Update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@biomejs/biome (source)	2.4.13 → 2.4.14
@sentry/react (source)	10.50.0 → 10.51.0
@swc/core (source)	1.15.32 → 1.15.33
axios (source)	1.15.2 → 1.16.0
jose	6.2.2 → 6.2.3

---

Release Notes

biomejs/biome (@​biomejs/biome)

v2.4.14

Compare Source

Patch Changes

• #​9393 491b171 Thanks @​dyc3! - Added the nursery rule useTestHooksOnTop in the test domain. The rule flags lifecycle hooks (beforeEach, beforeAll, afterEach, afterAll) that appear after test cases in the same block, enforcing that hooks are defined before any test case.

• #​10157 eefc5ab Thanks @​dyc3! - Fixed #​7882: The HTML parser will now emit better diagnostics when it encounters a void element with a closing tag, such as <br></br>. Previously, the parser would emit multiple diagnostics with conflicting advice. Now it emits a single diagnostic that clearly states that void elements should not have closing tags.

• #​10054 0e9f569 Thanks @​minseong0324! - noMisleadingReturnType no longer misses widening from concrete object types, class instances, object literals, tuples, functions, and regular expressions to : object.

  A function annotated : object returning an object literal:

  function f(): object {
    return { retry: true };
  }

• #​10116 53269eb Thanks @​jiwon79! - Fixed #​6201: noUselessEscapeInRegex no longer flags an escaped backslash followed by - as a useless escape. Patterns like /[\\-]/ are now considered valid because the second \ is the escaped backslash, not an unnecessary escape of the trailing dash.

• #​10092 33d8543 Thanks @​Conaclos! - Fixed #​9097: organizeImports no longer adds a blank line between a never-matched group and a matched group.

  Given the following organizeImports options:

  {
    "groups": [":NODE:", ":BLANK_LINE:", ":PACKAGE:", ":BLANK_LINE:", ":PATH:"]
  }

  The following code...

  // Comment
  import "package";
  import "./file.js";

  ...was organized as:

  +
    // Comment
    import "package";
  +
    import "./file.js";

  A blank line was added even though the group ':NODE:' doesn't match any imports here.
  :BLANK_LINE: between never-matched groups and matched groups are now ignored.
  The code is now organized as:

    // Comment
    import "package";
  +
    import "./file.js";

• #​10138 a10b6c1 Thanks @​dyc3! - Fixed Vue v-for handling for noUndeclaredVariables and noUnusedVariables. Biome now recognizes variables declared by v-for directives and references to iterated values in Vue templates.

• #​10115 d428d76 Thanks @​minseong0324! - noMisleadingReturnType no longer reports false positives when a union return type's boolean variant is covered by both true and false returns.

• #​9922 7acf1e0 Thanks @​dyc3! - Added the new nursery rule noReactStringRefs, which disallows legacy React string refs such as ref="hello" and this.refs.hello.

  Biome also reports template-literal refs such as ref={`hello`}, so React code can consistently migrate to callback refs, createRef(), or useRef().

• #​10010 f3e76ab Thanks @​dyc3! - Fixed a bug in the LSP file watcher registration so Biome now watches .biome.json and .biome.jsonc configuration files and reloads workspace settings when they change.

• #​10176 8a40ef8 Thanks @​dyc3! - Fixed #​10011: The noThisInStatic rule no longer reports this when it is used as the constructor target in new this(...), which is required for inherited static factory methods.

• #​10163 6867e96 Thanks @​jiwon79! - Fixed #​9884: The useSortedAttributes auto-fix no longer corrupts source code when both an outer JSX element and a nested JSX-valued attribute have unsorted attributes in the same pass. Multiple unsorted groups separated by spread or shorthand attributes within the same JSX element are now reported as a single diagnostic.

• #​10079 d29dd19 Thanks @​Damix48! - Fixed false positive in noAssignInExpressions for Svelte {@​const} blocks. Assignments in {@​const name = value} are now correctly recognized as declarations rather than accidental assignments in expressions.

• #​10080 5d8fdac Thanks @​Damix48! - Fixed parsing of closing parentheses in Svelte {#each} block key expressions. Biome now correctly parses method calls and other parenthesised expressions used as keys.

