Skip to content

Bump the server-minor-patch group in /server with 2 updates#166

Merged
SyniRon merged 1 commit into
mainfrom
dependabot/npm_and_yarn/server/server-minor-patch-9bb51db43e
Jul 7, 2026
Merged

Bump the server-minor-patch group in /server with 2 updates#166
SyniRon merged 1 commit into
mainfrom
dependabot/npm_and_yarn/server/server-minor-patch-9bb51db43e

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 3, 2026

Copy link
Copy Markdown
Contributor

Bumps the server-minor-patch group in /server with 2 updates: axios and node-cron.

Updates axios from 1.18.0 to 1.18.1

Release notes

Sourced from axios's releases.

v1.18.1 — June 21, 2026

This release focuses on Node HTTP adapter fixes, safer AxiosError serialisation, runtime/type correctness fixes, documentation updates, and dependency maintenance.

🐛 Bug Fixes

  • AxiosError Serialisation: Made AxiosError#cause non-enumerable to prevent circular JSON serialisation failures when errors include nested causes. (#10913)
  • Node HTTP Adapter: Guarded socket.setKeepAlive for proxy agent streams, accepted path-only URLs when socketPath is configured, deferred environment proxy handling to Node, and explicitly passed maxBodyLength through to follow-redirects. (#10917, #10930, #10942, #10993)
  • Runtime and Type Correctness: Fixed several runtime crashes, type definition mismatches, and incorrect error handling paths. (#10959, #11021)
  • AxiosURLSearchParams: Switched the encoder callback to an arrow function so encoder.call(this) receives the AxiosURLSearchParams instance correctly. (#11019)

🔧 Maintenance & Chores

  • Documentation: Documented sensitive headers and status transition behaviour, prepared cleaned-up docs, added Deno install instructions, and clarified that request data is request-specific (#11007, #11010, #11023, #11025)

  • Dependencies: Bumped vite, rollup, form-data, js-yaml, and multer across the root project, docs, smoke tests, and module test workspaces. (#11011, #11012, #11013, #11014, #11015, #11016, #11017, #11026)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

Changelog

Sourced from axios's changelog.

Changelog

Commits
  • a209bfb chore(release): prepare release 1.18.1 (#11027)
  • fa6a55e chore(deps-dev): bump multer from 2.1.1 to 2.2.0 (#11026)
  • 40e7be8 docs: clarifies that request data is request-specific in axios (#11025)
  • a446b39 fix(AxiosURLSearchParams): use arrow function so encoder.call(this) receives ...
  • cf1306a docs: add Deno to install instructions (#11023)
  • b32880a fix: incorrect use of error (#11021)
  • 1792eda fix: ensure maxBodyLength is explicitly passed to follow-redirects (#10993)
  • 30499d6 fix: various runtime crashes and type definition mismatches (#10959)
  • 20ce9c4 fix(http): defer env proxy handling to Node (#10942)
  • e64bcf9 chore(deps): merge branch 'v1.x' into tests/module/cjs (#11014)
  • Additional commits viewable in compare view

Updates node-cron from 4.4.1 to 4.5.0

Release notes

Sourced from node-cron's releases.

v4.5.0

Added

  • lastRun() introspection getter on ScheduledTask: returns { date, result } after a successful execution, { date, error } after a failed one, or null before the first run.
  • Extended day-of-week tokens: <weekday>#<nth> (nth weekday of the month, e.g. 1#1 for the first Monday) and <weekday>L (last weekday of the month, e.g. 5L for the last Friday).

Performance

  • Cache Intl.DateTimeFormat instances per timezone instead of rebuilding on every call.
  • Parse the cron expression once per TimeMatcher instead of re-parsing in MatcherWalker.
  • Compute the GMT offset lazily (only when formatting ISO strings, not during the next-run search).
  • Replace crypto.randomBytes with crypto.randomUUID for internal ID generation.
  • Skip setTimeout jitter wrapper when maxRandomDelay is zero.
  • Bundle dist into flat files instead of preserving the module tree (reduces import time).

Fixed

  • Flaky should schedule a task test: poll for the first execution instead of asserting an exact count after a fixed sleep.

Changed

  • Renamed internal functions interprete to interpret and appendSeccondExpression to appendSecondExpression.
  • Rewritten README and package metadata to surface scheduling capabilities (overlap prevention, distributed coordination, background tasks).
Changelog

Sourced from node-cron's changelog.

[4.5.0] - 2026-06-21

Added

  • lastRun() introspection getter on ScheduledTask: returns { date, result } after a successful execution, { date, error } after a failed one, or null before the first run. (#557)
  • Extended day-of-week tokens: <weekday>#<nth> (nth weekday of the month, e.g. 1#1 for the first Monday) and <weekday>L (last weekday of the month, e.g. 5L for the last Friday). (#560)

Performance

  • Cache Intl.DateTimeFormat instances per timezone instead of rebuilding on every call. (#561)
  • Parse the cron expression once per TimeMatcher instead of re-parsing in MatcherWalker. (#562)
  • Compute the GMT offset lazily (only when formatting ISO strings, not during the next-run search). (#563)
  • Replace crypto.randomBytes with crypto.randomUUID for internal ID generation. (#564)
  • Skip setTimeout jitter wrapper when maxRandomDelay is zero. (#565)
  • Bundle dist into flat files instead of preserving the module tree (reduces import time). (#566)

Fixed

  • Flaky should schedule a task test: poll for the first execution instead of asserting an exact count after a fixed sleep.

Changed

  • Renamed internal functions interprete to interpret and appendSeccondExpression to appendSecondExpression. (#567)
  • Rewritten README and package metadata to surface scheduling capabilities (overlap prevention, distributed coordination, background tasks). (#568)
Commits
  • cd9a5a7 chore(release): 4.5.0 (#569)
  • fbdd883 Rewrite README to surface scheduling capabilities (#568)
  • c80a396 perf(build): bundle dist into flat files instead of preserving modules (#566)
  • b71b9b1 Fix typos in internal function names (#567)
  • 7c5015c perf(id): drop crypto.randomBytes from internal id generation (#564)
  • dd0a2a9 perf(pattern): parse cron expression once per TimeMatcher (#562)
  • cf69f32 perf(time): cache Intl.DateTimeFormat instances per timezone (#561)
  • dad56e1 perf(runner): run inline when no random delay is configured (#565)
  • a309d5f perf(time): compute the GMT offset lazily (#563)
  • c2db9d1 feat: support extended day-of-week tokens (# nth weekday and L last weekday) ...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the server-minor-patch group in /server with 2 updates: [axios](https://github.com/axios/axios) and [node-cron](https://github.com/node-cron/node-cron).


Updates `axios` from 1.18.0 to 1.18.1
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.18.0...v1.18.1)

Updates `node-cron` from 4.4.1 to 4.5.0
- [Release notes](https://github.com/node-cron/node-cron/releases)
- [Changelog](https://github.com/node-cron/node-cron/blob/main/CHANGELOG.md)
- [Commits](node-cron/node-cron@v4.4.1...v4.5.0)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.18.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: server-minor-patch
- dependency-name: node-cron
  dependency-version: 4.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: server-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file npm npm dependency updates server Affects the server workspace labels Jul 3, 2026
@SyniRon SyniRon merged commit 0888aa0 into main Jul 7, 2026
1 check passed
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/server/server-minor-patch-9bb51db43e branch July 7, 2026 00:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file npm npm dependency updates server Affects the server workspace

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant