chore(deps): bump the npm_and_yarn group across 1 directory with 30 updates

[dependabot]

Bumps the npm_and_yarn group with 27 updates in the / directory:

Package	From	To
@openzeppelin/contracts	5.2.0	5.4.0
webpack	5.21.0	5.104.1
aws-sdk	2.841.0	2.1693.0
@babel/helpers	7.12.13	7.29.2
@smithy/config-resolver	4.0.1	4.4.13
axios	0.21.1	0.21.4
base-x	3.0.8	3.0.11
brace-expansion	1.1.11	1.1.12
browserify-sign	4.2.1	4.2.5
cipher-base	1.0.4	1.0.7
diff	5.2.0	5.2.2
es5-ext	0.10.53	0.10.64
express	4.17.1	4.22.1
flatted	3.1.1	3.4.2
follow-redirects	1.13.2	1.15.11
immutable	4.0.0-rc.12	4.3.8
js-yaml	3.14.1	3.14.2
lodash	4.17.20	4.17.23
min-document	2.19.0	2.19.2
minimatch	3.0.4	3.1.5
pbkdf2	3.1.1	3.1.5
picomatch	2.2.2	2.3.2
qs	6.5.2	6.5.5
secp256k1	4.0.2	4.0.4
sha.js	2.4.11	2.4.12
tar	4.4.13	4.4.19
undici	5.28.5	5.29.0

Updates @openzeppelin/contracts from 5.2.0 to 5.4.0

Release notes

Sourced from @​openzeppelin/contracts's releases.

v5.4.0

Breaking changes

• Update minimum pragma to 0.8.24 in SignatureChecker, Governor and Governor's extensions. (#5716).

Pragma changes

• Reduced pragma requirement of interface files

Changes by category

Account

• Account: Added a simple ERC-4337 account implementation with minimal logic to process user operations. (#5657)
• AccountERC7579: Extension of Account that implements support for ERC-7579 modules of type executor, validator, and fallback handler. (#5657)
• AccountERC7579Hooked: Extension of AccountERC7579 that implements support for ERC-7579 hook modules. (#5657)
• EIP7702Utils: Add a library for checking if an address has an EIP-7702 delegation in place. (#5587)
• IERC7821, ERC7821: Interface and logic for minimal batch execution. No support for additional opData is included. (#5657)

Governance

• GovernorNoncesKeyed: Extension of Governor that adds support for keyed nonces when voting by sig. (#5574)

Tokens

• ERC20Bridgeable: Implementation of ERC-7802 that makes an ERC-20 compatible with crosschain bridges. (#5739)

Cryptography

Signers

• AbstractSigner, SignerECDSA, SignerP256, and SignerRSA: Add an abstract contract and various implementations for contracts that deal with signature verification. (#5657)
• SignerERC7702: Implementation of AbstractSigner for Externally Owned Accounts (EOAs). Useful with ERC-7702. (#5657)
• SignerERC7913: Abstract signer that verifies signatures using the ERC-7913 workflow. (#5659)
• MultiSignerERC7913: Implementation of AbstractSigner that supports multiple ERC-7913 signers with a threshold-based signature verification system. (#5659)
• MultiSignerERC7913Weighted: Extension of MultiSignerERC7913 that supports assigning different weights to each signer, enabling more flexible governance schemes. (#5741)

Verifiers

• ERC7913P256Verifier and ERC7913RSAVerifier: Ready to use ERC-7913 verifiers that implement key verification for P256 (secp256r1) and RSA keys. (#5659)

Other

• SignatureChecker: Add support for ERC-7913 signatures alongside existing ECDSA and ERC-1271 signature verification. (#5659)
• ERC7739: An abstract contract to validate signatures following the rehashing scheme from ERC7739Utils. (#5664)
• ERC7739Utils: Add a library that implements a defensive rehashing mechanism to prevent replayability of smart contract signatures based on the ERC-7739. (#5664)

Structures

• EnumerableMap: Add support for BytesToBytesMap type. (#5658)

... (truncated)

Changelog

Sourced from @​openzeppelin/contracts's changelog.