  For example, the following snippets are now parsed correctly:

  {#each numbers as number, index (number.toString())}
    <p>{number}</p>
  {/each}
  
  {#each numbers as number (key(number))}
    <p>{number}</p>
  {/each}

• #​10140 e7024b9 Thanks @​solithcy! - Fixed #​10135: Biome no longer crashes on missing Svelte template expressions.

  The following code snippet longer panics:

  {#if }
   <p>^ this would previously crash</p>
  {/if}
  {@&#8203;const }
  <p>    ^ this would also crash</p>

• #​10111 7818009 Thanks @​jiwon79! - Fixed #​9997: noDuplicateSelectors no longer reports false positives for selectors inside @scope queries. Biome now treats @scope as a separate at-rule context, like @media, @supports, @container, and @starting-style.

  The following snippet is no longer flagged as a duplicate:

  .Example {
    padding: 0;
  }
  
  @​scope (.theme-dark) {
    .Example {
      color: white;
    }
  }

• #​9926 d62b331 Thanks @​dyc3! - Added the nursery lint rule useMathMinMax, which prefers Math.min() and Math.max() over equivalent ternary comparisons.

  For example, this code:

  const min = a < b ? a : b;

  is much more readable when rewritten as:

  const min = Math.min(a, b);

• #​10115 d428d76 Thanks @​minseong0324! - useExhaustiveSwitchCases now flags missing true/false cases for boolean discriminants, including when boolean is a union variant.

• #​10125 a55a0b6 Thanks @​bmish! - Fixed a resolver bug where packages that define a typed entry point through package.json's main field but omit types were ignored during type-aware resolution. Type-aware rules such as noFloatingPromises can now inspect imports from those packages.

• #​10117 895e809 Thanks @​denizdogan! - Added support for the corner-shape family of CSS properties and the superellipse()/squircle() value functions, so noUnknownProperty and noUnknownFunction no longer flag them as unknown.

  New known properties: corner-shape, corner-block-end-shape, corner-block-start-shape, corner-bottom-left-shape, corner-bottom-right-shape, corner-bottom-shape, corner-end-end-shape, corner-end-start-shape, corner-inline-end-shape, corner-inline-start-shape, corner-left-shape, corner-right-shape, corner-start-end-shape, corner-start-start-shape, corner-top-left-shape, corner-top-right-shape, corner-top-shape.

  New known value functions: superellipse(), squircle().

• #​8620 8df8f73 Thanks @​dyc3! - Fixed #​8062: Added support for parsing Vue v-for directives more accurately.

• #​10191 aa055cd Thanks @​guney! - Now the rule noStaticElementInteractions doesn't trigger custom elements.

• #​9757 2c62594 Thanks @​dyc3! - Fixed #​9099: the HTML formatter collapsing non-text children (inline elements, Svelte expressions, comments) onto a single line when the source had them on separate lines. Biome now preserves the user's intended line breaks for exclusively non-text children.

  For example, the following Svelte snippet is now preserved instead of being collapsed to <div>{name}<!-- comment --></div>:

  <div>
    {name}<!-- comment -->
  </div>

  Similarly, HTML elements like <span> inside a <div> are now preserved when written on their own line:

  <div>
    <span>text</span>
  </div>

• #​10105 e7c1a6d Thanks @​jiwon79! - Fixed #​10039: useReadonlyClassProperties now detects unreassigned private members in class expressions and export default classes, not only in class declarations.

  The following patterns are now correctly flagged:

  const AnonClass = class {
    #prop = 123;
    constructor() {
      console.log(this.#prop);
    }
  };
  
  export default class {
    #prop = 123;
    constructor() {
      console.log(this.#prop);
    }
  }

• #​10141 46a77d0 Thanks @​minseong0324! - Improved noUnnecessaryConditions to detect conditions that are always truthy because they check built-in global class instances such as Date, Map, Set, WeakMap, and Error.

• #​10178 7b05a89 Thanks @​dyc3! - Fixed #​10177: The HTML parser no longer reports lowercase html or doctype text as invalid after void elements such as <br>.

• #​10155 0d4595d Thanks @​jiwon79! - Fixed #​10045: the CSS formatter no longer compounds indentation inside nested functional pseudo-classes such as :not(:where(...)), :is(:where(...)), and similar combinations. The same fix also removes one level of unnecessary indentation that was added inside any pseudo-class function whose argument list wrapped onto multiple lines, including :nth-child(... of ...), ::part(...), and :active-view-transition-type(...).
  The following snippet is now correctly formatted, matching Prettier.

  input:not(
    :where(
      [type="submit"],
      [type="checkbox"],
      [type="radio"],
      [type="button"],
      [type="reset"]
    )
  ) {
    inline-size: 100%;
  }

• #​10112 6f0251e Thanks @​dyc3! - Fixed #​10110: Biome's parser now accepts surrogate code points in JavaScript string \u{...} escapes.

• #​10141 46a77d0 Thanks @​minseong0324! - Improved noMisleadingReturnType to detect object return annotations that hide built-in global class instances such as Date, Map, Set, WeakMap, and Error.

• #​10083 4a664c1 Thanks @​ematipico! - Added two new options to noShadow, both defaulting to true to match typescript-eslint's behavior.

  Fixed #​9482: Added ignoreFunctionTypeParameterNameValueShadow option. When enabled, parameter names inside function type annotations (e.g. (options: unknown) => void) are not flagged as shadowing outer variables.

  Fixed #​7812: Added ignoreTypeValueShadow option. When enabled, a value binding that shares its name with a type-only declaration (type alias or interface) is not flagged, since types and values occupy separate namespaces in TypeScript.

• #​9286 52695cf Thanks @​Hugo-Polloli! - Fixed #​6316: Biome now resolves Svelte $store references to the underlying store binding in semantic analysis, preventing false noUndeclaredVariables diagnostics when the store is declared.

• #​10188 ae659dd Thanks @​dyc3! - Added a new nursery rule noExcessiveNestedCallbacks, which disallows callbacks nested deeper than the configured maximum.

• #​9757 2c62594 Thanks @​dyc3! - Fixed #​9450: the HTML formatter now correctly preserves multiline formatting for nested <template> elements (e.g. <template #body>) when the source has children on separate lines. Previously, the children were collapsed onto a single line.

   <template>
     <UModal>
  -    <template #body> <p>content</p> </template>
  +    <template #body>
  +      <p>content</p>
  +    </template>
     </UModal>
   </template>

• #​10118 c6edcb4 Thanks @​Netail! - Fixed #​10024: biome migrate eslint correctly migrates eslint rules that belong to multiple Biome rules.

getsentry/sentry-javascript (@​sentry/react)

v10.51.0

Compare Source

Important Changes

• feat(cloudflare): Add trace propagation for RPC method calls (#​20343)

  Trace context is now propagated across Cloudflare Workers RPC calls, connecting traces between Workers and Durable Objects.
  This feature is opt-in and requires setting enableRpcTracePropagation: true in your SDK configuration:

  // Worker
  export default Sentry.withSentry(
    env => ({
      dsn: env.SENTRY_DSN,
      enableRpcTracePropagation: true,
    }),
    handler,
  );
  
  // Durable Object
  export const MyDurableObject = Sentry.instrumentDurableObjectWithSentry(
    env => ({
      dsn: env.SENTRY_DSN,
      enableRpcTracePropagation: true,
    }),
    MyDurableObjectBase,
  );

• feat(hono)!: Change setup for @sentry/hono/node (init in external file) (#​20497)

  To improve Node.js instrumentation, the sentry() middleware exported from @sentry/hono/node no longer accepts configuration options.
  Instead, you must configure the SDK by calling Sentry.init() in a dedicated instrumentation file that runs before your application code (read more in the Hono SDK readme:

  // instrument.mjs (or instrument.ts)
  import * as Sentry from '@​sentry/hono/node';
  
  Sentry.init({
    dsn: '__DSN__',
    tracesSampleRate: 1.0,
  });

• feat(nitro): Add @sentry/nitro SDK (#​19224)

  A new @sentry/nitro package provides first-class Sentry support for Nitro applications, with HTTP handler and error instrumentation, middleware tracing, request isolation, and build-time source map uploading via withSentryConfig.
  Read more in the Nitro SDK docs and the Nitro SDK readme.

