From 2c9960e0b5d7c7c3f37abec3266594d57304dd51 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 May 2026 07:23:13 +0000 Subject: [PATCH 01/17] chore(deps-dev): bump @types/node from 25.6.0 to 25.6.2 Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.6.0 to 25.6.2. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.6.2 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 570bca0..25139f4 100644 --- a/package.json +++ b/package.json @@ -39,7 +39,7 @@ }, "devDependencies": { "@types/express": "^5.0.6", - "@types/node": "^25.6.0", + "@types/node": "^25.6.2", "@vercel/node": "^5.7.15", "concurrently": "^9.2.1", "eslint": "10.3.0", diff --git a/yarn.lock b/yarn.lock index 38831bf..97b7b21 100644 --- a/yarn.lock +++ b/yarn.lock @@ -584,10 +584,10 @@ resolved "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.15.tgz" integrity sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA== -"@types/node@*", "@types/node@^25.6.0": - version "25.6.0" - resolved "https://registry.npmjs.org/@types/node/-/node-25.6.0.tgz" - integrity sha512-+qIYRKdNYJwY3vRCZMdJbPLJAtGjQBudzZzdzwQYkEPQd+PJGixUL5QfvCLDaULoLv+RhT3LDkwEfKaAkgSmNQ== +"@types/node@*", "@types/node@^25.6.2": + version "25.6.2" + resolved "https://registry.yarnpkg.com/@types/node/-/node-25.6.2.tgz#8c491201373690e4ef2a2ffed0dfb510a5830b92" + integrity sha512-sokuT28dxf9JT5Kady1fsXOvI4HVpjZa95NKT5y9PNTIrs2AsobR4GFAA90ZG8M+nxVRLysCXsVj6eGC7Vbrlw== dependencies: undici-types "~7.19.0" From dad5db91f3678b86f7c4e6216c1ef2718860f354 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 May 2026 07:23:22 +0000 Subject: [PATCH 02/17] chore(deps): bump lru-cache from 11.3.5 to 11.3.6 Bumps [lru-cache](https://github.com/isaacs/node-lru-cache) from 11.3.5 to 11.3.6. - [Changelog](https://github.com/isaacs/node-lru-cache/blob/main/CHANGELOG.md) - [Commits](https://github.com/isaacs/node-lru-cache/compare/v11.3.5...v11.3.6) --- updated-dependencies: - dependency-name: lru-cache dependency-version: 11.3.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 570bca0..cae19c9 100644 --- a/package.json +++ b/package.json @@ -33,7 +33,7 @@ "helmet": "^8.1.0", "image-to-base64": "^2.2.0", "lodash": "^4.17.21", - "lru-cache": "^11.3.5", + "lru-cache": "^11.3.6", "node-fetch": "^3.3.2", "typescript": "^6.0.3" }, diff --git a/yarn.lock b/yarn.lock index 38831bf..3250c7e 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2241,10 +2241,10 @@ log-update@^2.3.0: cli-cursor "^2.0.0" wrap-ansi "^3.0.1" -lru-cache@^11.0.0, lru-cache@^11.3.5: - version "11.3.5" - resolved "https://registry.npmjs.org/lru-cache/-/lru-cache-11.3.5.tgz" - integrity sha512-NxVFwLAnrd9i7KUBxC4DrUhmgjzOs+1Qm50D3oF1/oL+r1NpZ4gA7xvG0/zJ8evR7zIKn4vLf7qTNduWFtCrRw== +lru-cache@^11.0.0, lru-cache@^11.3.6: + version "11.3.6" + resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-11.3.6.tgz#f0306ad6e9f0a5dc25b16aeba4e8f57b7ec2df55" + integrity sha512-Gf/KoL3C/MlI7Bt0PGI9I+TeTC/I6r/csU58N4BSNc4lppLBeKsOdFYkK+dX0ABDUMJNfCHTyPpzwwO21Awd3A== math-intrinsics@^1.1.0: version "1.1.0" From 9f66e890999dd9790b11a4f95e032f48d85db228 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 May 2026 07:23:30 +0000 Subject: [PATCH 03/17] chore(deps): bump express-rate-limit from 8.4.1 to 8.5.1 Bumps [express-rate-limit](https://github.com/express-rate-limit/express-rate-limit) from 8.4.1 to 8.5.1. - [Release notes](https://github.com/express-rate-limit/express-rate-limit/releases) - [Commits](https://github.com/express-rate-limit/express-rate-limit/compare/v8.4.1...v8.5.1) --- updated-dependencies: - dependency-name: express-rate-limit dependency-version: 8.5.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/package.json b/package.json index 570bca0..1b0e965 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "compression": "^1.7.4", "dotenv": "^17.4.2", "express": "^5.2.1", - "express-rate-limit": "^8.4.1", + "express-rate-limit": "^8.5.1", "filereader": "^0.10.3", "helmet": "^8.1.0", "image-to-base64": "^2.2.0", diff --git a/yarn.lock b/yarn.lock index 38831bf..5274163 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1650,12 +1650,12 @@ events@^3.2.0: resolved "https://registry.npmjs.org/events/-/events-3.3.0.tgz" integrity sha512-mQw+2fkQbALzQ7V0MY0IqdnXNOeTtP4r0lN9z7AAawCXgqea7bDii20AYrIBrFd/Hx0M2Ocz6S111CaFkUcb0Q== -express-rate-limit@^8.4.1: - version "8.4.1" - resolved "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-8.4.1.tgz" - integrity sha512-NGVYwQSAyEQgzxX1iCM978PP9AdO/hW93gMcF6ZwQCm+rFvLsBH6w4xcXWTcliS8La5EPRN3p9wzItqBwJrfNw== +express-rate-limit@^8.5.1: + version "8.5.1" + resolved "https://registry.yarnpkg.com/express-rate-limit/-/express-rate-limit-8.5.1.tgz#ee62473d7b3bdf3b27b7be3d7f25c6d13308479a" + integrity sha512-5O6KYmyJEpuPJV5hNTXKbAHWRqrzyu+OI3vUnSd2kXFubIVpG7ezpgxQy76Zo5GQZtrQBg86hF+CM/NX+cioiQ== dependencies: - ip-address "10.1.0" + ip-address "^10.2.0" express@^5.2.1: version "5.2.1" @@ -2057,10 +2057,10 @@ interpret@^3.1.1: resolved "https://registry.npmjs.org/interpret/-/interpret-3.1.1.tgz" integrity