Skip to content

chore(deps): bump the npm_and_yarn group across 1 directory with 7 updates#516

Open
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/npm_and_yarn/develop/npm_and_yarn-661656dd3f
Open

chore(deps): bump the npm_and_yarn group across 1 directory with 7 updates#516
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/npm_and_yarn/develop/npm_and_yarn-661656dd3f

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 8, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm_and_yarn group with 7 updates in the / directory:

Package From To
@aws-sdk/client-s3 3.1053.0 3.1063.0
@aws-sdk/lib-storage 3.1053.0 3.1063.0
axios 1.16.1 1.17.0
react 19.2.6 19.2.7
@types/react 19.2.15 19.2.17
react-dom 19.2.6 19.2.7
react-router-dom 7.15.1 7.17.0

Updates @aws-sdk/client-s3 from 3.1053.0 to 3.1063.0

Release notes

Sourced from @​aws-sdk/client-s3's releases.

v3.1063.0

3.1063.0(2026-06-05)

Chores
New Features
  • clients: update client endpoints as of 2026-06-05 (fe9a398f)
  • client-sagemaker: This release adds support for MLflow experiment tracking in SageMaker inference optimization. CreateAIRecommendationJob and CreateAIBenchmarkJob now accept an optional OutputConfig.MlflowConfig (MLflow App ARN, experiment, run name) to stream benchmark metrics and artifacts to your own MLflow App. (39430442)
  • client-emr-serverless: Adds support for updating max capacity and custom fields while application is started (6c9cce08)
  • client-dynamodb: Adding new BDD representation of endpoint ruleset (416005d4)
  • client-mediaconvert: Adds support for configurable number of Clear Lead segments at the beginning of encrypted output. Adds support for multiple trickplay variants. (40eb4c6b)
  • client-payment-cryptography: Adds CloudFormation support for resource-based policies on AWS Payment Cryptography keys. (c32019a8)
  • client-quicksight: Adds support for Knowledge Base APIs and Index Capacity API (8205152f)
Bug Fixes
  • core/httpAuthSchemes: fix concurrent skew correction (#8078) (83e48928)
Tests
  • middleware-endpoint-discovery: remove integration tests (#8077) (02363831)
  • clients: add client error deserialization tests (#8075) (0dfa4ad1)

For list of updated packages, view updated-packages.md in assets-3.1063.0.zip

v3.1062.0

3.1062.0(2026-06-04)

Chores
  • scripts: include generated packages when validating declared imports 1-1 with used imports (#8072) (291ad366)
Documentation Changes
  • client-guardduty: Remove unsupported RDS field for filter (5815da7f)
New Features
  • client-interconnect: Adding new BDD representation of endpoint ruleset (34e23ef2)
  • client-ec2-instance-connect: Adding new BDD representation of endpoint ruleset (c2a4981e)
  • client-mq: BDD bulk update change rollout (e058b8fd)
  • client-workspaces: Adding new BDD representation of endpoint ruleset (6b1e3602)
  • client-connectparticipant: Adding new BDD representation of endpoint ruleset (22db2a6a)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-s3's changelog.

3.1063.0 (2026-06-05)

Note: Version bump only for package @​aws-sdk/client-s3

3.1062.0 (2026-06-04)

Note: Version bump only for package @​aws-sdk/client-s3

3.1061.0 (2026-06-03)

Note: Version bump only for package @​aws-sdk/client-s3

3.1060.0 (2026-06-03)

Note: Version bump only for package @​aws-sdk/client-s3

3.1059.0 (2026-06-02)

Note: Version bump only for package @​aws-sdk/client-s3

3.1058.0 (2026-06-01)

Note: Version bump only for package @​aws-sdk/client-s3

3.1057.0 (2026-05-29)

... (truncated)

Commits
  • 85dabf4 Publish v3.1063.0
  • 9bd1a86 chore: update author URL in package.json (#8080)
  • f5235bb Publish v3.1062.0
  • 291ad36 chore(scripts): include generated packages when validating declared imports 1...
  • 71df2cc Publish v3.1061.0
  • 1216094 chore(middleware-sdk-s3): consolidate S3 internal packages (#8026)
  • 8aeb92d Publish v3.1060.0
  • 75bb4fc Publish v3.1059.0
  • 6b082a6 chore(codegen): sync for adaptive retry fix, EAI_AGAIN transient error (#8067)
  • d7602d4 Publish v3.1058.0
  • Additional commits viewable in compare view

Updates @aws-sdk/lib-storage from 3.1053.0 to 3.1063.0

Release notes

Sourced from @​aws-sdk/lib-storage's releases.

v3.1063.0

3.1063.0(2026-06-05)