Other Changes

• deps(minimatch): Upgrade patch version to use new brace-expansion peer-dep (#​20198)
• docs: Add deprecation notices to bin scripts (#​20570)
• feat(astro): Drop prerendered http.server filter via ignoreSpans (#​20513)
• feat(aws-serverless): Validate extension tunnel DSN against SENTRY_DSN (#​20528)
• feat(browser): Add ingest_settings to span v2 envelope payload (#​20411)
• feat(browser): Add support for streamed spans in httpContextIntegration (#​20464)
• feat(core): Backfill otel attributes on streamed spans (#​20439)
• feat(core): clear up integrations on dispose (#​20407)
• feat(core): Instrument langgraph createReactAgent (#​20344)
• feat(core): Support attribute matching in ignoreSpans (#​20512)
• feat(feedback): allow error messages to be customized (#​20474)
• feat(hono): Support middleware spans defined in app groups (#​20465)
• feat(nextjs): Filter unwanted segments when span streaming is enabled (#​20384)
• feat(nextjs): Migrate edge event processors to span-first APIs (#​20551)
• feat(nextjs): Migrate server event processors to span-first APIs (#​20527)
• feat(nextjs): Set global attribute for turbopack usage (#​20558)
• feat(nitro): Nitro SDK (#​19224)
• feat(react-router): Clean up bogus * http.route attribute on segment spans (#​20471)
• feat(react-router): Drop low-quality transactions via ignoreSpans (#​20514)
• feat(sveltekit): Support span streaming in svelteKitSpansEnhancement integration (#​20496)
• feat(tanstackstart-react): Add dynamic tunnel route helper and generator (#​20264)
• fix: update prisma v7 spans descriptions (#​20456)
• fix(core): Avoid parse-time SyntaxError on Safari <16.4 in postgresjs (#​20498)
• fix(core): Ensure isSentryRequest handles subdomains properly (#​20530)
• fix(core): Ensure ip address headers are stripped when lower case (#​20484)
• fix(core): Filter more cookie names for PII (#​20485)
• fix(core): Use symbol for normalization checks (#​20486)
• fix(hono): Distinguish .use() middleware in sub-apps from .all() handlers (#​20554)
• fix(nextjs): Ensure we do not match tunnel endpoints too broadly (#​20488)
• fix(opentelemetry): Add conditional browser export to avoid node deps (#​20556)
• fix(replay): Avoid main-thread blocking in WorkerHandler under event bursts (#​20548)
• fix(replay): Ensure maskAttributes works with maskAllText=false (#​20491)
• fix(supabase): Consider sendDefaultPii for supabase integration (#​20490)

Internal Changes

• chore: Add size limit reports on PRs for Cloudflare (#​20055)
• chore: Update CODEOWNERS (#​20559)
• chore(build): Opt-out of nx analytics (#​20487)
• chore(ci): Automatically bump size limit every week (#​20531)
• chore(ci): Bump pnpm/action-setup to v5 and pin to commit SHA (#​20462)
• chore(ci): Do not report flaky test issues if we cannot find a test name (#​20589)
• chore(ci): Streamline CI setup to split bundle, layer, tarball generation (#​20396)
• chore(ci): Vendor nx-affected-list action, drop dkhunt27 dependency (#​20463)
• chore(e2e): Add vue and vue-router to nuxt-4 canary build step to fix rollup resolution (#​20519)
• chore(e2e): Remove @​tanstack/start-plugin-core override (#​20518)
• chore(size-limit): weekly auto-bump (#​20572)
• chore(skill): Add skill for writing unit and E2E tests (#​20561)
• chore(test): Reduce unneeded idleTimeout test config (#​20467)
• ci(size-bump): Fix path in size-limit auto-bump workflow (#​20566)
• fix(e2e/tanstackstart-react): pin @​tanstack/start-plugin-core to unblock CI (#​20482)
• fix(tests): Remove nitro canary test job (#​20473)
• ref(browser): Use safeSetSpanJSONAttributes in cultureContext integration (#​20481)
• test(browser): Unflake some more tests (#​20591)
• test(nextjs): Pin eslint-config-next package to major (#​20552)
• test(node): Fix flaky ANR test (#​20592)
• test(node): Fix flaky worker thread integration test (#​20588)
• test(node): Unflake postgres tests (#​20593)
• test(node): Update timeout for cron integration tests (#​20586)
• test(supabase): Stop supabase before initializing (#​20563)
• test(tanstack): Prefix test labels (#​20569)