sha512-6xwYfHbajpoF0xLW+iwLkhwgvLoZDfjYfoFNu8ftMoXINzwuymNLd9u/KmwtdT2GbR+/Cz66otEGEVVUHX9QLQ== -ip-address@10.1.0: - version "10.1.0" - resolved "https://registry.npmjs.org/ip-address/-/ip-address-10.1.0.tgz" - integrity sha512-XXADHxXmvT9+CRxhXg56LJovE+bmWnEWB78LB83VZTprKTmaC5QfruXocxzTZ2Kl0DNwKuBdlIhjL8LeY8Sf8Q== +ip-address@^10.2.0: + version "10.2.0" + resolved "https://registry.yarnpkg.com/ip-address/-/ip-address-10.2.0.tgz#805fc178b20c518bd4c8548b24fe30892d7f3206" + integrity sha512-/+S6j4E9AHvW9SWMSEY9Xfy66O5PWvVEJ08O0y5JGyEKQpojb0K0GKpz/v5HJ/G0vi3D2sjGK78119oXZeE0qA== ipaddr.js@1.9.1: version "1.9.1" From f57d4940859863ff30d62b281cf4cfa5411b0af2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 May 2026 07:23:41 +0000 Subject: [PATCH 04/17] chore(deps): bump axios from 1.15.0 to 1.16.0 Bumps [axios](https://github.com/axios/axios) from 1.15.0 to 1.16.0. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v1.15.0...v1.16.0) --- updated-dependencies: - dependency-name: axios dependency-version: 1.16.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/package.json b/package.json index 570bca0..64f346b 100644 --- a/package.json +++ b/package.json @@ -24,7 +24,7 @@ "homepage": "https://github.com/FrancoStino/github-contribution-card#readme", "dependencies": { "@actions/core": "^3.0.1", - "axios": "^1.15.0", + "axios": "^1.16.0", "compression": "^1.7.4", "dotenv": "^17.4.2", "express": "^5.2.1", diff --git a/yarn.lock b/yarn.lock index 38831bf..b160395 100644 --- a/yarn.lock +++ b/yarn.lock @@ -985,12 +985,12 @@ asynckit@^0.4.0: resolved "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz" integrity sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q== -axios@^1.15.0: - version "1.15.0" - resolved "https://registry.npmjs.org/axios/-/axios-1.15.0.tgz" - integrity sha512-wWyJDlAatxk30ZJer+GeCWS209sA42X+N5jU2jy6oHTp7ufw8uzUTVFBX9+wTfAlhiJXGS0Bq7X6efruWjuK9Q== +axios@^1.16.0: + version "1.16.0" + resolved "https://registry.yarnpkg.com/axios/-/axios-1.16.0.tgz#f8e5dd931cef2a5f8c32216d5784eda2f8750eb7" + integrity sha512-6hp5CwvTPlN2A31g5dxnwAX0orzM7pmCRDLnZSX772mv8WDqICwFjowHuPs04Mc8deIld1+ejhtaMn5vp6b+1w== dependencies: - follow-redirects "^1.15.11" + follow-redirects "^1.16.0" form-data "^4.0.5" proxy-from-env "^2.1.0" @@ -1819,9 +1819,9 @@ flatted@^3.2.9: resolved "https://registry.npmjs.org/flatted/-/flatted-3.4.2.tgz" integrity sha512-PjDse7RzhcPkIJwy5t7KPWQSZ9cAbzQXcafsetQoD7sOJRQlGikNbx7yZp2OotDnJyrDcbyRq3Ttb18iYOqkxA== -follow-redirects@^1.15.11: +follow-redirects@^1.16.0: version "1.16.0" - resolved "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.16.0.tgz" + resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.16.0.tgz#28474a159d3b9d11ef62050a14ed60e4df6d61bc" integrity sha512-y5rN/uOsadFT/JfYwhxRS5R7Qce+g3zG97+JrtFZlC9klX/W5hD7iiLzScI4nZqUS7DNUdhPgw4xI8W2LuXlUw== form-data@^4.0.5: From 4766ac549fc9297046a34b539f74442bdf86c3ee Mon Sep 17 00:00:00 2001 From: Davide Ladisa Date: Sat, 9 May 2026 09:37:00 +0200 Subject: [PATCH 05/17] Delete .github/workflows/opencode-review.yml --- .github/workflows/opencode-review.yml | 28 --------------------------- 1 file changed, 28 deletions(-) delete mode 100644 .github/workflows/opencode-review.yml diff --git a/.github/workflows/opencode-review.yml b/.github/workflows/opencode-review.yml deleted file mode 100644 index 7c9bbda..0000000 --- a/.github/workflows/opencode-review.yml +++ /dev/null @@ -1,28 +0,0 @@ -name: opencode-review - -on: - pull_request: - types: [ opened, synchronize, reopened, ready_for_review ] - -jobs: - review: - runs-on: ubuntu-latest - permissions: - id-token: write - contents: read - pull-requests: read - issues: write - steps: - - uses: actions/checkout@v6 - with: - persist-credentials: false - - uses: anomalyco/opencode/github@latest - env: - NVIDIA_API_KEY: ${{ secrets.NVIDIA_API_KEY }} - with: - model: nvidia/z-ai/glm-5.1 - prompt: | - Review this pull request: - - Check for code quality issues - - Look for potential bugs - - Suggest improvements From 3d70de92c0a62f41391583b484f0900758aeffc9 Mon Sep 17 00:00:00 2001 From: Davide Ladisa Date: Sat, 9 May 2026 09:37:05 +0200 Subject: [PATCH 06/17] Delete .github/workflows/opencode-triage.yml --- .github/workflows/opencode-triage.yml | 44 --------------------------- 1 file changed, 44 deletions(-) delete mode 100644 .github/workflows/opencode-triage.yml diff --git a/.github/workflows/opencode-triage.yml b/.github/workflows/opencode-triage.yml deleted file mode 100644 index 97d5386..0000000 --- a/.github/workflows/opencode-triage.yml +++ /dev/null @@ -1,44 +0,0 @@ -name: Issue Triage - -on: - issues: - types: [ opened ] - -jobs: - triage: - runs-on: ubuntu-latest - permissions: - id-token: write - contents: write - pull-requests: write - issues: write - steps: - - name: Check account age - id: check - uses: actions/github-script@v7 - with: - script: | - const user = await github.rest.users.getByUsername({ - username: context.payload.issue.user.login - }); - const created = new Date(user.data.created_at); - const