#3533)
7ae12f9 fix(gossipsub): remove closed outbound streams from the registry (#3531)
a34745c chore: remove @types/node from gossipsub (#3532)
7550173 refactor(kad-dht): only check dialability for closer peers (#3528)
17557e8 chore: release main (#3524)
160a245 fix(utils): abort message stream when sendData throws during drain flush (#3527)
Additional commits viewable in compare view

Updates @libp2p/ping from 3.1.5 to 3.1.7

Release notes

Sourced from @libp2p/ping's releases.

ping: v3.1.7

3.1.7 (2026-06-13)

Bug Fixes

use getRandomValues from WebCrypto (#3540) (404c782)

Dependencies

update uint8array related deps (#3542) (54ec417)

The following workspace dependencies were updated

dependencies

@libp2p/interface bumped from ^3.2.3 to ^3.2.4

@libp2p/interface-internal bumped from ^3.1.6 to ^3.1.7

devDependencies

@libp2p/crypto bumped from ^5.1.19 to ^5.1.20

@libp2p/peer-id bumped from ^6.0.10 to ^6.0.11

@libp2p/utils bumped from ^7.2.2 to ^7.2.3

echo: v3.1.7

3.1.7 (2026-06-13)

Dependencies

update uint8array related deps (#3542) (54ec417)

The following workspace dependencies were updated

dependencies

@libp2p/interface bumped from ^3.2.3 to ^3.2.4

@libp2p/interface-internal bumped from ^3.1.6 to ^3.1.7

@libp2p/utils bumped from ^7.2.2 to ^7.2.3

interface-internal: v3.1.7

3.1.7 (2026-06-13)

Dependencies

The following workspace dependencies were updated

dependencies

@libp2p/interface bumped from ^3.2.3 to ^3.2.4

@libp2p/peer-collections bumped from ^7.0.21 to ^7.0.22

ping: v3.1.6

3.1.6 (2026-05-30)

Dependencies

... (truncated)

Commits

0109b50 chore: release main (#3543)
5e07d59 docs(kad-dht): correct the alpha option default in the JSDoc (#3541)
404c782 fix: use getRandomValues from WebCrypto (#3540)
54ec417 deps: update uint8array related deps (#3542)
88b0ecb chore: release main (#3533)
7ae12f9 fix(gossipsub): remove closed outbound streams from the registry (#3531)
a34745c chore: remove @types/node from gossipsub (#3532)
7550173 refactor(kad-dht): only check dialability for closer peers (#3528)
17557e8 chore: release main (#3524)
160a245 fix(utils): abort message stream when sendData throws during drain flush (#3527)
Additional commits viewable in compare view

Updates @libp2p/tcp from 11.0.20 to 11.0.22

Release notes

Sourced from @libp2p/tcp's releases.

tcp: v11.0.22

11.0.22 (2026-06-13)

Dependencies

update uint8array related deps (#3542) (54ec417)

The following workspace dependencies were updated

dependencies

@libp2p/interface bumped from ^3.2.3 to ^3.2.4

@libp2p/utils bumped from ^7.2.2 to ^7.2.3

devDependencies

@libp2p/logger bumped from ^6.2.8 to ^6.2.9

tcp: v11.0.21

11.0.21 (2026-05-30)

Dependencies

upgrade multiformats to 14 and multiaddr to 13.0.3 (#3526) (5b8813a)

upgrade to aegir v48 (#3495) (29797a5)

The following workspace dependencies were updated

dependencies

@libp2p/interface bumped from ^3.2.2 to ^3.2.3

@libp2p/utils bumped from ^7.2.1 to ^7.2.2

devDependencies

@libp2p/logger bumped from ^6.2.7 to ^6.2.8

Commits

0109b50 chore: release main (#3543)
5e07d59 docs(kad-dht): correct the alpha option default in the JSDoc (#3541)
404c782 fix: use getRandomValues from WebCrypto (#3540)
54ec417 deps: update uint8array related deps (#3542)
88b0ecb chore: release main (#3533)
7ae12f9 fix(gossipsub): remove closed outbound streams from the registry (#3531)
a34745c chore: remove @types/node from gossipsub (#3532)
7550173 refactor(kad-dht): only check dialability for closer peers (#3528)
17557e8 chore: release main (#3524)
160a245 fix(utils): abort message stream when sendData throws during drain flush (#3527)
Additional commits viewable in compare view