Bundle size 📦

Path	Size
@​sentry/browser	25.54 KB
@​sentry/browser - with treeshaking flags	24.06 KB
@​sentry/browser (incl. Tracing)	43.08 KB
@​sentry/browser (incl. Tracing + Span Streaming)	45.07 KB
@​sentry/browser (incl. Tracing, Profiling)	47.91 KB
@​sentry/browser (incl. Tracing, Replay)	81.5 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags	71.23 KB
@​sentry/browser (incl. Tracing, Replay with Canvas)	86.07 KB
@​sentry/browser (incl. Tracing, Replay, Feedback)	98.42 KB
@​sentry/browser (incl. Feedback)	42.38 KB
@​sentry/browser (incl. sendFeedback)	30.24 KB
@​sentry/browser (incl. FeedbackAsync)	35.3 KB
@​sentry/browser (incl. Metrics)	26.8 KB
@​sentry/browser (incl. Logs)	26.95 KB
@​sentry/browser (incl. Metrics & Logs)	27.62 KB
@​sentry/react	27.25 KB
@​sentry/react (incl. Tracing)	45.26 KB
@​sentry/vue	30.3 KB
@​sentry/vue (incl. Tracing)	44.87 KB
@​sentry/svelte	25.57 KB
CDN Bundle	28.16 KB
CDN Bundle (incl. Tracing)	45.61 KB
CDN Bundle (incl. Logs, Metrics)	29.54 KB
CDN Bundle (incl. Tracing, Logs, Metrics)	46.68 KB
CDN Bundle (incl. Replay, Logs, Metrics)	67.71 KB
CDN Bundle (incl. Tracing, Replay)	81.91 KB
CDN Bundle (incl. Tracing, Replay, Logs, Metrics)	82.95 KB
CDN Bundle (incl. Tracing, Replay, Feedback)	87.59 KB
CDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics)	88.66 KB
CDN Bundle - uncompressed	82.57 KB
CDN Bundle (incl. Tracing) - uncompressed	136.41 KB
CDN Bundle (incl. Logs, Metrics) - uncompressed	86.67 KB
CDN Bundle (incl. Tracing, Logs, Metrics) - uncompressed	139.79 KB
CDN Bundle (incl. Replay, Logs, Metrics) - uncompressed	207.73 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed	251.45 KB
CDN Bundle (incl. Tracing, Replay, Logs, Metrics) - uncompressed	254.82 KB
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed	264.83 KB
CDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics) - uncompressed	268.18 KB
@​sentry/nextjs (client)	47.7 KB
@​sentry/sveltekit (client)	43.52 KB
@​sentry/node-core	57.57 KB
@​sentry/node	166.25 KB
@​sentry/node - without tracing	94.54 KB
@​sentry/aws-serverless	111 KB
@​sentry/cloudflare (withSentry) - minified	160.29 KB
@​sentry/cloudflare (withSentry)	405.47 KB

swc-project/swc (@​swc/core)

v1.15.33

Compare Source

Bug Fixes

• (ci) Update rand lockfile entries (#​11827) (7988966)

• (es/minifier) Fold unary bool nullish coalescing (#​11826) (e39ae3d)

• (es/minifier) Preserve for-init sequence order (#​11837) (16a56d0)

• (es/parser) Parse empty Flow exact object type (#​11836) (3d18a26)

Features

• Move swc ast explorer into workspace (#​11831) (02a8f81)

axios/axios (axios)

v1.16.0

Compare Source

v1.16.0 — May 2, 2026

This release adds support for the QUERY HTTP method and a new ECONNREFUSED error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.