days = (Date.now() - created) / (1000 * 60 * 60 * 24); - return days >= 30; - result-encoding: string - - - uses: actions/checkout@v6 - if: steps.check.outputs.result == 'true' - with: - persist-credentials: false - - - uses: anomalyco/opencode/github@latest - if: steps.check.outputs.result == 'true' - env: - NVIDIA_API_KEY: ${{ secrets.NVIDIA_API_KEY }} - with: - model: nvidia/z-ai/glm-5.1 - prompt: | - Review this issue. If there's a clear fix or relevant docs: - - Provide documentation links - - Add error handling guidance for code examples - Otherwise, do not comment. From 6a5a15fa96585f29055b78d712712f5f3aa40978 Mon Sep 17 00:00:00 2001 From: Davide Ladisa Date: Sat, 9 May 2026 09:37:10 +0200 Subject: [PATCH 07/17] Delete .github/workflows/opencode.yml --- .github/workflows/opencode.yml | 33 --------------------------------- 1 file changed, 33 deletions(-) delete mode 100644 .github/workflows/opencode.yml diff --git a/.github/workflows/opencode.yml b/.github/workflows/opencode.yml deleted file mode 100644 index 91c773d..0000000 --- a/.github/workflows/opencode.yml +++ /dev/null @@ -1,33 +0,0 @@ -name: opencode - -on: - issue_comment: - types: [ created ] - pull_request_review_comment: - types: [ created ] - -jobs: - opencode: - if: | - contains(github.event.comment.body, ' /oc') || - startsWith(github.event.comment.body, '/oc') || - contains(github.event.comment.body, ' /opencode') || - startsWith(github.event.comment.body, '/opencode') - runs-on: ubuntu-latest - permissions: - id-token: write - contents: read - pull-requests: read - issues: read - steps: - - name: Checkout repository - uses: actions/checkout@v6 - with: - persist-credentials: false - - - name: Run opencode - uses: anomalyco/opencode/github@latest - env: - NVIDIA_API_KEY: ${{ secrets.NVIDIA_API_KEY }} - with: - model: nvidia/z-ai/glm-5.1 From 5c5e5098c1f3776780601b38faa6770d10df224a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 16 May 2026 07:23:14 +0000 Subject: [PATCH 08/17] chore(deps-dev): bump eslint from 10.3.0 to 10.4.0 Bumps [eslint](https://github.com/eslint/eslint) from 10.3.0 to 10.4.0. - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](https://github.com/eslint/eslint/compare/v10.3.0...v10.4.0) --- updated-dependencies: - dependency-name: eslint dependency-version: 10.4.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/package.json b/package.json index 8b36479..d37ac1c 100644 --- a/package.json +++ b/package.json @@ -42,7 +42,7 @@ "@types/node": "^25.6.2", "@vercel/node": "^5.7.15", "concurrently": "^9.2.1", - "eslint": "10.3.0", + "eslint": "10.4.0", "nodemon": "^3.1.14", "prettier": "^3.8.3", "progress-webpack-plugin": "^1.0.16", diff --git a/yarn.lock b/yarn.lock index 763c065..8ca9ab9 100644 --- a/yarn.lock +++ b/yarn.lock @@ -348,10 +348,10 @@ debug "^4.3.1" minimatch "^10.2.4" -"@eslint/config-helpers@^0.5.5": - version "0.5.5" - resolved "https://registry.npmjs.org/@eslint/config-helpers/-/config-helpers-0.5.5.tgz" - integrity sha512-eIJYKTCECbP/nsKaaruF6LW967mtbQbsw4JTtSVkUQc9MneSkbrgPJAbKl9nWr0ZeowV8BfsarBmPpBzGelA2w== +"@eslint/config-helpers@^0.6.0": + version "0.6.0" + resolved "https://registry.yarnpkg.com/@eslint/config-helpers/-/config-helpers-0.6.0.tgz#ef9a36881d39dfd5dbeac22b0da997fabfb08b03" + integrity sha512-ii6Bw9jJ2zi2cWA2Z+9/QZ/+3DX6kwaV5Q986D/CdP3Lap3w/pgQZ373FV7byY/i7L4IRH/G43I5dz1ClsCbpA== dependencies: "@eslint/core" "^1.2.1" @@ -1561,15 +1561,15 @@ eslint-visitor-keys@^5.0.1: resolved "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-5.0.1.tgz" integrity sha512-tD40eHxA35h0PEIZNeIjkHoDR4YjjJp34biM0mDvplBe//mB+IHCqHDGV7pxF+7MklTvighcCPPZC7ynWyjdTA== -eslint@10.3.0: - version "10.3.0" - resolved "https://registry.npmjs.org/eslint/-/eslint-10.3.0.tgz" - integrity sha512-XbEXaRva5cF0ZQB8w6MluHA0kZZfV2DuCMJ3ozyEOHLwDpZX2Lmm/7Pp0xdJmI0GL1W05VH5VwIFHEm1Vcw2gw== +eslint@10.4.0: + version "10.4.0" + resolved "https://registry.yarnpkg.com/eslint/-/eslint-10.4.0.tgz#d86b6c405de0f19f3318c47139b8cb6771b3f592" + integrity sha512-loXy6bWOoP3EP6JA7jo6p5jMpBJmHmsNZM5SFRHLdh1MGOPurMnNBj4ZlAbaqUAaQWbCr7jHV4P7gzAyryZWkQ== dependencies: "@eslint-community/eslint-utils" "^4.8.0" "@eslint-community/regexpp" "^4.12.2" "@eslint/config-array" "^0.23.5" - "@eslint/config-helpers" "^0.5.5" + "@eslint/config-helpers" "^0.6.0" "@eslint/core" "^1.2.1" "@eslint/plugin-kit" "^0.7.1" "@humanfs/node" "^0.16.6" From e68fecbe0d565a6f95a5edc076775330ad5d7f6f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 16 May 2026 07:23:31 +0000 Subject: [PATCH 09/17] chore(deps-dev): bump @vercel/node from 5.7.15 to 5.8.2 Bumps [@vercel/node](https://github.com/vercel/vercel/tree/HEAD/packages/node) from 5.7.15 to 5.8.2. - [Release notes](https://github.com/vercel/vercel/releases) - [Changelog](https://github.com/vercel/vercel/blob/main/packages/node/CHANGELOG.md) - [Commits](https://github.com/vercel/vercel/commits/@vercel/node@5.8.2/packages/node) --- updated-dependencies: - dependency-name: "@vercel/node" dependency-version: 5.8.2 