5.4.0 (2025-07-17)

Breaking changes

• Update minimum pragma to 0.8.24 in SignatureChecker, Governor and Governor's extensions. (#5716).

Pragma changes

• Reduced pragma requirement of interface files.

Changes by category

Account

• Account: Added a simple ERC-4337 account implementation with minimal logic to process user operations. (#5657)
• AccountERC7579: Extension of Account that implements support for ERC-7579 modules of type executor, validator, and fallback handler. (#5657)
• AccountERC7579Hooked: Extension of AccountERC7579 that implements support for ERC-7579 hook modules. (#5657)
• EIP7702Utils: Add a library for checking if an address has an EIP-7702 delegation in place. (#5587)
• IERC7821, ERC7821: Interface and logic for minimal batch execution. No support for additional opData is included. (#5657)

Governance

• GovernorNoncesKeyed: Extension of Governor that adds support for keyed nonces when voting by sig. (#5574)

Tokens

• ERC20Bridgeable: Implementation of ERC-7802 that makes an ERC-20 compatible with crosschain bridges. (#5735)

Cryptography

Signers

• AbstractSigner, SignerECDSA, SignerP256, and SignerRSA: Add an abstract contract and various implementations for contracts that deal with signature verification. (#5657)
• SignerERC7702: Implementation of AbstractSigner for Externally Owned Accounts (EOAs). Useful with ERC-7702. (#5657)
• SignerERC7913: Abstract signer that verifies signatures using the ERC-7913 workflow. (#5659)
• MultiSignerERC7913: Implementation of AbstractSigner that supports multiple ERC-7913 signers with a threshold-based signature verification system. (#5659)
• MultiSignerERC7913Weighted: Extension of MultiSignerERC7913 that supports assigning different weights to each signer, enabling more flexible governance schemes. (#5718)

Verifiers

• ERC7913P256Verifier and ERC7913RSAVerifier: Ready to use ERC-7913 verifiers that implement key verification for P256 (secp256r1) and RSA keys. (#5659)

Other

• SignatureChecker: Add support for ERC-7913 signatures alongside existing ECDSA and ERC-1271 signature verification. (#5659)
• ERC7739: An abstract contract to validate signatures following the rehashing scheme from ERC7739Utils. (#5664)
• ERC7739Utils: Add a library that implements a defensive rehashing mechanism to prevent replayability of smart contract signatures based on the ERC-7739. (#5664)

Structures

... (truncated)

Commits

• c64a1ed Release v5.4.0 (#5801)
• 6f9f523 Exit release candidate
• f19bf29 Fix bug in Bytes.lastIndexOf when array is empty and position is not 2²⁵⁶-1 (...
• fffade5 Add warning about Clones pointing to implementation with no code (#5798)
• 54a8027 Clarify documentation for IAccessManager.canCall (#5795)
• f12605a Add Account framework docs and guides (#5660)
• 83b829e Address 5.4 audit documentation improvements (#5779)
• 2e152ba Cause _addSigners to revert if it triggers a totalWeight overflow (#5790)
• a341850 Minimize pragma for MultiSignerERC7913Weighted.sol (#5778)
• ca1494a Improve naming consystency in EnumerableSet (#5776)
• Additional commits viewable in compare view

Updates webpack from 5.21.0 to 5.104.1

Release notes

Sourced from webpack's releases.

v5.104.1

5.104.1

Patch Changes

• 2efd21b: Reexports runtime calculation should not accessing WEBPACK_IMPORT_KEY decl with var.
• c510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.

v5.104.0

5.104.0

Minor Changes

• d3dd841: Use method shorthand to render module content in __webpack_modules__ object.
• d3dd841: Enhance import.meta.env to support object access.
• 4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.
• 04cd530: Handle more at-rules for CSS modules.
• cafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.
• d3dd841: Added base64url, base62, base58, base52, base49, base36, base32 and base25 digests.
• 5983843: Provide a stable runtime function variable __webpack_global__.
• d3dd841: Improved localIdentName hashing for CSS.

