Bump the production-dependencies group across 1 directory with 8 updates by dependabot[bot] · Pull Request #31 · b310-digital/groupwriter

dependabot · 2025-12-22T14:14:55Z

Bumps the production-dependencies group with 7 updates in the /backend directory:

Package	From	To
@aws-sdk/client-s3	`3.896.0`	`3.956.0`
@hocuspocus/extension-database	`3.2.3`	`3.4.3`
@hocuspocus/extension-logger	`3.2.3`	`3.4.3`
@types/formidable	`3.4.5`	`3.4.6`
cookie	`1.0.2`	`1.1.1`
cron	`4.3.3`	`4.4.0`
jsonwebtoken	`9.0.2`	`9.0.3`

Updates @aws-sdk/client-s3 from 3.896.0 to 3.956.0

Release notes

Sourced from @aws-sdk/client-s3's releases.

v3.956.0

3.956.0(2025-12-19)

Chores

crc64-nvme: add pure JS CRC64NVME implementation (#7592) (03019927)

codegen:

differentiate union and struct schema (#7594) (a3f02028)

update for $unknown union member handling (#7591) (2c738294)

upgrade smithy to 1.65.0 (#7588) (8e9ad476)

Documentation Changes

supplemental-docs: typo fixes (#7590) (0f23c869)

New Features

clients: update client endpoints as of 2025-12-19 (e0360a8f)

client-wickr: AWS Wickr now provides a suite of admin APIs to allow you to programmatically manage secure communication for Wickr networks at scale. These APIs enable you to automate administrative workflows including user lifecycle management, network configuration, and security group administration. (d105e0ef)

client-arc-region-switch: Automatic Plan Execution Reports allow customers to maintain a concise record of their Region switch Plan executions. This enables customer SREs and leadership to have a clear view of their recovery posture based on the generated reports for their Plan executions. (33dbf8d8)

client-workspaces-web: Add support for WebAuthn under user settings. (a42b84c4)

client-iot: This release adds event-based logging feature that enables granular event logging controls for AWS IoT logs. (bbbf580b)

client-qbusiness: It is a internal bug fix for region expansion (42a80dd7)

client-connect: Adding support for Custom Metrics and Pre-Defined Attributes to GetCurrentMetricData API. (43dab925)

client-emr-serverless: Added JobLevelCostAllocationConfiguration field to enable cost allocation reporting at the job level, providing more granular visibility into EMR Serverless charges (e95db238)

Bug Fixes

ec2-metadata-service: add configurable options for ttl and port precedence (#7584) (184cf70c)

core/protocols: $unknown union member support (#7593) (596fc405)

For list of updated packages, view updated-packages.md in assets-3.956.0.zip

v3.955.0

3.955.0(2025-12-18)

Chores

codegen: downgrade spotless to 7.2.1 (#7587) (ef66a21f)

clients: export star from models_N (#7586) (e9b7f20a)

New Features

clients: update client endpoints as of 2025-12-18 (11335218)

client-ec2: This release adds AvailabilityZoneId support for CreateFleet, ModifyFleet, DescribeFleets, RequestSpotFleet, ModifySpotFleetRequests and DescribeSpotFleetRequests APIs. (4d1a66b9)

client-ecs: Adding support for Event Windows via a new ECS account setting "fargateEventWindows". When enabled, ECS Fargate will use the configured event window for patching tasks. Introducing "CapacityOptionType" for CreateCapacityProvider API, allowing support for Spot capacity for ECS Managed Instances. (751c797f)

client-arc-region-switch: New API to list Route 53 health checks created by ARC region switch for a plan in a specific AWS Region using the Region switch Regional data plane. (406035c4)

... (truncated)

Changelog

Sourced from @aws-sdk/client-s3's changelog.