Updates @libp2p/websockets from 10.1.13 to 10.1.15

Release notes

Sourced from @libp2p/websockets's releases.

websockets: v10.1.15

10.1.15 (2026-06-13)

Dependencies

update uint8array related deps (#3542) (54ec417)

The following workspace dependencies were updated

dependencies

@libp2p/interface bumped from ^3.2.3 to ^3.2.4

@libp2p/utils bumped from ^7.2.2 to ^7.2.3

devDependencies

@libp2p/logger bumped from ^6.2.8 to ^6.2.9

websockets: v10.1.14

10.1.14 (2026-05-30)

Dependencies

upgrade multiformats to 14 and multiaddr to 13.0.3 (#3526) (5b8813a)

upgrade to aegir v48 (#3495) (29797a5)

The following workspace dependencies were updated

dependencies

@libp2p/interface bumped from ^3.2.2 to ^3.2.3

@libp2p/utils bumped from ^7.2.1 to ^7.2.2

devDependencies

@libp2p/logger bumped from ^6.2.7 to ^6.2.8

Commits

c142feb chore: release main (#3183)
6c42ea6 fix: update multiaddr (#3184)
ae595d8 fix: return closest known peers, even if they are not closer (#3182)
748f962 chore: release main (#3147)
8e87be9 fix: detect Ed25519 support in WebCrypto (#3100)
bb4ad31 chore: disable interop testing against nim-libp2p (#3171)
cc7b34c fix: deduplicate typed event target (#3170)
b8600fc fix: finalize peerstore lock after use (#3168)
8499ef4 fix: remove provider lock (#3169)
6a3ae02 fix: add time out to incoming KAD streams (#3167)
Additional commits...
Description has been truncated

dependabot · 2026-05-31T23:39:06Z

Labels

The following labels could not be found: dependencies, npm, security. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

