chore(deps): bump the npm-non-major group across 2 directories with 28 updates

[dependabot]

Bumps the npm-non-major group with 24 updates in the / directory:

Package	From	To
@aws-sdk/credential-providers	3.992.0	3.1072.0
@fontsource/roboto	5.2.9	5.2.10
@primer/octicons-react	19.21.2	19.28.1
axios	1.16.1	1.18.0
express-rate-limit	8.5.1	8.5.2
isomorphic-git	1.36.3	1.38.5
openid-client	6.8.1	6.8.4
parse-diff	0.11.1	0.12.0
validator	13.15.26	13.15.35
@babel/core	7.29.0	7.29.7
@babel/preset-react	7.28.5	7.29.7
@eslint/compat	2.0.2	2.1.0
@types/express-session	1.18.2	1.19.0
@types/lodash	4.17.23	4.17.24
cypress	15.9.0	15.17.0
fast-check	4.5.3	4.8.0
lint-staged	17.0.5	17.0.7
prettier	3.8.1	3.8.4
tsx	4.21.0	4.22.4
typescript-eslint	8.56.0	8.61.1
@esbuild/darwin-arm64	0.27.2	0.28.1
@esbuild/darwin-x64	0.27.2	0.28.1
@esbuild/linux-x64	0.27.2	0.28.1
@esbuild/win32-x64	0.27.2	0.28.1

Bumps the npm-non-major group with 5 updates in the /website directory:

Package	From	To
axios	1.15.2	1.18.0
react	19.2.5	19.2.7
react-dom	19.2.5	19.2.7
eslint	10.3.0	10.5.0
@mermaid-js/layout-elk	0.1.9	0.2.1

Updates @aws-sdk/credential-providers from 3.992.0 to 3.1072.0

Release notes

Sourced from @​aws-sdk/credential-providers's releases.

v3.1072.0

3.1072.0(2026-06-18)

Documentation Changes

• client-ec2: Documentation updates clarifying CancelCapacityReservation cancellable states (e3723ba7)

New Features

• client-compute-optimizer: This release surfaces two new metrics Volume IOPS Exceeded and Volume Throughput Exceeded into EBS volume rightsizing recommendations. (ded6618d)
• client-application-auto-scaling: Adds support for ECS high-resolution predefined scaling metrics (ECSServiceAverageCPUUtilizationHighResolution, ECSServiceAverageMemoryUtilizationHighResolution) enabling 20-second metric periods for faster scaling (95b3513a)
• client-cognito-identity-provider: In order to support the new TLS Self-Service feature, this change adds SecurityPolicyType to CustomDomainConfigType. During CreateUserPoolDomain and UpdateUserPoolDomain this is used to select a custom domain's TLS enforcement, and for DescribeUserPoolDomain it informs users about the current TLS. (e8937787)
• client-sagemaker: Adds support for automatic AMI patching on HyperPod clusters. Customers can configure patching strategies to automatically apply security patch with zero job termination. Customers can also specify an AMI version at instance group level and update cluster software to a certain AMI version. (fd33a5e4)
• client-ecs: Amazon ECS services now support high resolution (20 second) CloudWatch metrics for CPUUtilization and MemoryUtilization. Use these metrics for faster service auto scaling. (93055ac9)
• client-healthlake: Adding New Configurations to the FHIR Create Datastore. The new configurations include NLP Configuration, AnalyticsConfiguration, ProfileConfiguration (494fa59f)
• client-gamelift: Amazon GameLift Servers has launched support for customizing Linux capabilities in container fleets. You can now specify additional Linux capabilities for containers in a container group definition, giving you finer control over the default Docker capabilities available to your containers. (93cefd90)
• client-eks: Adds support for configurable control plane egress routing in Amazon EKS, allowing you to route control plane egress traffic through your VPC and control how the control plane reaches resources in your network such as webhook servers and OIDC providers. (693db629)
• client-lambda: Converging and fixing existing documentation gaps in Lambda SDK (6555a565)
• client-synthetics: CloudWatch Synthetics adds support for multi-location canaries. Customers can now monitor their endpoints from multiple locations with centralized management from a primary location. The SDK includes new parameters for configuring multiple locations and tracking their state. (f2c8b480)
• client-cloudwatch-logs: Added optional startFromHead parameter to FilterLogEvents enabling descending timestamp order (newest first) when set to false. Default true preserves existing ascending order. Reverse sorting requires a startTime on or after Jan 1, 2024. (1be63ed9)
• client-batch: Adds Support for ordered allocation strategies- BEST-FIT-PROGRESSIVE-ORDERED or SPOT-CAPACITY-OPTIMIZED-PRIORITIZED (0e57e53b)

---

For list of updated packages, view updated-packages.md in assets-3.1072.0.zip

v3.1071.0

3.1071.0(2026-06-17)

New Features

• client-partnercentral-selling: Cosell Resonate AND Prospecing API Launch with ARN correction (7e8c98ab)
• client-compute-optimizer-automation: This launch adds IfExists comparison operators to Compute Optimizer Automation rule criteria, so a rule can include recommended actions whose specified attribute isn't present. (ab2c616d)
• client-bedrock-agent: Launching Bedrock Managed Knowledge Bases. Added support for resource-based policies on Knowledge Base resources, enabling cross-account access for Managed Knowledge Bases. (de0affe4)
• client-securityagent: Updated AWS Security Agent SDK model with new APIs for threat modeling, code review, security requirements, and additional integration providers. (9c3d3351)
• client-opensearch: Adds support for configuring IAM Identity Center options on existing OpenSearch applications via the UpdateApplication API. (94f06a20)
• client-glue: This release adds support for Search and Discovery in AWS Glue, letting you and your applications search Data Catalog assets such as table and enrich them with business context and glossary terms. (b394fc0b)
• client-bedrock-agentcore-control: AgentCore Gateway now supports inference targets to LLM providers (direct config or built-in connectors), HTTP passthrough targets with session stickiness, runtime target API schemas, AWS WAF web ACL association with configurable fail-open or fail-close modes, and interceptor payload filtering. (75f1d588)
• client-devops-agent: Adds support for Remote A2A (Agent-to-Agent) agent registration and management. Adds new Release Readiness Review and Release Testing capabilities. Adds support for Git managed skills in AWS DevOps Agent. (ebc040e1)
• client-bedrock-agentcore: AgentCore Harness service will be Generally Available at NYS 2026 with this Treb release. Harness will support invoking specific endpoints via the qualifier parameter, AWS Skills for pre-built agent capabilities, and improved validation for skill git source URLs. (5bf9fccc)
• client-ecs: Releasing the ability to bring-your-own task-definition for CreateExpressGatewayService and UpdateGatewayExpressService (b7b9cb4f)
• client-mq: This release adds private networking support for Amazon MQ for RabbitMQ. You can now associate AWS RAM resource shares with your broker and retrieve shared resource details using the new DescribeSharedResources API. (e96af450)
• client-bedrock-agent-runtime: Adds new AgenticRetrieveStream API for managed knowledge bases to use conversation history and autonomously plan for multi-hop multi-KB reasoning with built-in evaluation and access-control. Updates Retrieve API for access-control-based filtering for managed knowledge bases. (557f7b32)

Tests

• core:
  • prebuild before integration and e2e (#8111) (363f3fb7)
  • prebuild core before unit tests (#8108) (5f789e7f)

... (truncated)

Changelog

Sourced from @​aws-sdk/credential-providers's changelog.

3.1072.0 (2026-06-18)

Note: Version bump only for package @​aws-sdk/credential-providers

3.1071.0 (2026-06-17)

Note: Version bump only for package @​aws-sdk/credential-providers

3.1070.0 (2026-06-16)

Note: Version bump only for package @​aws-sdk/credential-providers

3.1069.0 (2026-06-15)

Note: Version bump only for package @​aws-sdk/credential-providers

3.1068.0 (2026-06-12)

Note: Version bump only for package @​aws-sdk/credential-providers

3.1067.0 (2026-06-11)

Note: Version bump only for package @​aws-sdk/credential-providers

3.1066.0 (2026-06-10)

... (truncated)

Commits

• 501cd33 Publish v3.1072.0
• 3ce820a Publish v3.1071.0
• 4f2cfe1 Publish v3.1070.0
• 7058d13 Publish v3.1069.0
• 67981c5 chore(scripts): tuning the build graph (#8095)
• 0632f6d Publish v3.1068.0
• 0a3246f Publish v3.1067.0
• 4b11912 Publish v3.1066.0
• 62daf07 Publish v3.1065.0
• bac7175 Publish v3.1064.0
• Additional commits viewable in compare view

Updates @fontsource/roboto from 5.2.9 to 5.2.10

Commits

• See full diff in compare view

Updates @primer/octicons-react from 19.21.2 to 19.28.1

Release notes

Sourced from @​primer/octicons-react's releases.

v19.28.1

Patch Changes

• #1215 378d7af0 Thanks @​ktravers! - Remove fill from StackRemove and StackCheck icons

• #1221 9d7b366a Thanks @​CameronFoxly! - Add stack-add-16.svg

v19.28.0

Minor Changes

• #1208 eddab3ff Thanks @​dylanatsmith! - Fix vscode icon: update 16px, add 24px, remove 32px and 48px

v19.27.0

Minor Changes

• #1203 a69618e4 Thanks @​ericwbailey! - Add flag icon

Patch Changes

• #1212 02bd1ef8 Thanks @​ericwbailey! - remove hardcoded fill from flag icon

v19.26.0

Minor Changes

• #1197 b45f1d35 Thanks @​lukasoppermann! - Add repo-forked-locked icon

Patch Changes

• #1209 9a7e2146 Thanks @​siddharthkp! - fix: remove hardcoded fill from sandbox icon

v19.25.0

Minor Changes

• #1193 b6efea4a Thanks @​kylewaynebenson! - Added StackRemove & StackCheck icons

• #1194 7d7ca421 Thanks @​kylewaynebenson! - Added Sandbox icon

v19.24.1

Patch Changes

• #1190 38dfb0d4 Thanks @​francinelucca! - Allow data-component attribute to be overridden by consumers

v19.24.0

Minor Changes

• #1185 25e257ff Thanks @​francinelucca! - Add data-component="Octicon" attribute to all SVG elements for easier identification and styling

v19.23.1

... (truncated)

Changelog

Sourced from @​primer/octicons-react's changelog.

19.28.1

Patch Changes

• #1215 378d7af0 Thanks @​ktravers! - Remove fill from StackRemove and StackCheck icons

• #1221 9d7b366a Thanks @​CameronFoxly! - Add stack-add-16.svg

19.28.0

Minor Changes

• #1208 eddab3ff Thanks @​dylanatsmith! - Fix vscode icon: update 16px, add 24px, remove 32px and 48px

19.27.0

Minor Changes

• #1203 a69618e4 Thanks @​ericwbailey! - Add flag icon

Patch Changes

• #1212 02bd1ef8 Thanks @​ericwbailey! - remove hardcoded fill from flag icon

19.26.0

Minor Changes

• #1197 b45f1d35 Thanks @​lukasoppermann! - Add repo-forked-locked icon

Patch Changes

• #1209 9a7e2146 Thanks @​siddharthkp! - fix: remove hardcoded fill from sandbox icon

19.25.0

Minor Changes

• #1193 b6efea4a Thanks @​kylewaynebenson! - Added StackRemove & StackCheck icons

• #1194 7d7ca421 Thanks @​kylewaynebenson! - Added Sandbox icon

19.24.1

Patch Changes

• #1190 38dfb0d4 Thanks @​francinelucca! - Allow data-component attribute to be overridden by consumers

19.24.0

... (truncated)

Commits

• 6d9dcd9 Version Packages (#1216)
• 9d7b366 Save stack-add-16.svg (#1221)
• 4e8731c Fix optimize pathspec to match icons in root directory (#1220)
• c6a8229 Scope SVG optimize workflow to only changed icons (#1218)
• 378d7af Remove hard-coded fill from StackRemove and StackCheck icons (#1215)
• f17b0be Bump @​tootallnate/once from 2.0.0 to 2.0.1 in /lib/octicons_react (#1213)
• fef9ded Version Packages (#1214)
• eddab3f Fix VSCode icon and remove unnecessary size variants (#1208)
• 067ee62 Bump lodash from 4.17.23 to 4.18.1 in /lib/octicons_react (#1201)
• 7ee4aaf Version Packages (#1210)
• Additional commits viewable in compare view

Updates axios from 1.16.1 to 1.18.0

Release notes

Sourced from axios's releases.

v1.18.0 — June 13, 2026

This release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.

🔒 Security Fixes

• Redirect Header Safety: Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (#10892)

• URL And Request Hardening: Rejects malformed http: and https: URLs that omit // with ERR_INVALID_URL, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local NO_PROXY matching. (#11000)

🐛 Bug Fixes

• Status Validation: Added transitional.validateStatusUndefinedResolves so applications can opt in to treating validateStatus: undefined like the option was omitted, while validateStatus: null remains the explicit way to accept every status. (#10899)

🔧 Maintenance & Chores

• Documentation: Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the proxy request config as Node.js-only in the advanced docs. (#10984, #10988, #10992, #10995)

• Dependencies: Bumped @babel/core, @babel/preset-env, @commitlint/cli, @commitlint/config-conventional, @rollup/plugin-babel, @rollup/plugin-commonjs, @vitest/browser, @vitest/browser-playwright, eslint, lint-staged, rollup, vitest, and actions/checkout. (#10989, #10996, #10997)

• Release Metadata: Prepared the 1.18.0 release by updating package metadata and the runtime VERSION value. (#11003)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

• @​drori12 (#10984)
• @​eyupcanakman (#10899)
• @​Adi-Beker (#10995)

Full Changelog

v1.17.0 — June 1, 2026

This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.

🔒 Security Fixes

• Config Hardening: Guarded socketPath, params, and paramsSerializer reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (#10901, #10922)
• Release Publishing: Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (#10926)

🚀 New Features

• HTTP Compression: Added Node HTTP adapter support for zstd response decompression, with transitional.advertiseZstdAcceptEncoding controlling whether zstd is advertised in Accept-Encoding. (#6792, #10920)

🐛 Bug Fixes

• Authentication Handling: Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (#10929, #10896)
• Proxy TLS: Preserved user httpsAgent TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (#10957)
• React Native FormData: Cleared default Content-Type for React Native FormData so multipart boundaries can be generated correctly. (#10898)

... (truncated)

Changelog

Sourced from axios's changelog.

v1.18.0 — June 13, 2026

This release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.

🔒 Security Fixes

• Redirect Header Safety: Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (#10892)

• URL And Request Hardening: Rejects malformed http: and https: URLs that omit // with ERR_INVALID_URL, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local NO_PROXY matching. (#11000)

🐛 Bug Fixes

• Status Validation: Added transitional.validateStatusUndefinedResolves so applications can opt in to treating validateStatus: undefined like the option was omitted, while validateStatus: null remains the explicit way to accept every status. (#10899)

🔧 Maintenance & Chores

• Documentation: Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the proxy request config as Node.js-only in the advanced docs. (#10984, #10988, #10992, #10995)

• Dependencies: Bumped @babel/core, @babel/preset-env, @commitlint/cli, @commitlint/config-conventional, @rollup/plugin-babel, @rollup/plugin-commonjs, @vitest/browser, @vitest/browser-playwright, eslint, lint-staged, rollup, vitest, and actions/checkout. (#10989, #10996, #10997)

• Release Metadata: Prepared the 1.18.0 release by updating package metadata and the runtime VERSION value. (#11003)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

• @​drori12 (#10984)
• @​eyupcanakman (#10899)
• @​Adi-Beker (#10995)

Full Changelog

v1.17.0 — June 1, 2026

This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.

🔒 Security Fixes

• Config Hardening: Guarded socketPath, params, and paramsSerializer reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (#10901, #10922)
• Release Publishing: Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (#10926)

🚀 New Features

• HTTP Compression: Added Node HTTP adapter support for zstd response decompression, with transitional.advertiseZstdAcceptEncoding controlling whether zstd is advertised in Accept-Encoding. (#6792, #10920)

🐛 Bug Fixes

• Authentication Handling: Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (#10929, #10896)
• Proxy TLS: Preserved user httpsAgent TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (#10957)
• React Native FormData: Cleared default Content-Type for React Native FormData so multipart boundaries can be generated correctly. (#10898)

... (truncated)

Commits

• 2d06f96 chore(release): prepare release 1.18.0 (#11003)
• 32fc489 fix: malformed http urls (#11000)
• b40ce49 chore(deps-dev): bump the development_dependencies group with 10 updates (#10...
• fe964f9 docs: mark proxy config as Node.js only (#10995)
• 5f229d2 chore(deps): bump actions/checkout from 6.0.2 to 6.0.3 in the github-actions ...
• fae9d4e docs: clarify package update PR policy (#10992)
• 28ab2ce chore(deps-dev): bump the development_dependencies group with 2 updates (#10989)
• a8e4f13 fix(core): keep default validateStatus when request passes undefined (#10899)
• 614f455 docs: publish v1.17.0 release notes (#10988)
• 6bb12c1 fix: custom auth headers not stripped on cross-origin redirects (#10892)
• Additional commits viewable in compare view

Updates express-rate-limit from 8.5.1 to 8.5.2

Release notes

Sourced from express-rate-limit's releases.

v8.5.2

You can view the changelog here.

Commits

• 9774693 8.5.2
• 0e94cc0 v8.5.2 changelog
• 9a583c5 feat: simplify IPv6 key generation (#633)
• 4f4b3fb chore(deps-dev): bump lint-staged from 16.4.0 to 17.0.4 (#632)
• 3c1d6c5 chore(deps-dev): bump the development-dependencies group with 7 updates (#631)
• 18884b6 chore(deps): bump basic-ftp from 5.2.0 to 5.3.1 (#630)
• dacc980 chore(deps): bump handlebars from 4.7.8 to 4.7.9 (#629)
• 486d0c6 chore(deps): bump follow-redirects from 1.15.11 to 1.16.0 (#627)
• See full diff in compare view

Updates isomorphic-git from 1.36.3 to 1.38.5

Release notes

Sourced from isomorphic-git's releases.

v1.38.5

1.38.5 (2026-06-16)

Bug Fixes

• Support windows file paths in utils/join.js (#2302) (1395431)

v1.38.4

1.38.4 (2026-06-02)

Bug Fixes

• pass credential config username to auth callbacks (#2346) (d9920c5)

v1.38.3

1.38.3 (2026-05-26)

Bug Fixes

• Improve internal error reporting guidance (#2345) (955acf3)

v1.38.2

1.38.2 (2026-05-25)

Bug Fixes

• add bot authoring to release commit (#2329) (328b1ba)
• add Clever Cloud logo to Acknowledgments in README (#2334) (89f441d)

v1.38.1

1.38.1 (2026-05-18)

Bug Fixes

• add cloudflare logo (#2316) (a71a835)

v1.38.0

1.38.0 (2026-05-15)

Bug Fixes

• Fix images in README (#2315) (007951f)

... (truncated)

Commits

• 1395431 fix: Support windows file paths in utils/join.js (#2302)
• 4912ef3 Github Actions: windows-latest (#2305)
• 0afda82 disable dependabot (#2360)
• d9920c5 fix: pass credential config username to auth callbacks (#2346)
• 955acf3 fix: Improve internal error reporting guidance (#2345)
• 89f441d fix: add Clever Cloud logo to Acknowledgments in README (#2334)
• 328b1ba fix: add bot authoring to release commit (#2329)
• a71a835 fix: add cloudflare logo (#2316)
• a7420b7 feat: add refresh option to status and statusMatrix (#2313)
• 007951f fix: Fix images in README (#2315)
• Additional commits viewable in compare view

Updates openid-client from 6.8.1 to 6.8.4

Release notes

Sourced from openid-client's releases.

v6.8.4

Fixes

• apply optional non-repudiation on generic grant ID Tokens (6202888)
• filter jwe decryption keys by algorithm (34e2ffd)
• preserve poll abort signals on requests (96a2d17)
• retry dpop nonce errors for generic grants (498c4d9)

v6.8.3

Documentation

• note a workaround for redirect_uri with query string or bare origin (e9689de), closes #868

Fixes

• passport: delete one-time state on callback (1e7dd2e)

v6.8.2

Fixes

• use duplex: half for fetchProtectedResource with ReadableStream body input (f6f84e2)

Changelog

Sourced from openid-client's changelog.

6.8.4 (2026-04-27)

Fixes

• apply optional non-repudiation on generic grant ID Tokens (6202888)
• filter jwe decryption keys by algorithm (34e2ffd)
• preserve poll abort signals on requests (96a2d17)
• retry dpop nonce errors for generic grants (498c4d9)

6.8.3 (2026-04-13)

Documentation

• note a workaround for redirect_uri with query string or bare origin (e9689de), closes #868

Fixes

• passport: delete one-time state on callback (1e7dd2e)

6.8.2 (2026-02-07)

Fixes

• use duplex: half for fetchProtectedResource with ReadableStream body input (f6f84e2)

Commits

• c645695 chore(release): 6.8.4
• ee60464 chore: update CHANGELOG.md header
• 96a2d17 fix: preserve poll abort signals on requests
• 34e2ffd fix: filter jwe decryption keys by algorithm
• 6202888 fix: apply optional non-repudiation on generic grant ID Tokens
• 498c4d9 fix: retry dpop nonce errors for generic grants
• 35042cf chore: cleanup after release
• 66e4082 chore(release): 6.8.3
• fa292f2 test: fix typings build issues
• 0600c91 test: deflake pollBackchannelAuthenticationGrant
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for openid-client since your current version.

Updates parse-diff from 0.11.1 to 0.12.0

Commits

• f0828af Release 0.12.0
• 5a66fd9 chore: build with esbuild
• a3b0c75 feat: use esbuild
• 07dbcd6 chore: biome auto fixes
• 4e60b97 feat(devx): try biome
• 8231f95 chore: up eslint v10
• c032d55 chore: up deps
• e563b14 chore: use node v24
• 251d359 Merge pull request #51 from andyfeller/af/handle-empty-lines
• a3180a5 fix: handle empty context lines in unified diffs
• Additional commits viewable in compare view

Updates validator from 13.15.26 to 13.15.35

Release notes

Sourced from validator's releases.

13.15.35

Fixes, New Locales and Enhancements

• #2663 isISO31661Alpha2/isISO31661Alpha3: add support for Kosovo (XK / XXK) @​johanpoirier-d4
• #2661 isHexColor: ignore non-object options @​yuna0831
• isTaxID
  • #2644 improve pt-BR locale by adding support for alphanumeric CNPJ format @​easedu
  • #2675 improve pt-BR locale by adding support for formatted CPF values @​easedu
• #2643 isPassportNumber: improve MX locale @​jesroffrouk
• #2676 isMobilePhone: add fr-DJ locale @​Kartikeya-guthub
• #2682 isPostalCode: add MC locale @​moogblob
• #2690 isJSON: allow any valid JSON value to pass @​relu91
• #2693 isSlug: restrict allowed characters to valid slug charset @​Shrawak
• Doc fixes and others:
  • #2658 @​Manaskarthik28
  • #2592 @​noritaka1166
  • #2591 @​noritaka1166

New Contributors

• @​Manaskarthik28 made their first contribution in validatorjs/validator.js#2658
• @​johanpoirier-d4 made their first contribution in validatorjs/validator.js#2663
• @​yuna0831 made their first contribution in validatorjs/validator.js#2661
• @​easedu made their first contribution in validatorjs/validator.js#2644
• @​jesroffrouk made their first contribution in validatorjs/validator.js#2643
• @​Kartikeya-guthub made their first contribution in validatorjs/validator.js#2676
• @​moogblob made their first contribution in validatorjs/validator.js#2682
• @​noritaka1166 made their first contribution in validatorjs/validator.js#2592
• @​relu91 made their first contribution in validatorjs/validator.js#2690
• @​Shrawak made their first contribution in validatorjs/validator.js#2693

Full Changelog: validatorjs/validator.js@13.15.26...13.15.35

Changelog

Sourced from validator's cha...

Description has been truncated

[netlify]

✅ Deploy Preview for endearing-brigadeiros-63f9d0 ready!

Name	Link
🔨 Latest commit	4770b2a
🔍 Latest deploy log	https://app.netlify.com/projects/endearing-brigadeiros-63f9d0/deploys/6a38c601d3bfe30008cc19c2
😎 Deploy Preview	https://deploy-preview-1617.git-proxy.preview.finos.org
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ❌ 1 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.
• ⚠️ 1 packages with OpenSSF Scorecard issues.

View full job summary

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.