Patch Changes

• 22c48fb: Added module existence check for informative error message in development mode.
• 50689e1: Use the fully qualified class name (or export name) for [fullhash] placeholder in CSS modules.
• d3dd841: Support universal lazy compilation.
• d3dd841: Fixed module library export definitions when multiple runtimes.
• d3dd841: Fixed CSS nesting and CSS custom properties parsing.
• d3dd841: Don't write fragment from URL to filename and apply fragment to module URL.
• aab1da9: Fixed bugs for css/global type.
• d3dd841: Compatibility import.meta.filename and import.meta.dirname with eval devtools.
• d3dd841: Handle nested __webpack_require__.
• 728ddb7: The speed of identifier parsing has been improved.
• 0f8b31b: Improve types.
• d3dd841: Don't corrupt debugId injection when hidden-source-map is used.
• 2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.
• d3dd841: Serialize HookWebpackError.
• d3dd841: Added ability to use built-in properties in dotenv and define plugin.
• 3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.
• d3dd841: Reduce collision for local indent name in CSS.
• d3dd841: Remove CSS link tags when CSS imports are removed.

v5.103.0

Features

• Added DotenvPlugin and top level dotenv option to enable this plugin
• Added WebpackManifestPlugin
• Added support the ignoreList option in devtool plugins
• Allow to use custom javascript parse function

... (truncated)

Changelog

Sourced from webpack's changelog.

5.104.1

Patch Changes

• 2efd21b: Reexports runtime calculation should not accessing WEBPACK_IMPORT_KEY decl with var.
• c510070: Fixed a user information bypass vulnerability in the HttpUriPlugin plugin.

5.104.0

Minor Changes

• d3dd841: Use method shorthand to render module content in __webpack_modules__ object.
• d3dd841: Enhance import.meta.env to support object access.
• 4baab4e: Optimize dependency sorting in updateParent: sort each module only once by deferring to finishUpdateParent(), and reduce traversal count in sortWithSourceOrder by caching WeakMap values upfront.
• 04cd530: Handle more at-rules for CSS modules.
• cafae23: Added options to control the renaming of at-rules and various identifiers in CSS modules.
• d3dd841: Added base64url, base62, base58, base52, base49, base36, base32 and base25 digests.
• 5983843: Provide a stable runtime function variable __webpack_global__.
• d3dd841: Improved localIdentName hashing for CSS.

Patch Changes

• 22c48fb: Added module existence check for informative error message in development mode.
• 50689e1: Use the fully qualified class name (or export name) for [fullhash] placeholder in CSS modules.
• d3dd841: Support universal lazy compilation.
• d3dd841: Fixed module library export definitions when multiple runtimes.
• d3dd841: Fixed CSS nesting and CSS custom properties parsing.
• d3dd841: Don't write fragment from URL to filename and apply fragment to module URL.
• aab1da9: Fixed bugs for css/global type.
• d3dd841: Compatibility import.meta.filename and import.meta.dirname with eval devtools.
• d3dd841: Handle nested __webpack_require__.
• 728ddb7: The speed of identifier parsing has been improved.
• 0f8b31b: Improve types.
• d3dd841: Don't corrupt debugId injection when hidden-source-map is used.
• 2179fdb: Re-validate HttpUriPlugin redirects against allowedUris, restrict to http(s) and add a conservative redirect limit to prevent SSRF and untrusted content inclusion. Redirects failing policy are rejected before caching/lockfile writes.
• d3dd841: Serialize HookWebpackError.
• d3dd841: Added ability to use built-in properties in dotenv and define plugin.
• 3c4319f: Optimizing the regular expression character class by specifying ranges for runtime code.
• d3dd841: Reduce collision for local indent name in CSS.
• d3dd841: Remove CSS link tags when CSS imports are removed.