…28 updates Bumps the transitive group with 28 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@libp2p/peer-id](https://github.com/libp2p/js-libp2p) | `6.0.9` | `6.0.11` | | [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.1` | `4.2.0` | | [@libp2p/autonat](https://github.com/libp2p/js-libp2p) | `3.0.20` | `3.0.22` | | [@libp2p/bootstrap](https://github.com/libp2p/js-libp2p) | `12.0.22` | `12.0.25` | | [@libp2p/circuit-relay-v2](https://github.com/libp2p/js-libp2p) | `4.2.5` | `4.2.7` | | [@libp2p/crypto](https://github.com/libp2p/js-libp2p) | `5.1.18` | `5.1.20` | | [@libp2p/dcutr](https://github.com/libp2p/js-libp2p) | `3.0.20` | `3.0.22` | | [@libp2p/identify](https://github.com/libp2p/js-libp2p) | `4.1.6` | `4.1.8` | | [@libp2p/interface](https://github.com/libp2p/js-libp2p) | `3.2.2` | `3.2.4` | | [@libp2p/kad-dht](https://github.com/libp2p/js-libp2p) | `16.2.7` | `16.3.3` | | [@libp2p/mdns](https://github.com/libp2p/js-libp2p) | `12.0.22` | `12.0.25` | | [@libp2p/ping](https://github.com/libp2p/js-libp2p) | `3.1.5` | `3.1.7` | | [@libp2p/tcp](https://github.com/libp2p/js-libp2p) | `11.0.20` | `11.0.22` | | [@libp2p/websockets](https://github.com/libp2p/js-libp2p) | `10.1.13` | `10.1.15` | | [libp2p](https://github.com/libp2p/js-libp2p) | `3.3.1` | `3.3.4` | | [protobufjs](https://github.com/protobufjs/protobuf.js) | `8.3.0` | `8.6.3` | | [ajv](https://github.com/ajv-validator/ajv) | `8.18.0` | `8.20.0` | | [@openzeppelin/contracts](https://github.com/OpenZeppelin/openzeppelin-contracts) | `5.4.0` | `5.6.1` | | [force-graph](https://github.com/vasturiano/force-graph) | `1.51.1` | `1.51.4` | | [oxigraph](https://github.com/oxigraph/oxigraph/tree/HEAD/js) | `0.5.5` | `0.5.8` | | [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.27.1` | `1.29.0` | | [yaml](https://github.com/eemeli/yaml) | `2.8.3` | `2.9.0` | | [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.4` | `19.2.7` | | [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.4` | `19.2.7` | | [@openuidev/react-lang](https://github.com/thesysdev/openui/tree/HEAD/packages/react-lang) | `0.2.3` | `0.2.6` | | [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.14.0` | `1.18.0` | | [shiki](https://github.com/shikijs/shiki/tree/HEAD/packages/shiki) | `4.0.2` | `4.2.0` | | [zustand](https://github.com/pmndrs/zustand) | `5.0.12` | `5.0.14` | Updates `@libp2p/peer-id` from 6.0.9 to 6.0.11 - [Release notes](https://github.com/libp2p/js-libp2p/releases) - [Commits](libp2p/js-libp2p@daemon-v6.0.9...daemon-v6.0.11) Updates `js-yaml` from 4.1.1 to 4.2.0 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](https://github.com/nodeca/js-yaml/commits) Updates `@libp2p/autonat` from 3.0.20 to 3.0.22 - [Release notes](https://github.com/libp2p/js-libp2p/releases) - [Commits](libp2p/js-libp2p@perf-v3.0.20...perf-v3.0.22) Updates `@libp2p/bootstrap` from 12.0.22 to 12.0.25 - [Release notes](https://github.com/libp2p/js-libp2p/releases) - [Commits](libp2p/js-libp2p@mdns-v12.0.22...mdns-v12.0.25) Updates `@libp2p/circuit-relay-v2` from 4.2.5 to 4.2.7 - [Release notes](https://github.com/libp2p/js-libp2p/releases) - [Commits](libp2p/js-libp2p@circuit-relay-v2-v4.2.5...circuit-relay-v2-v4.2.7) Updates `@libp2p/crypto` from 5.1.18 to 5.1.20 - [Release notes](https://github.com/libp2p/js-libp2p/releases) - [Commits](libp2p/js-libp2p@crypto-v5.1.18...crypto-v5.1.20) Updates `@libp2p/dcutr` from 3.0.20 to 3.0.22 - [Release notes](https://github.com/libp2p/js-libp2p/releases) - [Commits](libp2p/js-libp2p@perf-v3.0.20...perf-v3.0.22) Updates `@libp2p/identify` from 4.1.6 to 4.1.8 - [Release notes](https://github.com/libp2p/js-libp2p/releases) - [Commits](libp2p/js-libp2p@fetch-v4.1.6...crypto-v4.1.8) Updates `@libp2p/interface` from 3.2.2 to 3.2.4 - [Release notes](https://github.com/libp2p/js-libp2p/releases) - [Commits](libp2p/js-libp2p@libp2p-v3.2.2...libp2p-v3.2.4) Updates `@libp2p/kad-dht` from 16.2.7 to 16.3.3 - [Release notes](https://github.com/libp2p/js-libp2p/releases) - [Commits](libp2p/js-libp2p@kad-dht-v16.2.7...kad-dht-v16.3.3) Updates `@libp2p/mdns` from 12.0.22 to 12.0.25 - [Release notes](https://github.com/libp2p/js-libp2p/releases) - [Commits](libp2p/js-libp2p@mdns-v12.0.22...mdns-v12.0.25) Updates `@libp2p/ping` from 3.1.5 to 3.1.7 - [Release notes](https://github.com/libp2p/js-libp2p/releases) - [Commits](libp2p/js-libp2p@echo-v3.1.5...echo-v3.1.7) Updates `@libp2p/tcp` from 11.0.20 to 11.0.22 - [Release notes](https://github.com/libp2p/js-libp2p/releases) - [Commits](libp2p/js-libp2p@tcp-v11.0.20...tcp-v11.0.22) Updates `@libp2p/websockets` from 10.1.13 to 10.1.15 - [Release notes](https://github.com/libp2p/js-libp2p/releases) - [Commits](libp2p/js-libp2p@tcp-v10.1.13...tcp-v10.1.15) Updates `libp2p` from 3.3.1 to 3.3.4 - [Release notes](https://github.com/libp2p/js-libp2p/releases) - [Commits](libp2p/js-libp2p@libp2p-v3.3.1...libp2p-v3.3.4) Updates `protobufjs` from 8.3.0 to 8.6.3 - [Release notes](https://github.com/protobufjs/protobuf.js/releases) - [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md) - [Commits](protobufjs/protobuf.js@protobufjs-v8.3.0...protobufjs-v8.6.3) Updates `ajv` from 8.18.0 to 8.20.0 - [Release notes](https://github.com/ajv-validator/ajv/releases) - [Commits](ajv-validator/ajv@v8.18.0...v8.20.0) Updates `@openzeppelin/contracts` from 5.4.0 to 5.6.1 - [Release notes](https://github.com/OpenZeppelin/openzeppelin-contracts/releases) - [Changelog](https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/CHANGELOG.md) - [Commits](OpenZeppelin/openzeppelin-contracts@v5.4.0...v5.6.1) Updates `force-graph` from 1.51.1 to 1.51.4 - [Commits](vasturiano/force-graph@v1.51.1...v1.51.4) Updates `oxigraph` from 0.5.5 to 0.5.8 - [Release notes](https://github.com/oxigraph/oxigraph/releases) - [Changelog](https://github.com/oxigraph/oxigraph/blob/v0.5.8/CHANGELOG.md) - [Commits](https://github.com/oxigraph/oxigraph/commits/v0.5.8/js) Updates `@modelcontextprotocol/sdk` from 1.27.1 to 1.29.0 - [Release notes](https://github.com/modelcontextprotocol/typescript-sdk/releases) - [Commits](modelcontextprotocol/typescript-sdk@v1.27.1...v1.29.0) Updates `yaml` from 2.8.3 to 2.9.0 - [Release notes](https://github.com/eemeli/yaml/releases) - [Commits](eemeli/yaml@v2.8.3...v2.9.0) Updates `react` from 19.2.4 to 19.2.7 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react) Updates `react-dom` from 19.2.4 to 19.2.7 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom) Updates `@openuidev/react-lang` from 0.2.3 to 0.2.6 - [Commits](https://github.com/thesysdev/openui/commits/HEAD/packages/react-lang) Updates `lucide-react` from 1.14.0 to 1.18.0 - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/commits/1.18.0/packages/lucide-react) Updates `shiki` from 4.0.2 to 4.2.0 - [Release notes](https://github.com/shikijs/shiki/releases) - [Commits](https://github.com/shikijs/shiki/commits/v4.2.0/packages/shiki) Updates `zustand` from 5.0.12 to 5.0.14 - [Release notes](https://github.com/pmndrs/zustand/releases) - [Commits](pmndrs/zustand@v5.0.12...v5.0.14) --- updated-dependencies: - dependency-name: "@libp2p/autonat" dependency-version: 3.0.21 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive - dependency-name: "@libp2p/bootstrap" dependency-version: 12.0.24 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive - dependency-name: "@libp2p/circuit-relay-v2" dependency-version: 4.2.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive - dependency-name: "@libp2p/crypto" dependency-version: 5.1.19 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive - dependency-name: "@libp2p/dcutr" dependency-version: 3.0.21 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive - dependency-name: "@libp2p/identify" dependency-version: 4.1.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive - dependency-name: "@libp2p/interface" dependency-version: 3.2.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive - dependency-name: "@libp2p/kad-dht" dependency-version: 16.3.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: transitive - dependency-name: "@libp2p/mdns" dependency-version: 12.0.24 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive - dependency-name: "@libp2p/peer-id" dependency-version: 6.0.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive - dependency-name: "@libp2p/ping" dependency-version: 3.1.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive - dependency-name: "@libp2p/tcp" dependency-version: 11.0.21 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive - dependency-name: "@libp2p/websockets" dependency-version: 10.1.14 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive - dependency-name: "@modelcontextprotocol/sdk" dependency-version: 1.29.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: transitive - dependency-name: "@openuidev/react-lang" dependency-version: 0.2.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive - dependency-name: "@openzeppelin/contracts" dependency-version: 5.6.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: transitive - dependency-name: ajv dependency-version: 8.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: transitive - dependency-name: force-graph dependency-version: 1.51.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive - dependency-name: js-yaml dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: transitive - dependency-name: libp2p dependency-version: 3.3.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive - dependency-name: lucide-react dependency-version: 1.17.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: transitive - dependency-name: oxigraph dependency-version: 0.5.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive - dependency-name: protobufjs dependency-version: 8.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: transitive - dependency-name: react dependency-version: 19.2.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive - dependency-name: react-dom dependency-version: 19.2.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive - dependency-name: shiki dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: transitive - dependency-name: yaml dependency-version: 2.9.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: transitive - dependency-name: zustand dependency-version: 5.0.14 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: transitive ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot requested review from Jurij89, branarakic and zsculac as code owners May 31, 2026 23:39

dependabot Bot force-pushed the dependabot/npm_and_yarn/transitive-2d11ac47fe branch 2 times, most recently from 9b9e468 to f9fb7ad Compare June 8, 2026 04:33

dependabot Bot force-pushed the dependabot/npm_and_yarn/transitive-2d11ac47fe branch from f9fb7ad to 0c32889 Compare June 8, 2026 19:52

dependabot Bot force-pushed the dependabot/npm_and_yarn/transitive-2d11ac47fe branch from 0c32889 to 886d622 Compare June 15, 2026 04:35

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps)(deps): bump the transitive group across 1 directory with 28 updates#850

chore(deps)(deps): bump the transitive group across 1 directory with 28 updates#850
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/transitive-2d11ac47fe

dependabot Bot commented on behalf of github May 31, 2026 •

edited

Loading

Uh oh!

dependabot Bot commented on behalf of github May 31, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 31, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

peer-id: v6.0.11

6.0.11 (2026-06-13)

Dependencies

peer-id: v6.0.10

6.0.10 (2026-05-30)

Dependencies

[4.2.0] - 2026-06-01

Added

Changed

Fixed

Security

[3.14.2] - 2025-11-15

Security

dcutr: v3.0.22

3.0.22 (2026-06-13)

Dependencies

autonat: v3.0.22

3.0.22 (2026-06-13)

Dependencies

plaintext: v3.0.22

3.0.22 (2026-06-13)

Dependencies

dcutr: v3.0.21

3.0.21 (2026-05-30)

mplex: v12.0.25

12.0.25 (2026-06-13)

Bug Fixes

Dependencies

crypto: v5.1.20

5.1.20 (2026-06-13)

Bug Fixes

Dependencies

dcutr: v3.0.22

3.0.22 (2026-06-13)

Dependencies

autonat: v3.0.22

3.0.22 (2026-06-13)

Dependencies

plaintext: v3.0.22

3.0.22 (2026-06-13)

Dependencies

dcutr: v3.0.21

3.0.21 (2026-05-30)

identify: v4.1.8

4.1.8 (2026-06-13)

Dependencies

fetch: v4.1.7

4.1.7 (2026-06-13)

Dependencies

identify: v4.1.7

4.1.7 (2026-05-30)

Dependencies

interface: v3.2.4

3.2.4 (2026-06-13)

Dependencies

interface: v3.2.3

3.2.3 (2026-05-30)

Dependencies

kad-dht: v16.3.3

16.3.3 (2026-06-13)

Bug Fixes

Documentation

Dependencies

kad-dht: v16.3.2

16.3.2 (2026-06-06)

Refactors

kad-dht: v16.3.1

16.3.1 (2026-05-30)

Dependencies

mplex: v12.0.25

12.0.25 (2026-06-13)

Bug Fixes

Dependencies

ping: v3.1.7

3.1.7 (2026-06-13)

Bug Fixes

Dependencies

dependabot Bot commented on behalf of github May 31, 2026 •

edited

Loading