3.956.0 (2025-12-19)

Note: Version bump only for package @aws-sdk/client-s3

3.955.0 (2025-12-18)

Note: Version bump only for package @aws-sdk/client-s3

3.954.0 (2025-12-17)

Note: Version bump only for package @aws-sdk/client-s3

3.953.0 (2025-12-16)

Features

clients: allow protocol selection by class constructor (#7568) (5c5fd2e)

3.952.0 (2025-12-15)

Features

client-s3: This release adds support for the new optional field 'LifecycleExpirationDate' in S3 Inventory configurations. (55955e0)

3.948.0 (2025-12-09)

Note: Version bump only for package @aws-sdk/client-s3

... (truncated)

Commits

7804018 Publish v3.956.0
a3f0202 chore(codegen): differentiate union and struct schema (#7594)
2c73829 chore(codegen): update for $unknown union member handling (#7591)
8e9ad47 chore(codegen): upgrade smithy to 1.65.0 (#7588)
821ba3b Publish v3.955.0
e9b7f20 chore(clients): export star from models_N (#7586)
0bfc110 Publish v3.954.0
b654d97 chore(clients): bump '@smithy/*' versions (#7582)
1978c68 chore(codegen): changes for handling conflicting params (#7549)
09e0721 Publish v3.953.0
Additional commits viewable in compare view

Updates @hocuspocus/extension-database from 3.2.3 to 3.4.3

Release notes

Sourced from @hocuspocus/extension-database's releases.

v3.4.3

trusted publishing test

Full Changelog: ueberdosis/hocuspocus@v3.4.2...v3.4.3

v3.4.2

What's Changed

fix: fixes memory leak under high load

chore: testing new publish workflow

Full Changelog: ueberdosis/hocuspocus@v3.4.1...v3.4.2

v3.4.1

What's Changed

fix: extension-redis: on awareness crasah prevention and memory leak onStoreDocument by @matteotarantino-algor in ueberdosis/hocuspocus#1032

build(deps): bump hono from 4.10.2 to 4.10.3 by @dependabot[bot] in ueberdosis/hocuspocus#1016

WIP: chore: remove docs as they are now present in @ueberdosis/tiptap-docs by @janthurau in ueberdosis/hocuspocus#952

build(deps): bump actions/checkout from 5 to 6 by @dependabot[bot] in ueberdosis/hocuspocus#1023

build(deps): bump glob from 10.4.5 to 10.5.0 by @dependabot[bot] in ueberdosis/hocuspocus#1021

Add the missing test for not unloading before ongoing save is finished by @raimohanska in ueberdosis/hocuspocus#1025

build(deps): bump next from 15.4.7 to 15.4.8 by @dependabot[bot] in ueberdosis/hocuspocus#1030

build(deps): bump next from 15.4.7 to 15.4.8 in /playground/frontend by @dependabot[bot] in ueberdosis/hocuspocus#1026

New Contributors

@matteotarantino-algor made their first contribution in ueberdosis/hocuspocus#1032

Full Changelog: ueberdosis/hocuspocus@v3.4.0...v3.4.1

v3.4.0

What's Changed

fix: fixes timing issues with debouncer: new debounced functions may start before the previous had finished by @janthurau in ueberdosis/hocuspocus#1014

fix: make beforeSync not async, as this may break message processing … by @janthurau in ueberdosis/hocuspocus#1015

feat: adds lastChangeTime on document which can be used to identify the last time a document has had changes

Note: This changes the behaviour of debounce and beforeSync. Debounce will now make sure that a storeDocumentHook can't run concurrently, and beforeSync is not awaited anymore, as this breaks message order. This will probably be fixed again in the future, once either Yjs has improved observers with missing updates, or once we have implemented messaging ordering.

Full Changelog: ueberdosis/hocuspocus@v3.3.2...v3.4.0

v3.3.2

same as v3.3.0

Full Changelog: ueberdosis/hocuspocus@v3.3.1...v3.3.2

v3.3.0

What's Changed

feat: add onTokenSync hook for auth token re-sync by @0xb4lamx in ueberdosis/hocuspocus#1001

fix: fixes timing issues when multiple users leave the same document together

... (truncated)

Changelog

Sourced from @hocuspocus/extension-database's changelog.