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/package.json b/package.json index 8b36479..61bcd34 100644 --- a/package.json +++ b/package.json @@ -40,7 +40,7 @@ "devDependencies": { "@types/express": "^5.0.6", "@types/node": "^25.6.2", - "@vercel/node": "^5.7.15", + "@vercel/node": "^5.8.2", "concurrently": "^9.2.1", "eslint": "10.3.0", "nodemon": "^3.1.14", diff --git a/yarn.lock b/yarn.lock index 763c065..2ded117 100644 --- a/yarn.lock +++ b/yarn.lock @@ -623,10 +623,10 @@ "@types/http-errors" "*" "@types/node" "*" -"@vercel/build-utils@13.21.0": - version "13.21.0" - resolved "https://registry.npmjs.org/@vercel/build-utils/-/build-utils-13.21.0.tgz" - integrity sha512-A1vtlzFYbjvxRxhnt94LUxrn9JVX2EuXALi/NFyxNA1M51eGQwI5LZaroNlgIRXdx7LCJxBQEUMKc1fi0aqU/g== +"@vercel/build-utils@13.25.0": + version "13.25.0" + resolved "https://registry.yarnpkg.com/@vercel/build-utils/-/build-utils-13.25.0.tgz#15829ff5b75cd17afdd76ac54078b99930461230" + integrity sha512-p2wqxi2I95T+g/+uP+Dc/uq2PApW7F9RbE/Vvwp28JY8SoCGHNUs2pxigttgaNDNF6IlUEMOTz+eJvsXToV/1w== dependencies: "@vercel/python-analysis" "0.11.1" cjs-module-lexer "1.2.3" @@ -655,16 +655,16 @@ picomatch "^4.0.2" resolve-from "^5.0.0" -"@vercel/node@^5.7.15": - version "5.7.15" - resolved "https://registry.npmjs.org/@vercel/node/-/node-5.7.15.tgz" - integrity sha512-o8YtafKgaYsY7/4SRKlrvTx/cEB5o3vQG3/eq5Qo66n4WaFeZV8R8GG+BzSU3SYozasQlQxkbPxedUNF4sZJ8A== +"@vercel/node@^5.8.2": + version "5.8.2" + resolved "https://registry.yarnpkg.com/@vercel/node/-/node-5.8.2.tgz#be67bab7b8355491c7f7063ae4e9208c05fddc19" + integrity sha512-Wt6KBr0LoIhUuzeH7E8S+1HRlS6oSA+98FJH/59wY2tYoxsHXbx5uiNkSBqBsM0nIwlJWR3B86tm9q9Xi22XdQ== dependencies: "@edge-runtime/node-utils" "2.3.0" "@edge-runtime/primitives" "4.1.0" "@edge-runtime/vm" "3.2.0" "@types/node" "20.11.0" - "@vercel/build-utils" "13.21.0" + "@vercel/build-utils" "13.25.0" "@vercel/error-utils" "2.1.0" "@vercel/nft" "1.5.0" "@vercel/static-config" "3.3.0" From a068d0da1c41a4ac34d8b1cd48e5e571812f4c3e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 16 May 2026 07:23:39 +0000 Subject: [PATCH 10/17] chore(deps): bump express-rate-limit from 8.5.1 to 8.5.2 Bumps [express-rate-limit](https://github.com/express-rate-limit/express-rate-limit) from 8.5.1 to 8.5.2. - [Release notes](https://github.com/express-rate-limit/express-rate-limit/releases) - [Commits](https://github.com/express-rate-limit/express-rate-limit/compare/v8.5.1...v8.5.2) --- updated-dependencies: - dependency-name: express-rate-limit dependency-version: 8.5.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 8b36479..6c1f2f6 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "compression": "^1.7.4", "dotenv": "^17.4.2", "express": "^5.2.1", - "express-rate-limit": "^8.5.1", + "express-rate-limit": "^8.5.2", "filereader": "^0.10.3", "helmet": "^8.1.0", "image-to-base64": "^2.2.0", diff --git a/yarn.lock b/yarn.lock index 763c065..f04838a 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1650,10 +1650,10 @@ events@^3.2.0: resolved "https://registry.npmjs.org/events/-/events-3.3.0.tgz" integrity sha512-mQw+2fkQbALzQ7V0MY0IqdnXNOeTtP4r0lN9z7AAawCXgqea7bDii20AYrIBrFd/Hx0M2Ocz6S111CaFkUcb0Q== -express-rate-limit@^8.5.1: - version "8.5.1" - resolved "https://registry.yarnpkg.com/express-rate-limit/-/express-rate-limit-8.5.1.tgz#ee62473d7b3bdf3b27b7be3d7f25c6d13308479a" - integrity sha512-5O6KYmyJEpuPJV5hNTXKbAHWRqrzyu+OI3vUnSd2kXFubIVpG7ezpgxQy76Zo5GQZtrQBg86hF+CM/NX+cioiQ== +express-rate-limit@^8.5.2: + version "8.5.2" + resolved "https://registry.yarnpkg.com/express-rate-limit/-/express-rate-limit-8.5.2.tgz#5922dbf76df2124611cea955d93432b37514b2f3" + integrity sha512-5Kb34ipNX694DH48vN9irak1Qx30nb0PLYHXfJgw4YEjiC3ZEmZJhwOp+VfiCYwFzvFTdB9QkArYS5kXa2cx2A== dependencies: ip-address "^10.2.0" From 669ed068442a6611e04f0641f24034cf0acc5f4f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 16 May 2026 07:23:52 +0000 Subject: [PATCH 11/17] chore(deps): bump axios from 1.16.0 to 1.16.1 Bumps [axios](https://github.com/axios/axios) from 1.16.0 to 1.16.1. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v1.16.0...v1.16.1) --- updated-dependencies: - dependency-name: axios dependency-version: 1.16.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 24 ++++++++++++++++++++---- 2 files changed, 21 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 8b36479..cbe4796 100644 --- a/package.json +++ b/package.json @@ -24,7 +24,7 @@ "homepage": "https://github.com/FrancoStino/github-contribution-card#readme", "dependencies": { "@actions/core": "^3.0.1", - "axios": "^1.16.0", + "axios": "^1.16.1", "compression": "^1.7.4", "dotenv": "^17.4.2", "express": "^5.2.1", diff --git a/yarn.lock b/yarn.lock index 763c065..b232d47 100644 --- a/yarn.lock +++ b/yarn.lock @@ -869,6 +869,13 @@ acorn@^8.15.0, acorn@^8.16.0, acorn@^8.6.0: resolved "https://registry.npmjs.org/acorn/-/acorn-8.16.0.tgz" integrity sha512-UVJyE9MttOsBQIDKw1skb9nAwQuR5wuGD3+82K6JgJlm/Y+KI92oNsMNGZCYdDsVtRHSak0pcV5Dno5+4jh9sw== +agent-base@6: + version "6.0.2" + resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-6.0.2.tgz#49fff58577cfee3f37176feab4c22e00f86d7f77" + integrity sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ== + dependencies: + debug "4" + agent-base@^7.1.2: version "7.1.4" resolved "https://registry.npmjs.org/agent-base/-/agent-base-7.1.4.tgz" @@ -985,13 +992,14 @@ asynckit@^0.4.0: resolved "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz" integrity sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q== -axios@^1.16.0: - version "1.16.0" - resolved "https://registry.yarnpkg.com/axios/-/axios-1.16.0.tgz#f8e5dd931cef2a5f8c32216d5784eda2f8750eb7" - integrity sha512-6hp5CwvTPlN2A31g5dxnwAX0orzM7pmCRDLnZSX772mv8WDqICwFjowHuPs04Mc8deIld1+ejhtaMn5vp6b+1w== +axios@^1.16.1: + version "1.16.1" + resolved "https://registry.yarnpkg.com/axios/-/axios-1.16.1.tgz#517e29291d19d6e8cf919ff264f4fe157261ba12" + integrity sha512-caYkukvroVPO8KrzuJEb50Hm07KwfBZPEC3VeFHTsqWHvKTsy54hjJz9BS/cdaypROE2rH6xvm9mHX4fgWkr3A== dependencies: follow-redirects "^1.16.0" form-data "^4.0.5" + https-proxy-agent "^5.0.1" proxy-from-env "^2.1.0" balanced-match@^1.0.0: @@ -2002,6 +2010,14 @@ http-errors@^2.0.0, http-errors@^2.0.1, http-errors@~2.0.1: statuses "~2.0.2" toidentifier "~1.0.1" +https-proxy-agent@^5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz#c59ef224a04fe8b754f3db0063a25ea30d0005d6" + integrity sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA== + dependencies: + agent-base "6" + debug "4" + https-proxy-agent@^7.0.5: version "7.0.6" resolved "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-7.0.6.tgz" From 353cc43264b96115469fff5ea978b2c1febb08de Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 May 2026 09:35:58 +0000 Subject: [PATCH 12/17] chore(deps-dev): bump @types/node from 25.6.2 to 25.8.0 Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.6.2 to 25.8.0. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.8.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 20 ++++++++++---------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/package.json b/package.json index e356580..6e0b718 100644 --- a/package.json +++ b/package.json @@ -39,7 +39,7 @@ }, "devDependencies": { "@types/express": "^5.0.6", - "@types/node": "^25.6.2", + "@types/node": "^25.8.0", "@vercel/node": "^5.8.2", "concurrently": "^9.2.1", "eslint": "10.4.0", diff --git a/yarn.lock b/yarn.lock index 7172916..88fd753 100644 --- a/yarn.lock +++ b/yarn.lock @@ -584,12 +584,12 @@ resolved "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.15.tgz" integrity sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA== -"@types/node@*", "@types/node@^25.6.2": - version "25.6.2" - resolved "https://registry.yarnpkg.com/@types/node/-/node-25.6.2.tgz#8c491201373690e4ef2a2ffed0dfb510a5830b92" - integrity sha512-sokuT28dxf9JT5Kady1fsXOvI4HVpjZa95NKT5y9PNTIrs2AsobR4GFAA90ZG8M+nxVRLysCXsVj6eGC7Vbrlw== +"@types/node@*", "@types/node@^25.8.0": + version "25.8.0" + resolved "https://registry.yarnpkg.com/@types/node/-/node-25.8.0.tgz#d13033397d1c186876bed4c9b9d7f3f962097eb3" + integrity sha512-TCFSk8IZh+iLX1xtksoBVtdmgL+1IX0fC9BeU4QqFSuNdN/K+HUlhqOzEmSYYpZUVsLYcPqc9KX+60iDuninSQ== dependencies: - undici-types "~7.19.0" + undici-types ">=7.24.0 <7.24.7" "@types/node@20.11.0": version "20.11.0" @@ -3221,16 +3221,16 @@ undefsafe@^2.0.5: resolved "https://registry.npmjs.org/undefsafe/-/undefsafe-2.0.5.tgz" integrity sha512-WxONCrssBM8TSPRqN5EmsjVrsv4A8X12J4ArBiiayv3DyyG3ZlIg6yysuuSYdZsVz3TKcTg2fd//Ujd4CHV1iA== +"undici-types@>=7.24.0 <7.24.7": + version "7.24.6" + resolved "https://registry.yarnpkg.com/undici-types/-/undici-types-7.24.6.tgz#61275b485d7fd4e9d269c7cf04ec2873c9cc0f91" + integrity sha512-WRNW+sJgj5OBN4/0JpHFqtqzhpbnV0GuB+OozA9gCL7a993SmU+1JBZCzLNxYsbMfIeDL+lTsphD5jN5N+n0zg== + undici-types@~5.26.4: version "5.26.5" resolved "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz" integrity sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA== -undici-types@~7.19.0: - version "7.19.2" - resolved "https://registry.npmjs.org/undici-types/-/undici-types-7.19.2.tgz" - integrity sha512-qYVnV5OEm2AW8cJMCpdV20CDyaN3g0AjDlOGf1OW4iaDEx8MwdtChUp4zu4H0VP3nDRF/8RKWH+IPp9uW0YGZg== - undici@5.28.4: version "5.28.4" resolved "https://registry.npmjs.org/undici/-/undici-5.28.4.tgz" From 8080bc8e973ef08a8ba37323308b3c28be52ed29 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 23 May 2026 07:23:06 +0000 Subject: [PATCH 13/17] chore(deps-dev): bump @types/node from 25.8.0 to 25.9.1 Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.8.0 to 25.9.1. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.9.1 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 6e0b718..23c9128 100644 --- a/package.json +++ b/package.json @@ -39,7 +39,7 @@ }, "devDependencies": { "@types/express": "^5.0.6", - "@types/node": "^25.8.0", + "@types/node": "^25.9.1", "@vercel/node": "^5.8.2", "concurrently": "^9.2.1", "eslint": "10.4.0", diff --git a/yarn.lock b/yarn.lock index 88fd753..4d57952 100644 --- a/yarn.lock +++ b/yarn.lock @@ -584,10 +584,10 @@ resolved "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.15.tgz" integrity sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA== -"@types/node@*", "@types/node@^25.8.0": - version "25.8.0" - resolved "https://registry.yarnpkg.com/@types/node/-/node-25.8.0.tgz#d13033397d1c186876bed4c9b9d7f3f962097eb3" - integrity sha512-TCFSk8IZh+iLX1xtksoBVtdmgL+1IX0fC9BeU4QqFSuNdN/K+HUlhqOzEmSYYpZUVsLYcPqc9KX+60iDuninSQ== +"@types/node@*", "@types/node@^25.9.1": + version "25.9.1" + resolved "https://registry.yarnpkg.com/@types/node/-/node-25.9.1.tgz#3bda556db500ae4319c08e7fc9ab94f19013ba0b" + integrity sha512-xfrlY7UD5rMJk3ZVJP8BNzS28J36YJg+xp+LPXV1TdWxr8uMH5A860QNxYDGQe/ylDSgjxE52Q9VnO7p75tJxg== dependencies: undici-types ">=7.24.0 <7.24.7" From c8bc9bf2f28edf5e0b0657821f226f9b69963964 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 23 May 2026 07:23:36 +0000 Subject: [PATCH 14/17] chore(deps): bump lru-cache from 11.3.6 to 11.5.0 Bumps [lru-cache](https://github.com/isaacs/node-lru-cache) from 11.3.6 to 11.5.0. - [Changelog](https://github.com/isaacs/node-lru-cache/blob/main/CHANGELOG.md) - [Commits](https://github.com/isaacs/node-lru-cache/compare/v11.3.6...v11.5.0) --- updated-dependencies: - dependency-name: lru-cache dependency-version: 11.5.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 6e0b718..1b9b10a 100644 --- a/package.json +++ b/package.json @@ -33,7 +33,7 @@ "helmet": "^8.1.0", "image-to-base64": "^2.2.0", "lodash": "^4.17.21", - "lru-cache": "^11.3.6", + "lru-cache": "^11.5.0", "node-fetch": "^3.3.2", "typescript": "^6.0.3" }, diff --git a/yarn.lock b/yarn.lock index 88fd753..171c937 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2257,10 +2257,10 @@ log-update@^2.3.0: cli-cursor "^2.0.0" wrap-ansi "^3.0.1" -lru-cache@^11.0.0, lru-cache@^11.3.6: - version "11.3.6" - resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-11.3.6.tgz#f0306ad6e9f0a5dc25b16aeba4e8f57b7ec2df55" - integrity sha512-Gf/KoL3C/MlI7Bt0PGI9I+TeTC/I6r/csU58N4BSNc4lppLBeKsOdFYkK+dX0ABDUMJNfCHTyPpzwwO21Awd3A== +lru-cache@^11.0.0, lru-cache@^11.5.0: + version "11.5.0" + resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-11.5.0.tgz#14117229fd25bc9c67936e32de90ca047488c97a" + integrity sha512-5YgH9UJd7wVb9hIouI2adWpgqrrICkt070Dnj8EUY1+B4B2P9eRLPAkAAo6NICA7CEhOIeBHl46u9zSNpNu7zA== math-intrinsics@^1.1.0: version "1.1.0" From 35c094a4828bfecf7b51820b2961be701777c288 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 23 May 2026 07:23:45 +0000 Subject: [PATCH 15/17] chore(deps-dev): bump webpack from 5.106.2 to 5.107.1 Bumps [webpack](https://github.com/webpack/webpack) from 5.106.2 to 5.107.1. - [Release notes](https://github.com/webpack/webpack/releases) - [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md) - [Commits](https://github.com/webpack/webpack/compare/v5.106.2...v5.107.1) --- updated-dependencies: - dependency-name: webpack dependency-version: 5.107.1 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 89 +++++++++++++++++++++------------------------------- 2 files changed, 37 insertions(+), 54 deletions(-) diff --git a/package.json b/package.json index 6e0b718..600d506 100644 --- a/package.json +++ b/package.json @@ -49,7 +49,7 @@ "ts-loader": "^9.5.7", "tsc-alias": "^1.8.17", "tsconfig-paths-webpack-plugin": "^4.0.0", - "webpack": "^5.106.2", + "webpack": "^5.107.1", "webpack-cli": "^7.0.2" } } diff --git a/yarn.lock b/yarn.lock index 88fd753..1a72008 100644 --- a/yarn.lock +++ b/yarn.lock @@ -529,28 +529,12 @@ dependencies: "@types/node" "*" -"@types/eslint-scope@^3.7.7": - version "3.7.7" - resolved "https://registry.npmjs.org/@types/eslint-scope/-/eslint-scope-3.7.7.tgz" - integrity sha512-MzMFlSLBqNF2gcHWO0G1vP/YQyfvrxZ0bF+u7mzUdZ1/xK4A4sru+nraZz5i3iEIk1l1uyicaDVTB4QbbEkAYg== - dependencies: - "@types/eslint" "*" - "@types/estree" "*" - -"@types/eslint@*": - version "9.6.1" - resolved "https://registry.npmjs.org/@types/eslint/-/eslint-9.6.1.tgz" - integrity sha512-FXx2pKgId/WyYo2jXw63kk7/+TY7u7AziEJxJAnSFzHlqTAS3Ync6SvgYAN/k4/PQpnnVuzoMuVnByKK2qp0ag== - dependencies: - "@types/estree" "*" - "@types/json-schema" "*" - "@types/esrecurse@^4.3.1": version "4.3.1" resolved "https://registry.npmjs.org/@types/esrecurse/-/esrecurse-4.3.1.tgz" integrity sha512-xJBAbDifo5hpffDBuHl0Y8ywswbiAp/Wi7Y/GtAgSlZyIABppyurxVueOPE8LUQOxdlgi6Zqce7uoEpqNTeiUw== -"@types/estree@*", "@types/estree@^1.0.0", "@types/estree@^1.0.6", "@types/estree@^1.0.8": +"@types/estree@^1.0.0", "@types/estree@^1.0.6", "@types/estree@^1.0.8": version "1.0.8" resolved "https://registry.npmjs.org/@types/estree/-/estree-1.0.8.tgz" integrity sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w== @@ -579,7 +563,7 @@ resolved "https://registry.npmjs.org/@types/http-errors/-/http-errors-2.0.5.tgz" integrity sha512-r8Tayk8HJnX0FztbZN7oVqGccWgw98T/0neJphO91KkmOzug1KkofZURD4UaD5uH8AqcFLfdPErnBod0u71/qg== -"@types/json-schema@*", "@types/json-schema@^7.0.15", "@types/json-schema@^7.0.6", "@types/json-schema@^7.0.9": +"@types/json-schema@^7.0.15", "@types/json-schema@^7.0.6", "@types/json-schema@^7.0.9": version "7.0.15" resolved "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.15.tgz" integrity sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA== @@ -1402,13 +1386,13 @@ encodeurl@^2.0.0: resolved "https://registry.npmjs.org/encodeurl/-/encodeurl-2.0.0.tgz" integrity sha512-Q0n9HRi4m6JuGIV1eFlmvJB7ZEVxu93IrMyiMsGC0lrMJMWzRgx6WGquyfQgZVb31vhGgXnfmPNNXmxnOkRBrg== -enhanced-resolve@^5.0.0, enhanced-resolve@^5.20.0, enhanced-resolve@^5.7.0: - version "5.20.1" - resolved "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.20.1.tgz" - integrity sha512-Qohcme7V1inbAfvjItgw0EaxVX5q2rdVEZHRBrEQdRZTssLDGsL8Lwrznl8oQ/6kuTJONLaDcGjkNP247XEhcA== +enhanced-resolve@^5.0.0, enhanced-resolve@^5.21.4, enhanced-resolve@^5.7.0: + version "5.22.0" + resolved "https://registry.yarnpkg.com/enhanced-resolve/-/enhanced-resolve-5.22.0.tgz#43c5caad657c6fce58fc6142e5ca6fa8528ed460" + integrity sha512-xYcDWrpELkFzz9SpZ3PlI6Eu6eD93Yf0WLDRxikGhWJ3MAir2SNZTIVCVZqZ/NUyx8AdMc2gT9C0gPiw18kG+A== dependencies: graceful-fs "^4.2.4" - tapable "^2.3.0" + tapable "^2.3.3" envinfo@^7.14.0: version "7.21.0" @@ -1435,10 +1419,10 @@ es-module-lexer@1.5.0: resolved "https://registry.npmjs.org/es-module-lexer/-/es-module-lexer-1.5.0.tgz" integrity sha512-pqrTKmwEIgafsYZAGw9kszYzmagcE/n4dbgwGWLEXg7J4QFJVQRBld8j3Q3GNez79jzxZshq0bcT962QHOghjw== -es-module-lexer@^2.0.0: - version "2.0.0" - resolved "https://registry.npmjs.org/es-module-lexer/-/es-module-lexer-2.0.0.tgz" - integrity sha512-5POEcUuZybH7IdmGsD8wlf0AI55wMecM9rVBTI/qEAy2c1kTOm3DjFYjrBdI2K3BaJjJYfYFeRtM0t9ssnRuxw== +es-module-lexer@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/es-module-lexer/-/es-module-lexer-2.1.0.tgz#1dfcbb5ea3bbfb63f28e1fc3676c3676d1c9624c" + integrity sha512-n27zTYMjYu1aj4MjCWzSP7G9r75utsaoc8m61weK+W8JMBGGQybd43GstCXZ3WNmSFtGT9wi59qQTW6mhTR5LQ== es-object-atoms@^1.0.0, es-object-atoms@^1.1.1: version "1.1.1" @@ -2224,10 +2208,10 @@ levn@^0.4.1: prelude-ls "^1.2.1" type-check "~0.4.0" -loader-runner@^4.3.1: - version "4.3.1" - resolved "https://registry.npmjs.org/loader-runner/-/loader-runner-4.3.1.tgz" - integrity sha512-IWqP2SCPhyVFTBtRcgMHdzlf9ul25NwaFx4wCEH/KjAXuuHY4yNjvPXsBokp8jCB936PyWRaPKUNh8NvylLp2Q== +loader-runner@^4.3.2: + version "4.3.2" + resolved "https://registry.yarnpkg.com/loader-runner/-/loader-runner-4.3.2.tgz#9913d3a15971f8f635915e601fb5c9d495d918e9" + integrity sha512-DFEqQ3ihfS9blba08cLfYf1NRAIEm+dDjic073DRDc3/JspI/8wYmtDsHwd3+4hwvdxSK7PGaElfTmm0awWJ4w== locate-path@^5.0.0: version "5.0.0" @@ -3044,10 +3028,10 @@ supports-preserve-symlinks-flag@^1.0.0: resolved "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz" integrity sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w== -tapable@^2.2.1, tapable@^2.3.0: - version "2.3.2" - resolved "https://registry.npmjs.org/tapable/-/tapable-2.3.2.tgz" - integrity sha512-1MOpMXuhGzGL5TTCZFItxCc0AARf1EZFQkGqMm7ERKj8+Hgr5oLvJOVFcC+lRmR8hCe2S3jC4T5D7Vg/d7/fhA== +tapable@^2.2.1, tapable@^2.3.0, tapable@^2.3.3: + version "2.3.3" + resolved "https://registry.yarnpkg.com/tapable/-/tapable-2.3.3.tgz#5da7c9992c46038221267985ab28421a8879f160" + integrity sha512-uxc/zpqFg6x7C8vOE7lh6Lbda8eEL9zmVm/PLeTPBRhh1xCgdWaQ+J1CUieGpIfm2HdtsUpRv+HshiasBMcc6A== tar@^7.4.0: version "7.5.13" @@ -3060,10 +3044,10 @@ tar@^7.4.0: minizlib "^3.1.0" yallist "^5.0.0" -terser-webpack-plugin@^5.3.17: - version "5.4.0" - resolved "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-5.4.0.tgz" - integrity sha512-Bn5vxm48flOIfkdl5CaD2+1CiUVbonWQ3KQPyP7/EuIl9Gbzq/gQFOzaMFUEgVjB1396tcK0SG8XcNJ/2kDH8g== +terser-webpack-plugin@^5.5.0: + version "5.6.0" + resolved "https://registry.yarnpkg.com/terser-webpack-plugin/-/terser-webpack-plugin-5.6.0.tgz#8e7caad248183ab9e91ff08a83b0fc9f0439c3c3" + integrity sha512-Eum+5ajkaOhf5KbM26osvv21kLD7BaGqQ1UA4Ami4arYwylmGUQTgHFpHDdmJod1q4QXa66p0to/FBKID+J1vA== dependencies: "@jridgewell/trace-mapping" "^0.3.25" jest-worker "^27.4.5" @@ -3315,17 +3299,16 @@ webpack-merge@^6.0.1: flat "^5.0.2" wildcard "^2.0.1" -webpack-sources@^3.3.4: - version "3.3.4" - resolved "https://registry.npmjs.org/webpack-sources/-/webpack-sources-3.3.4.tgz" - integrity sha512-7tP1PdV4vF+lYPnkMR0jMY5/la2ub5Fc/8VQrrU+lXkiM6C4TjVfGw7iKfyhnTQOsD+6Q/iKw0eFciziRgD58Q== +webpack-sources@^3.4.1: + version "3.5.0" + resolved "https://registry.yarnpkg.com/webpack-sources/-/webpack-sources-3.5.0.tgz#87bf7f5801a4e985b1f1c92b64b9620a02f76d08" + integrity sha512-HPuy+uuoTCaaoEoI1LQ3JN9+vrPBvEesnnX1jADHy728cHSMlq4wUc4afYqahq2B1mhQVZxCXOkNTnXltr+2vQ== -webpack@^5.106.2: - version "5.106.2" - resolved "https://registry.npmjs.org/webpack/-/webpack-5.106.2.tgz" - integrity sha512-wGN3qcrBQIFmQ/c0AiOAQBvrZ5lmY8vbbMv4Mxfgzqd/B6+9pXtLo73WuS1dSGXM5QYY3hZnIbvx+K1xxe6FyA== +webpack@^5.107.1: + version "5.107.1" + resolved "https://registry.yarnpkg.com/webpack/-/webpack-5.107.1.tgz#01ad63131b7c413f607cc00a8136f467c1f10af0" + integrity sha512-mvdIWxj/H6QsfgDdH9djne3a5dYcmEmtsXGESkypaGN5jXjF/b+9KDlmTDQ2TKlFUeA2fI9Y65kihD30JOdB+Q== dependencies: - "@types/eslint-scope" "^3.7.7" "@types/estree" "^1.0.8" "@types/json-schema" "^7.0.15" "@webassemblyjs/ast" "^1.14.1" @@ -3335,20 +3318,20 @@ webpack@^5.106.2: acorn-import-phases "^1.0.3" browserslist "^4.28.1" chrome-trace-event "^1.0.2" - enhanced-resolve "^5.20.0" - es-module-lexer "^2.0.0" + enhanced-resolve "^5.21.4" + es-module-lexer "^2.1.0" eslint-scope "5.1.1" events "^3.2.0" glob-to-regexp "^0.4.1" graceful-fs "^4.2.11" - loader-runner "^4.3.1" + loader-runner "^4.3.2" mime-db "^1.54.0" neo-async "^2.6.2" schema-utils "^4.3.3" tapable "^2.3.0" - terser-webpack-plugin "^5.3.17" + terser-webpack-plugin "^5.5.0" watchpack "^2.5.1" - webpack-sources "^3.3.4" + webpack-sources "^3.4.1" whatwg-url@^5.0.0: version "5.0.0" From ac74bc399e406788fd19d3e6fbc23a8cc756ad55 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 23 May 2026 07:23:52 +0000 Subject: [PATCH 16/17] chore(deps): bump helmet from 8.1.0 to 8.2.0 Bumps [helmet](https://github.com/helmetjs/helmet) from 8.1.0 to 8.2.0. - [Changelog](https://github.com/helmetjs/helmet/blob/main/CHANGELOG.md) - [Commits](https://github.com/helmetjs/helmet/compare/v8.1.0...v8.2.0) --- updated-dependencies: - dependency-name: helmet dependency-version: 8.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 6e0b718..cecb973 100644 --- a/package.json +++ b/package.json @@ -30,7 +30,7 @@ "express": "^5.2.1", "express-rate-limit": "^8.5.2", "filereader": "^0.10.3", - "helmet": "^8.1.0", + "helmet": "^8.2.0", "image-to-base64": "^2.2.0", "lodash": "^4.17.21", "lru-cache": "^11.3.6", diff --git a/yarn.lock b/yarn.lock index 88fd753..3de0400 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1994,10 +1994,10 @@ hasown@^2.0.2: dependencies: function-bind "^1.1.2" -helmet@^8.1.0: - version "8.1.0" - resolved "https://registry.npmjs.org/helmet/-/helmet-8.1.0.tgz" - integrity sha512-jOiHyAZsmnr8LqoPGmCjYAaiuWwjAPLgY8ZX2XrmHawt99/u1y6RgrZMTeoPfpUbV96HOalYgz1qzkRbw54Pmg== +helmet@^8.2.0: + version "8.2.0" + resolved "https://registry.yarnpkg.com/helmet/-/helmet-8.2.0.tgz#61cb43244de24255a288c2fddb36086074eb1812" + integrity sha512-DRgTIUgnWcJ62KyarxxziuqYxKGnR6Rgg19BlbucN/dpmJbl1XOit6qvoOX0ZT+HhWe5OUVhU/a1zpGyc1xA0Q== http-errors@^2.0.0, http-errors@^2.0.1, http-errors@~2.0.1: version "2.0.1" From 1a7f48e1a022d345c69f846934c35441403d3869 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 23 May 2026 07:27:59 +0000 Subject: [PATCH 17/17] chore(deps-dev): bump @vercel/node from 5.8.2 to 5.8.4 Bumps [@vercel/node](https://github.com/vercel/vercel/tree/HEAD/packages/node) from 5.8.2 to 5.8.4. - [Release notes](https://github.com/vercel/vercel/releases) - [Changelog](https://github.com/vercel/vercel/blob/main/packages/node/CHANGELOG.md) - [Commits](https://github.com/vercel/vercel/commits/@vercel/node@5.8.4/packages/node) --- updated-dependencies: - dependency-name: "@vercel/node" dependency-version: 5.8.4 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/package.json b/package.json index 5d9a610..a2e6031 100644 --- a/package.json +++ b/package.json @@ -40,7 +40,7 @@ "devDependencies": { "@types/express": "^5.0.6", "@types/node": "^25.9.1", - "@vercel/node": "^5.8.2", + "@vercel/node": "^5.8.4", "concurrently": "^9.2.1", "eslint": "10.4.0", "nodemon": "^3.1.14", diff --git a/yarn.lock b/yarn.lock index 75a9962..c9ce9f8 100644 --- a/yarn.lock +++ b/yarn.lock @@ -607,10 +607,10 @@ "@types/http-errors" "*" "@types/node" "*" -"@vercel/build-utils@13.25.0": - version "13.25.0" - resolved "https://registry.yarnpkg.com/@vercel/build-utils/-/build-utils-13.25.0.tgz#15829ff5b75cd17afdd76ac54078b99930461230" - integrity sha512-p2wqxi2I95T+g/+uP+Dc/uq2PApW7F9RbE/Vvwp28JY8SoCGHNUs2pxigttgaNDNF6IlUEMOTz+eJvsXToV/1w== +"@vercel/build-utils@13.26.1": + version "13.26.1" + resolved "https://registry.yarnpkg.com/@vercel/build-utils/-/build-utils-13.26.1.tgz#bb6b61a22fb3a14167d9b4b00de54c5201fa7a70" + integrity sha512-vMdSJ0U2YVkBWfSEHEj9WOuI8g52ozlluAiZhAGh2osGNYrD+w7IsvhLWXseFsAEr7v2rNTkY9nbrfgYiHYA+Q== dependencies: "@vercel/python-analysis" "0.11.1" cjs-module-lexer "1.2.3" @@ -639,16 +639,16 @@ picomatch "^4.0.2" resolve-from "^5.0.0" -"@vercel/node@^5.8.2": - version "5.8.2" - resolved "https://registry.yarnpkg.com/@vercel/node/-/node-5.8.2.tgz#be67bab7b8355491c7f7063ae4e9208c05fddc19" - integrity sha512-Wt6KBr0LoIhUuzeH7E8S+1HRlS6oSA+98FJH/59wY2tYoxsHXbx5uiNkSBqBsM0nIwlJWR3B86tm9q9Xi22XdQ== +"@vercel/node@^5.8.4": + version "5.8.4" + resolved "https://registry.yarnpkg.com/@vercel/node/-/node-5.8.4.tgz#4e5f35a01f6ca505427a1d921847dc80a93719b7" + integrity sha512-YY1sr6Vd32PL11cwMhmt7qhcAmqxbITNNq9JPLFpI0xWlr7Aiu81fgyTCV32mJvPq//NTgMumVI1hQFnojtfNQ== dependencies: "@edge-runtime/node-utils" "2.3.0" "@edge-runtime/primitives" "4.1.0" "@edge-runtime/vm" "3.2.0" "@types/node" "20.11.0" - "@vercel/build-utils" "13.25.0" + "@vercel/build-utils" "13.26.1" "@vercel/error-utils" "2.1.0" "@vercel/nft" "1.5.0" "@vercel/static-config" "3.3.0"