Commits

• 24e3c2d chore(release): new release (#20253)
• 2efd21b fix(re-exports): reexports runtime calculation should not accessing `__WEBPAC...
• c510070 fix(security): userinfo bypass vulnerability in HttpUriPlugin allowedUris
• 4b0501c ci: fix release (#20252)
• 0c213ce ci: use \<@&1450591255485743204> over @here for discord notificationw
• 5bf8bc5 refactor: types for benchmarks and tests
• 505a5e7 chore(release): new release (#20188)
• 0c06680 refactor: update eslint configuration
• 2eb0d6a ci: release announcement (#20238)
• b2b2459 ci: cancel in progress (#20239)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for webpack since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

Updates aws-sdk from 2.841.0 to 2.1693.0

Release notes

Sourced from aws-sdk's releases.

Release v2.1693.0

See changelog for more information.

Release v2.1692.0

See changelog for more information.

Release v2.1691.0

See changelog for more information.

Release v2.1690.0

See changelog for more information.

Release v2.1689.0

See changelog for more information.

Release v2.1688.0

See changelog for more information.

Release v2.1687.0

See changelog for more information.

Release v2.1686.0

See changelog for more information.

Release v2.1685.0

See changelog for more information.

Release v2.1684.0

See changelog for more information.

Release v2.1683.0

See changelog for more information.

Release v2.1682.0

See changelog for more information.

Release v2.1681.0

See changelog for more information.

Release v2.1680.0

See changelog for more information.

Release v2.1679.0

See changelog for more information.

Release v2.1678.0

See changelog for more information.

Release v2.1677.0

See changelog for more information.

... (truncated)

Commits

• 9d3c66e Updates SDK to v2.1693.0
• c039567 test(client-elastictranscoder): remove feature test (#4711)
• f5b1a6f docs: end-of-support (#4706)
• 657d6fe chore: use ssh private key for git sync (#4705)
• c12585b chore: remove regression label management (#4699)
• 966fa6c Updates SDK to v2.1692.0
• 5d0e38a Delete EC2 launch configuration e2e tests (#4685)
• b9ce346 chore: fix issue config (#4683)
• c066681 Update issue template config and disable docs requests (#4682)
• 163a7cf Modified bug issue template to add checkbox to report potential regression. (...
• Additional commits viewable in compare view

Updates @babel/helpers from 7.12.13 to 7.29.2

Release notes

Sourced from @​babel/helpers's releases.

v7.29.2 (2026-03-16)

👓 Spec Compliance

• babel-parser
  • #17840 [7.x backport] async x => {} must be in leading pos (@​JLHwung)

🐛 Bug Fix

• babel-helpers, babel-plugin-transform-async-generator-functions, babel-preset-env, babel-runtime-corejs3
  • #17805 [7.x backport] fix: Properly handle await in finally (@​liuxingbaoyu)
• babel-preset-env
  • #17789 [7.x backport] preset-env include/exclude should accept bugfix plugins (@​JLHwung)

🏠 Internal

• #17813 chore: update eslint peer deps (@​JLHwung)

Committers: 2

• Huáng Jùnliàng (@​JLHwung)
• @​liuxingbaoyu

v7.29.1 (2026-02-04)

🐛 Bug Fix

• babel-standalone
  • #17771 [7.x backport] fix: ensure targets.esmodules is validated (@​JLHwung)
• babel-generator
  • #17776 [7.x backport] Fix undefined when 64 indents (@​liuxingbaoyu)

Committers: 2

• Huáng Jùnliàng (@​JLHwung)
• @​liuxingbaoyu

v7.29.0 (2026-01-31)

Thanks @​simbahax for your first PR!

🚀 New Feature

• babel-types
  • #17750 [7.x backport] Add attributes import declaration builder (@​JLHwung)
• babel-standalone
  • #17663 [7.x backport] feat(standalone): export async transform (@​JLHwung)
  • #17725 [7.x backport] feat: read standalone targets from data-targets (@​JLHwung)

🐛 Bug Fix

• babel-parser
  • #17765 fix(parser): correctly parse type assertions in extends clause (@​nicolo-ribaudo)
  • #17723 [7.x backport] fix(parser): improve super type argument parsing (@​JLHwung)
• babel-traverse
  • #17708 fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (@​simbahax)
• babel-plugin-transform-block-scoping, babel-traverse
  • #17737 [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (@​magic-akari)

... (truncated)

Commits

• 37d5595 v7.29.2
• 1c0a08d [7.x backport] fix: Properly handle await in finally (#17805)
• d7f4008 v7.28.6
• 99dcba5 chore: enable some ts-eslint rules (#17592)
• c1b55f6 Use eslint.config.mts (#17573)
• 35055e3 v7.28.4
• 18d88b8 Improve @​babel/core typings (#17471)
• ef155f5 v7.28.3
• 741cbd2 chore: fix various typos across codebase (#17476)
• cac0ff4 v7.28.2
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​babel/helpers since your current version.

Updates @smithy/config-resolver from 4.0.1 to 4.4.13

Release notes

Sourced from @​smithy/config-resolver's releases.

@​smithy/config-resolver@​4.4.13

Patch Changes

• b1f0dba: fix(middleware-endpoint): update type of useDualStackEndpoint/useFipsEndpoint input config fix(config-resolver): add alternate values for NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS and NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS

@​smithy/config-resolver@​4.4.12

Patch Changes

• 4b5602d: fix: update default value to undefined for dualstack/fips config

@​smithy/config-resolver@​4.4.11

Patch Changes

• Updated dependencies [5340b11]
  • @​smithy/types@​4.13.1
  • @​smithy/node-config-provider@​4.3.12
  • @​smithy/util-endpoints@​3.3.3
  • @​smithy/util-middleware@​4.2.12

Changelog

Sourced from @​smithy/config-resolver's changelog.

4.4.13

Patch Changes

• b1f0dba: fix(middleware-endpoint): update type of useDualStackEndpoint/useFipsEndpoint input config fix(config-resolver): add alternate values for NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS and NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS

4.4.12

Patch Changes

• 4b5602d: fix: update default value to undefined for dualstack/fips config

4.4.11

Patch Changes

• Updated dependencies [5340b11]
  • @​smithy/types@​4.13.1
  • @​smithy/node-config-provider@​4.3.12
  • @​smithy/util-endpoints@​3.3.3
  • @​smithy/util-middleware@​4.2.12

4.4.10

Patch Changes

• a4d95e6: Set downlevel types to be used in typescript@'<4.5'
• Updated dependencies [a4d95e6]
  • @​smithy/node-config-provider@​4.3.11
  • @​smithy/util-config-provider@​4.2.2
  • @​smithy/util-middleware@​4.2.11
  • @​smithy/util-endpoints@​3.3.2

4.4.9

Patch Changes

• Updated dependencies [d0954cc]
  • @​smithy/types@​4.13.0
  • @​smithy/node-config-provider@​4.3.10
  • @​smithy/util-endpoints@​3.3.1
  • @​smithy/util-middleware@​4.2.10

4.4.8

Patch Changes

• Updated dependencies [2bf677c]
  • @​smithy/util-endpoints@​3.3.0

... (truncated)

Commits

• 9328be2 Version NPM packages
• b1f0dba fix(config-resolver): add new config selectors (#1927)
• e3a0f6f Version NPM packages
• 4b5602d fix(config-resolver): update default value to undefined for dualstack/FIPS co...
• 0bdca15 Version NPM packages
• 5eab7ea Version NPM packages
• a4d95e6 fix: set downlevel types to be used in typescript@'<4.5' (#1906)
• 2acebec Version NPM packages
• 06793cc Version NPM packages
• 1f51a0c Version NPM packages
• Additional commits viewable in compare view

Updates axios from 0.21.1 to 0.21.4

Release notes

Sourced from axios's releases.

v0.21.4

Fixes and Functionality:

• Fixing JSON transform when data is stringified. Providing backward compatibility and complying to the JSON RFC standard (#4020)

Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:

• Guillaume Fortaine
• Yusuke Kawasaki
• Dmitriy Mozgovoy

v0.21.3

Fixes and Functionality:

• Fixing response interceptor not being called when request interceptor is attached (#4013)

Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:

• Julian Hollmann

v0.21.2

Fixes and Functionality:

• Updating axios requests to be delayed by pre-emptive promise creation (#2702)
• Adding "synchronous" and "runWhen" options to interceptors api (#2702)
• Updating of transformResponse (#3377)
• Adding ability to omit User-Agent header (#3703)
• Adding multiple JSON improvements (#3688, #3763)
• Fixing quadratic runtime and extra memory usage when setting a maxContentLength (#3738)
• Adding parseInt to config.timeout (#3781)
• Adding custom return type support to interceptor (#3783)
• Adding security fix for ReDoS vulnerability (#3980)

Internal and Tests:

• Updating build dev dependancies (#3401)
• Fixing builds running on Travis CI (#3538)
• Updating follow rediect version (#3694, #3771)
• Updating karma sauce launcher to fix failing sauce tests (#3712, #3717)
• Updating content-type header for application/json to not contain charset field, according do RFC 8259 (#2154)
• Fixing tests by bumping karma-sauce-launcher version (#3813)
• Changing testing process from Travis CI to GitHub Actions (#3938)

Documentation:

• Updating documentation around the use of AUTH_TOKEN with multiple domain endpoints (#3539)
• Remove duplication of item in changelog (#3523)
• Fixing gramatical errors (#2642)
• Fixing spelling error (#3567)
• Moving gitpod metion (#2637)
• Adding new axios documentation website link (#3681, #3707)
• Updating documentation around dispatching requests (#3772)

... (truncated)

Changelog

Sourced from axios's changelog.

0.21.4 (September 6, 2021)

Fixes and Functionality:

• Fixing JSON transform when data is stringified. Providing backward compatability and complying to the JSON RFC standard (#4020)

Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:

• Jay
• Guillaume Fortaine
• Yusuke Kawasaki
• Dmitriy Mozgovoy

0.21.3 (September 4, 2021)

Fixes and Functionality:

• Fixing response interceptor not being called when request interceptor is attached (#4013)

Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:

• Jay
• Julian Hollmann

0.21.2 (September 4, 2021)

Fixes and Functionality:

• Updating axios requests to be delayed by pre-emptive promise creation (#2702)
• Adding "synchronous" and "runWhen" options to interceptors api (#2702)
• Updating of transformResponse (#3377)
• Adding ability to omit User-Agent header (#3703)
• Adding multiple JSON improvements (#3688, #3763)
• Fixing quadratic runtime and extra memory usage when setting a maxContentLength (#3738)
• Adding parseInt to config.timeout (#3781)
• Adding custom return type support to interceptor (#3783)
• Adding security fix for ReDoS vulnerability (#3980)

Internal and Tests:

• Updating build dev dependancies (#3401)
• Fixing builds running on Travis CI (#3538)
• Updating follow rediect version (#3694, #3771)
• Updating karma sauce launcher to fix failing sauce tests (#3712, #3717)
• Updating content-type header for application/json to not contain charset field, according do RFC 8259 (#2154)
• Fixing tests by bumping karma-sauce-launcher version (#3813)
• Changing testing process from Travis CI to GitHub Actions (#3938)

Documentation:

• Updating documentation around the use of AUTH_TOKEN with multiple domain endpoints (#3539)
• Remove duplication of item in changelog (#3523)

... (truncated)

Commits

• 66c4602 Merge branch 'master' into release/0.21.4
• fc15665 [Releasing] v0.21.4
• c2714f0 [Updating] incorrect JSON syntax in README.md
• 0fc7248 fix json transform when data is pre-stringified (#4020)
• 90205f8 Change headers type to string record (#3021)
• 92b29d2 Make the default type of response data never (#3002)
• 4eeb3b1 Improved type-safety for AxiosRequestConfig (#2995)
• cd7ff04 Adding HTTP status code to error.toJSON (#2956)
• b5a1a67 Adding nodejs http.request option: insecureHTTPParser (#2930)
• 4f25380 Exposing the Axios constructor in index.d.ts (#2872)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jasonsaayman, a new releaser for axios since your current version.

Updates base-x from 3.0.8 to 3.0.11

Commits

• 043a888 3.0.11
• 2705ddd [backport 3.x] Prohibit char codes that would overflow the BASE_MAP
• 3d43c0e 3.0.10
• 0a35446 Improve decoding performance
• 4c10d33 3.0.9
• c9dcddd Merge pull request #78 from cryptocoinjs/fix/space-alphabets
• 6c54632 Fix alphabets with space in them
• 69c09ed Merge pull request #73 from terrierscript/patch-1
• 1dd3795 Update README.md
• See full diff in compare view

Updates brace-expansion from 1.1.11 to 1.1.12

Release notes

Sourced from brace-expansion's releases.

v1.1.12

• pkg: publish on tag 1.x c460dbd
• fmt ccb8ac6
• Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) c3c73c8

---

juliangruber/brace-expansion@v1.1.11...v1.1.12

Commits

• 44f33b4 1.1.12
• c460dbd pkg: publish on tag 1.x
• ccb8ac6 fmt
• c3c73c8 Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65)
• See full diff in compare view

Updates browserify-sign from 4.2.1 to 4.2.5

Changelog

Sourced from browserify-sign's changelog.

v4.2.5 - 2025-09-24

Commits

• [Tests] clean up tests and convert console info skips to tape skips 37b083c
• [Fix] restore node 0.10 support faade86
• [Deps] update parse-asn1 5a0f159
• [actions] drop unsupported nodes from CI 106be97

v4.2.4 - 2025-09-22

Commits

• [actions] split out node 10-20, and 20+ 17920d9
• [meta] remove files field 6d5b280
• [Deps] update bn.js, browserify-rsa, elliptic 31be0c2
• [Dev Deps] update @ljharb/eslint-config, auto-changelog, semver, tape 5f66982
• [Tests] replace aud with npm audit d44b24d
• [Dev Deps] add missing peer dep ab975f4
• [Deps] revert 9e2bf12, now that v3.1.1 is out 428cf7f

v4.2.3 - 2024-03-05

Commits

• [patch] widen support to 0.12 9247adf
• [patch] drop minimum node support to v1 4d0ee49
• [Dev Deps] update aud, npmignore, tape 87f3a35
• [actions] remove redundant finisher 37a4758
• [Deps] pin hash-base to ~3.0, due to a breaking change 9e2bf12
• [Deps] update parse-asn1 [f427270`](browserify/browserify-sign@f427270)
• [Deps] update elliptic fb261ce
• [Deps] pin elliptic due to a breaking change 168e16f

v4.2.2 - 2023-10-25

Fixed

• [Tests] log when openssl doesn't support cipher [#37](https://github.com/crypto-browserify/browserify-sign/issues/37)

Commits

• Only apps should have lockfiles 09a8995
• [eslint] switch to eslint 83fe463
• [meta] add npmignore and auto-changelog 4418183
• [meta] fix package.json indentation 9ac5a5e
• [Tests] migrate from travis to github actions d845d85
• [Fix] sign: throw on unsupported padding scheme 8767739
• [Fix] properly check the upper bound for DSA signatures 85994cd
• [Tests] handle openSSL not supporting a scheme f5f17c2

... (truncated)

Commits

• d3a7458 v4.2.5
• 37b083c [Tests] clean up tests and convert console info skips to tape skips
• faade86 [Fix] restore node 0.10 support
• 5a0f159 [Deps] update parse-asn1
• 106be97 [actions] drop unsupported nodes from CI