Chores
New Features
  • clients: update client endpoints as of 2026-06-05 (fe9a398f)
  • client-sagemaker: This release adds support for MLflow experiment tracking in SageMaker inference optimization. CreateAIRecommendationJob and CreateAIBenchmarkJob now accept an optional OutputConfig.MlflowConfig (MLflow App ARN, experiment, run name) to stream benchmark metrics and artifacts to your own MLflow App. (39430442)
  • client-emr-serverless: Adds support for updating max capacity and custom fields while application is started (6c9cce08)
  • client-dynamodb: Adding new BDD representation of endpoint ruleset (416005d4)
  • client-mediaconvert: Adds support for configurable number of Clear Lead segments at the beginning of encrypted output. Adds support for multiple trickplay variants. (40eb4c6b)
  • client-payment-cryptography: Adds CloudFormation support for resource-based policies on AWS Payment Cryptography keys. (c32019a8)
  • client-quicksight: Adds support for Knowledge Base APIs and Index Capacity API (8205152f)
Bug Fixes
  • core/httpAuthSchemes: fix concurrent skew correction (#8078) (83e48928)
Tests
  • middleware-endpoint-discovery: remove integration tests (#8077) (02363831)
  • clients: add client error deserialization tests (#8075) (0dfa4ad1)

For list of updated packages, view updated-packages.md in assets-3.1063.0.zip

v3.1062.0

3.1062.0(2026-06-04)

Chores
  • scripts: include generated packages when validating declared imports 1-1 with used imports (#8072) (291ad366)
Documentation Changes
  • client-guardduty: Remove unsupported RDS field for filter (5815da7f)
New Features
  • client-interconnect: Adding new BDD representation of endpoint ruleset (34e23ef2)
  • client-ec2-instance-connect: Adding new BDD representation of endpoint ruleset (c2a4981e)
  • client-mq: BDD bulk update change rollout (e058b8fd)
  • client-workspaces: Adding new BDD representation of endpoint ruleset (6b1e3602)
  • client-connectparticipant: Adding new BDD representation of endpoint ruleset (22db2a6a)

... (truncated)

Changelog

Sourced from @​aws-sdk/lib-storage's changelog.

3.1063.0 (2026-06-05)

Note: Version bump only for package @​aws-sdk/lib-storage

3.1062.0 (2026-06-04)

Note: Version bump only for package @​aws-sdk/lib-storage

3.1061.0 (2026-06-03)

Note: Version bump only for package @​aws-sdk/lib-storage

3.1060.0 (2026-06-03)

Note: Version bump only for package @​aws-sdk/lib-storage

3.1059.0 (2026-06-02)

Note: Version bump only for package @​aws-sdk/lib-storage

3.1058.0 (2026-06-01)

Note: Version bump only for package @​aws-sdk/lib-storage

3.1057.0 (2026-05-29)

... (truncated)

Commits

Updates axios from 1.16.1 to 1.17.0

Release notes

Sourced from axios's releases.

v1.17.0 — June 1, 2026

This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.

🔒 Security Fixes

  • Config Hardening: Guarded socketPath, params, and paramsSerializer reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (#10901, #10922)
  • Release Publishing: Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (#10926)

🚀 New Features

  • HTTP Compression: Added Node HTTP adapter support for zstd response decompression, with transitional.advertiseZstdAcceptEncoding controlling whether zstd is advertised in Accept-Encoding. (#6792, #10920)

🐛 Bug Fixes

  • Authentication Handling: Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (#10929, #10896)
  • Proxy TLS: Preserved user httpsAgent TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (#10957)
  • React Native FormData: Cleared default Content-Type for React Native FormData so multipart boundaries can be generated correctly. (#10898)
  • Headers: Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (#10875)
  • Request Data Merging: Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (#10812)
  • Bundler Compatibility: Converted resolveConfig from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (#10891)
  • Types: Corrected AxiosHeaders.toJSON() return types and updated CommonJS isCancel typings to narrow to CanceledError<T>. (#10956, #10952)
  • Build Tooling: Avoided emitting a null Authorization header from the GitHub build helper when GITHUB_TOKEN is unset. (#10931)

🔧 Maintenance & Chores

  • HTTP/2 Internals: Extracted Http2Sessions into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (#10861)
  • Package Publishing: Reduced published package size by switching to a files allowlist and dropping unneeded unminified bundle source maps. (#10939)
  • CI and Release Automation: Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (#10907, #10911, #10916, #10927, #10935, #10983)
  • Developer Workflow: Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (#10925, #10914, #10958)
  • Documentation and Policy: Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (#10890, #10889, #10921, #10945, #10905, #10933, #10915, #10887, #10955)
  • Dependencies: Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, fs-extra, qs, docs dependencies, and GitHub Actions dependencies including actions/dependency-review-action and zizmorcore/zizmor-action. (#10871, #10879, #10918, #10919, #10934, #10947, #10954, #10960)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

Changelog

Sourced from axios's changelog.

v1.17.0 — June 1, 2026

This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.