3.4.3 (2025-12-15)

Note: Version bump only for package hocuspocus

3.4.2 (2025-12-15)

Bug Fixes

fixes memory leak under high load, replace nextTick by setTimeout (1f0b5a4)

3.4.1 (2025-12-09)

Bug Fixes

on awareness craah prevention and memory leak onStoreDocument (#1032) (67957ae), closes #1 #3 #1027

3.4.0 (2025-10-24)

Bug Fixes

fixes timing issues with debouncer: new debounced functions may start before the previous had finished (708bfdb)

make beforeSync not async, as this may break message processing order (see yjs/yjs#591) (abeb298)

make beforeSync not async, as this may break message processing order (see issue 591 of yjs) (1d11bea)

make handleUpdate sync to avoid timing issues (9a6485b)

Features

adds Document.lastChangeTime, which is set to Date.now() whenever a change on the documment has been detected (9092efd)

3.3.2 (2025-10-23)

... (truncated)

Commits

cc66673 v3.4.3
19c7287 chore: adds repository.url field to all package.json for trusted publishing
8d20212 v3.4.2
1f0b5a4 fix: fixes memory leak under high load, replace nextTick by setTimeout
adaff27 build(deps): bump next from 15.4.9 to 15.4.10 in /playground/frontend (#1036)
d6849c2 build(deps): bump next from 15.4.8 to 15.4.9 in /playground/frontend (#1035)
eb8f623 Update publishing workflow to use trusted publishing (#1033)
f1d282d v3.4.1
67957ae fix: on awareness craah prevention and memory leak onStoreDocument (#1032)
cc04534 build(deps): bump next from 15.4.7 to 15.4.8 in /playground/frontend (#1026)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @hocuspocus/extension-database since your current version.

Updates @hocuspocus/extension-logger from 3.2.3 to 3.4.3

Release notes

Sourced from @hocuspocus/extension-logger's releases.

v3.4.3

trusted publishing test

Full Changelog: ueberdosis/hocuspocus@v3.4.2...v3.4.3

v3.4.2

What's Changed

fix: fixes memory leak under high load

chore: testing new publish workflow

Full Changelog: ueberdosis/hocuspocus@v3.4.1...v3.4.2

v3.4.1

What's Changed

fix: extension-redis: on awareness crasah prevention and memory leak onStoreDocument by @matteotarantino-algor in ueberdosis/hocuspocus#1032

build(deps): bump hono from 4.10.2 to 4.10.3 by @dependabot[bot] in ueberdosis/hocuspocus#1016

WIP: chore: remove docs as they are now present in @ueberdosis/tiptap-docs by @janthurau in ueberdosis/hocuspocus#952

build(deps): bump actions/checkout from 5 to 6 by @dependabot[bot] in ueberdosis/hocuspocus#1023

build(deps): bump glob from 10.4.5 to 10.5.0 by @dependabot[bot] in ueberdosis/hocuspocus#1021

Add the missing test for not unloading before ongoing save is finished by @raimohanska in ueberdosis/hocuspocus#1025

build(deps): bump next from 15.4.7 to 15.4.8 by @dependabot[bot] in ueberdosis/hocuspocus#1030

build(deps): bump next from 15.4.7 to 15.4.8 in /playground/frontend by @dependabot[bot] in ueberdosis/hocuspocus#1026

New Contributors

@matteotarantino-algor made their first contribution in ueberdosis/hocuspocus#1032

Full Changelog: ueberdosis/hocuspocus@v3.4.0...v3.4.1

v3.4.0

What's Changed

fix: fixes timing issues with debouncer: new debounced functions may start before the previous had finished by @janthurau in ueberdosis/hocuspocus#1014

fix: make beforeSync not async, as this may break message processing … by @janthurau in ueberdosis/hocuspocus#1015

feat: adds lastChangeTime on document which can be used to identify the last time a document has had changes

Note: This changes the behaviour of debounce and beforeSync. Debounce will now make sure that a storeDocumentHook can't run concurrently, and beforeSync is not awaited anymore, as this breaks message order. This will probably be fixed again in the future, once either Yjs has improved observers with missing updates, or once we have implemented messaging ordering.

Full Changelog: ueberdosis/hocuspocus@v3.3.2...v3.4.0

v3.3.2

same as v3.3.0

Full Changelog: ueberdosis/hocuspocus@v3.3.1...v3.3.2

v3.3.0

What's Changed

feat: add onTokenSync hook for auth token re-sync by @0xb4lamx in ueberdosis/hocuspocus#1001

fix: fixes timing issues when multiple users leave the same document together

... (truncated)

Changelog

Sourced from @hocuspocus/extension-logger's changelog.