⚠️ Notable Changes

A handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:

• Fetch adapter now enforces maxBodyLength and maxContentLength. These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (#​10795)
• Proxy requests now preserve user-supplied Host headers. Previously, the proxy path could overwrite a custom Host. Virtual-host-style routing through a proxy will now behave correctly. (#​10822)
• Basic auth credentials embedded in URLs are now URL-decoded. If you have percent-encoded credentials in a URL (e.g. https://user:p%40ss@host), the decoded value is what now goes on the wire. (#​10825)
• parseProtocol now strictly requires a colon in the protocol separator. Strings that loosely parsed as protocols before may no longer match. (#​10729)
• Deprecated unescape() replaced with modern UTF-8 encoding. Non-ASCII URL handling is now spec-correct; consumers depending on legacy unescape() quirks may see different output bytes. (#​7378)
• transformRequest input typing change was reverted. The typing change introduced in #​10745 was reverted in #​10810 after follow-up review — net behavior is unchanged from 1.15.2. (#​10745, #​10810)

🚀 New Features

• QUERY HTTP Method: Added support for the QUERY HTTP method across adapters and type definitions. (#​10802)
• ECONNREFUSED Error Constant: Exposed ECONNREFUSED as a constant on AxiosError so callers can match connection-refused failures without comparing string literals (closes #​6485). (#​10680)
• Encode Helper Export: Exported the internal encode helper from buildURL so userland param serializers can reuse the same encoding logic that axios uses internally. (#​6897)

🐛 Bug Fixes

• HTTP Adapter — Redirects & Headers: Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing requestDetails argument on beforeRedirect, preserved user-supplied Host headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (#​10794, #​10800, #​6241, #​10822, #​10825)
• HTTP Adapter — Streams & Timeouts: Preserved the partial response object on AxiosError when a stream is aborted after headers arrive, honoured the timeout option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and maxRedirects: 0. (#​10708, #​10819, #​7149)
• Fetch Adapter: Enforced maxBodyLength / maxContentLength in the fetch adapter, set the User-Agent header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a TypeError in restricted environments. (#​10795, #​10772, #​10806, #​7260)
• XHR Adapter: Unsubscribed the cancelToken and AbortSignal listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (#​10787)
• Error Handling: Attached the parsed response to AxiosError when JSON.parse fails inside dispatchRequest, prevented settle from emitting undefined error codes, and tightened the parseProtocol regex to require a colon in the protocol separator. (#​10724, #​7276, #​10729)
• Types & Exports: Aligned the CommonJS CancelToken typings with the ESM build, fixed a compiler error caused by RawAxiosHeaders, and re-exported create from the package index. (#​7414, #​6389, #​6460)
• UTF-8 Encoding: Replaced the deprecated unescape() call with a modern UTF-8 encoding implementation. (#​7378)
• Misc Cleanup: Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (#​10833)

🔧 Maintenance & Chores

• Refactor — ES6 Modernisation: Modernised the utils module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (#​10588, #​7419)
• Tests: Hardened the HTTP test server lifecycle to fix flaky FormData EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (#​10820, #​10791, #​10796)
• Docs: Documented paramsSerializer.encode for strict RFC 3986 query encoding, updated the parseReviver TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (#​10821, #​10782, #​10759, #​10804)
• Reverted: Reverted the transformRequest input typing change from #​10745 after follow-up review. (#​10745, #​10810)
• Dependencies: Bumped actions/setup-node, the github-actions group, and postcss (in /docs) to their latest versions. (#​10785, #​10813, #​10814)
• Release: Updated changelog and packages, and prepared the 1.16.0 release. (#​10790, #​10834)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

• @​singhankit001 (#​10588)
• @​cuiweixie (#​7419)
• @​iruizsalinas (#​10787)
• @​MarcosNocetti (#​10680)
• @​deepview-autofix (#​10729)
• @​atharvasingh7007 (#​10745)
• @​OfekDanny (#​10772)
• @​mnahkies (#​7414)
• @​tboyila (#​10759)
• @​Kingo64 (#​6897)
• @​ramram1048 (#​6389)
• @​FLNacif (#​6460)
• @​zozo123 (#​10806)
• @​pierluigilenoci (#​10802)
• @​afurm (#​10708)
• @​karan-lrn (#​7378)
• @​ebeigarts (#​7149)
• @​Raymondo97 (#​10782)
• @​mixelburg (#​10821)
• @​ashishkr96 (#​10822)
• @​cyphercodes (#​10819)
• @​Jye10032 (#​7260)
• @​VeerShah41 (#​7276)

Full Changelog

panva/jose (jose)

v6.2.3

Compare Source

Refactor

• cleanly reject invalid PBES2 p2c (0cdb851)

---

Configuration

📅 Schedule: (in timezone America/New_York)

• Branch creation
  • "before 6:00am on Monday"
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.