🔒 Security Fixes

  • Config Hardening: Guarded socketPath, params, and paramsSerializer reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (#10901, #10922)
  • Release Publishing: Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (#10926)

🚀 New Features

  • HTTP Compression: Added Node HTTP adapter support for zstd response decompression, with transitional.advertiseZstdAcceptEncoding controlling whether zstd is advertised in Accept-Encoding. (#6792, #10920)

🐛 Bug Fixes

  • Authentication Handling: Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (#10929, #10896)
  • Proxy TLS: Preserved user httpsAgent TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (#10957)
  • React Native FormData: Cleared default Content-Type for React Native FormData so multipart boundaries can be generated correctly. (#10898)
  • Headers: Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (#10875)
  • Request Data Merging: Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (#10812)
  • Bundler Compatibility: Converted resolveConfig from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (#10891)
  • Types: Corrected AxiosHeaders.toJSON() return types and updated CommonJS isCancel typings to narrow to CanceledError<T>. (#10956, #10952)
  • Build Tooling: Avoided emitting a null Authorization header from the GitHub build helper when GITHUB_TOKEN is unset. (#10931)

🔧 Maintenance & Chores

  • HTTP/2 Internals: Extracted Http2Sessions into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (#10861)
  • Package Publishing: Reduced published package size by switching to a files allowlist and dropping unneeded unminified bundle source maps. (#10939)
  • CI and Release Automation: Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (#10907, #10911, #10916, #10927, #10935, #10983)
  • Developer Workflow: Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (#10925, #10914, #10958)
  • Documentation and Policy: Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (#10890, #10889, #10921, #10945, #10905, #10933, #10915, #10887, #10955)
  • Dependencies: Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, fs-extra, qs, docs dependencies, and GitHub Actions dependencies including actions/dependency-review-action and zizmorcore/zizmor-action. (#10871, #10879, #10918, #10919, #10934, #10947, #10954, #10960)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

Commits

Updates react from 19.2.6 to 19.2.7

Release notes

Sourced from react's releases.

19.2.7 (June 1st, 2026)

React Server Components

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react since your current version.


Updates @types/react from 19.2.15 to 19.2.17

Commits

Updates react-dom from 19.2.6 to 19.2.7

Release notes

Sourced from react-dom's releases.

19.2.7 (June 1st, 2026)

React Server Components

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-dom since your current version.


Updates react-router-dom from 7.15.1 to 7.17.0

Changelog

Sourced from react-router-dom's changelog.

v7.17.0

Patch Changes

v7.16.0

Patch Changes

  • Remove stale/invalid unpkg field from package.json. This was removed from other packages with the release of v7 but missed in the react-router-dom re-export package (#15075)
  • Updated dependencies:
Commits

Updates @types/react from 19.2.15 to 19.2.17

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the npm_and_yarn group across 1 directory with 7 up…
3b3edb9 
…dates

Bumps the npm_and_yarn group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.1053.0` | `3.1063.0` |
| [@aws-sdk/lib-storage](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/lib/lib-storage) | `3.1053.0` | `3.1063.0` |
| [axios](https://github.com/axios/axios) | `1.16.1` | `1.17.0` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.6` | `19.2.7` |
| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.15` | `19.2.17` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.6` | `19.2.7` |
| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `7.15.1` | `7.17.0` |



Updates `@aws-sdk/client-s3` from 3.1053.0 to 3.1063.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1063.0/clients/client-s3)

Updates `@aws-sdk/lib-storage` from 3.1053.0 to 3.1063.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/lib/lib-storage/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1063.0/lib/lib-storage)

Updates `axios` from 1.16.1 to 1.17.0
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.16.1...v1.17.0)

Updates `react` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react)

Updates `@types/react` from 19.2.15 to 19.2.17
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `react-dom` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom)

Updates `react-router-dom` from 7.15.1 to 7.17.0
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@7.17.0/packages/react-router-dom)

Updates `@types/react` from 19.2.15 to 19.2.17
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-s3"
  dependency-version: 3.1063.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm_and_yarn
- dependency-name: "@aws-sdk/lib-storage"
  dependency-version: 3.1063.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm_and_yarn
- dependency-name: react
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm_and_yarn
- dependency-name: "@types/react"
  dependency-version: 19.2.17
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm_and_yarn
- dependency-name: react-dom
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm_and_yarn
- dependency-name: react-router-dom
  dependency-version: 7.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm_and_yarn
- dependency-name: "@types/react"
  dependency-version: 19.2.17
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 8, 2026
@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jun 8, 2026
edited
Loading

Copy link
Copy Markdown

Deploying frameworks with  Cloudflare Pages  Cloudflare Pages

Latest commit: 3b3edb9
Status:🚫  Build failed.

View logs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants