Skip to content

chore(deps): bump the prod-deps group with 6 updates#1054

Closed
dependabot[bot] wants to merge 4 commits intodevelopfrom
dependabot/npm_and_yarn/prod-deps-c9487010e8
Closed

chore(deps): bump the prod-deps group with 6 updates#1054
dependabot[bot] wants to merge 4 commits intodevelopfrom
dependabot/npm_and_yarn/prod-deps-c9487010e8

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 11, 2026
edited
Loading

Bumps the prod-deps group with 6 updates:

Package From To
@nestjs/common 11.1.15 11.1.16
@nestjs/core 11.1.15 11.1.16
@nestjs/platform-express 11.1.15 11.1.16
crisp-api 10.8.4 10.8.5
dompurify 3.3.1 3.3.3
newrelic 13.14.0 13.15.0

Updates @nestjs/common from 11.1.15 to 11.1.16

Release notes

Sourced from @​nestjs/common's releases.

v11.1.16 (2026-03-05)

Bug fixes

  • microservices

Dependencies

Committers: 2

Commits

Updates @nestjs/core from 11.1.15 to 11.1.16

Release notes

Sourced from @​nestjs/core's releases.

v11.1.16 (2026-03-05)

Bug fixes

  • microservices

Dependencies

Committers: 2

Commits
  • 315e698 chore(release): publish v11.1.16 release
  • c9268ff Merge pull request #16493 from shahnoormujawar/fix/unknown-dependencies-messa...
  • e5fc974 fix(core): refine unknown dependencies message token display
  • See full diff in compare view

Updates @nestjs/platform-express from 11.1.15 to 11.1.16

Release notes

Sourced from @​nestjs/platform-express's releases.

v11.1.16 (2026-03-05)

Bug fixes

  • microservices

Dependencies

Committers: 2

Commits
  • 315e698 chore(release): publish v11.1.16 release
  • 24956b5 fix(deps): update dependency multer to v2.1.1
  • See full diff in compare view

Updates crisp-api from 10.8.4 to 10.8.5

Changelog

Sourced from crisp-api's changelog.

v10.8.5

Changes

  • Added return type on the CrispClient.website.getPeopleProfile method.
Commits

Updates dompurify from 3.3.1 to 3.3.3

Release notes

Sourced from dompurify's releases.

DOMPurify 3.3.3

  • Fixed an engine requirement for Node 20 which caused hiccups, thanks @​Rotzbua

DOMPurify 3.3.2

  • Fixed a possible bypass caused by jsdom's faulty raw-text tag parsing, thanks multiple reporters
  • Fixed a prototype pollution issue when working with custom elements, thanks @​christos-eth
  • Fixed a lenient config parsing in _isValidAttribute, thanks @​christos-eth
  • Bumped and removed several dependencies, thanks @​Rotzbua
  • Fixed the test suite after bumping dependencies, thanks @​Rotzbua
Commits
  • 8bcbf73 chore: Preparing 3.3.3 release
  • 5faddd6 fix: engine requirement (#1210)
  • 0f91e3a Update README.md
  • d5ff1a8 Merge branch 'main' of github.com:cure53/DOMPurify
  • c3efd48 fix: moved back from jsdom 28 to jsdom 20
  • 988b888 fix: moved back from jsdom 28 to jsdom 20
  • 2726c74 chore: Preparing 3.3.2 release
  • 6202c7e build(deps): bump @​tootallnate/once and jsdom (#1204)
  • 302b51d fix: Expanded the regex ever so slightly to also cover script
  • cd85175 Merge branch 'main' of github.com:cure53/DOMPurify
  • Additional commits viewable in compare view

Updates newrelic from 13.14.0 to 13.15.0

Release notes

Sourced from newrelic's releases.

v13.15.0 (2026-03-09)

Features

  • Added time_to_first_token for LlmChatCompletionSummary (#3781) (737f374)
  • Added time_to_first_token for AWS Bedrock (#3804) (a993b00)
  • Added time_to_first_token for Google Gen AI (#3785) (d90ee70)
  • Added time_to_first_token for OpenAI (#3782) (07cfd57)

Code refactoring

  • Migrated redis 4+ instrumentation to subscribe to events emitted (#3773) (add6827)

Documentation

Miscellaneous chores

  • Added version comment for agent-metadata.yml (#3779) (1267293)
  • Refactored nestjs instrumentation to subscriber type (#3792) (f7feb25)
  • Removed @langchain/core peer dep from langchain openai and aws tests (#3788) (e670bb1)
  • Removed unneccessary generic-pool context propagation (#3786) (bdd35fb)
  • Removed unnecessary superagent context propagation (#3798) (81650e1)
  • Updated @apm-js-collab/tracing-hooks to 0.4.0 (#3787) (d85fb2b)
  • Updated version format in agent-metadata.yml (#3778) (61759e9)

Tests

  • Updated langchain vectorstore tests to use a custom vectorstore to simplify the testing process (#3793) (0fd9b54)
  • Updated version range for langgraph tests (#3794) (e02ce99)

Support statement:

We recommend updating to the latest agent version as soon as it's available. If you can't upgrade to the latest version, update your agents to a version no more than 90 days old. Read more about keeping agents up to date. (https://docs.newrelic.com/docs/new-relic-solutions/new-relic-one/install-configure/update-new-relic-agent/)

See the New Relic Node.js agent EOL policy for information about agent releases and support dates. (https://docs.newrelic.com/docs/apm/agents/nodejs-agent/getting-started/nodejs-agent-eol-policy/)

Changelog

Sourced from newrelic's changelog.

v13.15.0 (2026-03-09)

Features

  • Added time_to_first_token for LlmChatCompletionSummary (#3781) (737f374)
  • Added time_to_first_token for AWS Bedrock (#3804) (a993b00)
  • Added time_to_first_token for Google Gen AI (#3785) (d90ee70)
  • Added time_to_first_token for OpenAI (#3782) (07cfd57)

Code refactoring

  • Migrated redis 4+ instrumentation to subscribe to events emitted (#3773) (add6827)

Documentation

Miscellaneous chores

  • Added version comment for agent-metadata.yml (#3779) (1267293)
  • Refactored nestjs instrumentation to subscriber type (#3792) (f7feb25)
  • Removed @langchain/core peer dep from langchain openai and aws tests (#3788) (e670bb1)
  • Removed unneccessary generic-pool context propagation (#3786) (bdd35fb)
  • Removed unnecessary superagent context propagation (#3798) (81650e1)
  • Updated @apm-js-collab/tracing-hooks to 0.4.0 (#3787) (d85fb2b)
  • Updated version format in agent-metadata.yml (#3778) (61759e9)

Tests

  • Updated langchain vectorstore tests to use a custom vectorstore to simplify the testing process (#3793) (0fd9b54)
  • Updated version range for langgraph tests (#3794) (e02ce99)
Commits
  • 2bee6e1 chore: release v13.15.0 (#3812)
  • 5228cdc docs: Updated compatibility report (#3800)
  • a993b00 feat: Add time_to_first_token for AWS Bedrock (#3804)
  • d90ee70 feat: Add time_to_first_token for Google Gen AI (#3785)
  • 81650e1 chore: Removed unnecessary superagent context propagation (#3798)
  • 1d6fe52 docs: Updated compatibility report (#3795)
  • add6827 refactor: Migrated redis 4+ instrumentation to subscribe to events emitted ...
  • bdd35fb chore: Removed unneccessary generic-pool context propagation (#3786)
  • f7feb25 chore: Refactored nestjs instrumentation to subscriber type (#3792)
  • 0fd9b54 test: Updated langchain vectorstore tests to use a custom vectorstore to simp...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 11, 2026
bl00dymarie
bl00dymarie previously approved these changes Mar 17, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@bl00dymarie bl00dymarie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is safe and good to merge!

  • 1 minor update and 5 patch updates only
  • All 15 CI checks passed

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/prod-deps-c9487010e8 branch 3 times, most recently from e534b0d to 4c1d556 Compare March 17, 2026 12:37
@dependabot
chore(deps): bump the prod-deps group with 6 updates
8be6c2f 
Bumps the prod-deps group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [@nestjs/common](https://github.com/nestjs/nest/tree/HEAD/packages/common) | `11.1.15` | `11.1.16` |
| [@nestjs/core](https://github.com/nestjs/nest/tree/HEAD/packages/core) | `11.1.15` | `11.1.16` |
| [@nestjs/platform-express](https://github.com/nestjs/nest/tree/HEAD/packages/platform-express) | `11.1.15` | `11.1.16` |
| [crisp-api](https://github.com/crisp-im/node-crisp-api) | `10.8.4` | `10.8.5` |
| [dompurify](https://github.com/cure53/DOMPurify) | `3.3.1` | `3.3.3` |
| [newrelic](https://github.com/newrelic/node-newrelic) | `13.14.0` | `13.15.0` |


Updates `@nestjs/common` from 11.1.15 to 11.1.16
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.1.16/packages/common)

Updates `@nestjs/core` from 11.1.15 to 11.1.16
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.1.16/packages/core)

Updates `@nestjs/platform-express` from 11.1.15 to 11.1.16
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.1.16/packages/platform-express)

Updates `crisp-api` from 10.8.4 to 10.8.5
- [Changelog](https://github.com/crisp-im/node-crisp-api/blob/master/CHANGELOG.md)
- [Commits](crisp-im/node-crisp-api@v10.8.4...v10.8.5)

Updates `dompurify` from 3.3.1 to 3.3.3
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](cure53/DOMPurify@3.3.1...3.3.3)

Updates `newrelic` from 13.14.0 to 13.15.0
- [Release notes](https://github.com/newrelic/node-newrelic/releases)
- [Changelog](https://github.com/newrelic/node-newrelic/blob/main/NEWS.md)
- [Commits](newrelic/node-newrelic@v13.14.0...v13.15.0)

---
updated-dependencies:
- dependency-name: "@nestjs/common"
  dependency-version: 11.1.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps
- dependency-name: "@nestjs/core"
  dependency-version: 11.1.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps
- dependency-name: "@nestjs/platform-express"
  dependency-version: 11.1.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps
- dependency-name: crisp-api
  dependency-version: 10.8.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps
- dependency-name: dompurify
  dependency-version: 3.3.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps
- dependency-name: newrelic
  dependency-version: 13.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/prod-deps-c9487010e8 branch from 4c1d556 to 8be6c2f Compare March 17, 2026 12:39
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Mar 25, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Mar 25, 2026
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/prod-deps-c9487010e8 branch March 25, 2026 09:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bl00dymarie bl00dymarie bl00dymarie left review comments

Assignees

@bl00dymarie bl00dymarie

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bl00dymarie