3.4.3 (2025-12-15)

Note: Version bump only for package hocuspocus

3.4.2 (2025-12-15)

Bug Fixes

fixes memory leak under high load, replace nextTick by setTimeout (1f0b5a4)

3.4.1 (2025-12-09)

Bug Fixes

on awareness craah prevention and memory leak onStoreDocument (#1032) (67957ae), closes #1 #3 #1027

3.4.0 (2025-10-24)

Bug Fixes

fixes timing issues with debouncer: new debounced functions may start before the previous had finished (708bfdb)

make beforeSync not async, as this may break message processing order (see yjs/yjs#591) (abeb298)

make beforeSync not async, as this may break message processing order (see issue 591 of yjs) (1d11bea)

make handleUpdate sync to avoid timing issues (9a6485b)

Features

adds Document.lastChangeTime, which is set to Date.now() whenever a change on the documment has been detected (9092efd)

3.3.2 (2025-10-23)

... (truncated)

Commits

cc66673 v3.4.3
19c7287 chore: adds repository.url field to all package.json for trusted publishing
8d20212 v3.4.2
1f0b5a4 fix: fixes memory leak under high load, replace nextTick by setTimeout
adaff27 build(deps): bump next from 15.4.9 to 15.4.10 in /playground/frontend (#1036)
d6849c2 build(deps): bump next from 15.4.8 to 15.4.9 in /playground/frontend (#1035)
eb8f623 Update publishing workflow to use trusted publishing (#1033)
f1d282d v3.4.1
67957ae fix: on awareness craah prevention and memory leak onStoreDocument (#1032)
cc04534 build(deps): bump next from 15.4.7 to 15.4.8 in /playground/frontend (#1026)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @hocuspocus/extension-logger since your current version.

Updates @hocuspocus/server from 3.2.3 to 3.4.3

Release notes

Sourced from @hocuspocus/server's releases.

v3.4.3

trusted publishing test

Full Changelog: ueberdosis/hocuspocus@v3.4.2...v3.4.3

v3.4.2

What's Changed

fix: fixes memory leak under high load

chore: testing new publish workflow

Full Changelog: ueberdosis/hocuspocus@v3.4.1...v3.4.2

v3.4.1

What's Changed

fix: extension-redis: on awareness crasah prevention and memory leak onStoreDocument by @matteotarantino-algor in ueberdosis/hocuspocus#1032

build(deps): bump hono from 4.10.2 to 4.10.3 by @dependabot[bot] in ueberdosis/hocuspocus#1016

WIP: chore: remove docs as they are now present in @ueberdosis/tiptap-docs by @janthurau in ueberdosis/hocuspocus#952

build(deps): bump actions/checkout from 5 to 6 by @dependabot[bot] in ueberdosis/hocuspocus#1023

build(deps): bump glob from 10.4.5 to 10.5.0 by @dependabot[bot] in ueberdosis/hocuspocus#1021

Add the missing test for not unloading before ongoing save is finished by @raimohanska in ueberdosis/hocuspocus#1025

build(deps): bump next from 15.4.7 to 15.4.8 by @dependabot[bot] in ueberdosis/hocuspocus#1030

build(deps): bump next from 15.4.7 to 15.4.8 in /playground/frontend by @dependabot[bot] in ueberdosis/hocuspocus#1026

New Contributors

@matteotarantino-algor made their first contribution in ueberdosis/hocuspocus#1032

Full Changelog: ueberdosis/hocuspocus@v3.4.0...v3.4.1

v3.4.0

What's Changed

fix: fixes timing issues with debouncer: new debounced functions may start before the previous had finished by @janthurau in ueberdosis/hocuspocus#1014

fix: make beforeSync not async, as this may break message processing … by @janthurau in ueberdosis/hocuspocus#1015

feat: adds lastChangeTime on document which can be used to identify the last time a document has had changes

Note: This changes the behaviour of debounce and beforeSync. Debounce will now make sure that a storeDocumentHook can't run concurrently, and beforeSync is not awaited anymore, as this breaks message order. This will probably be fixed again in the future, once either Yjs has improved observers with missing updates, or once we have implemented messaging ordering.

Full Changelog: ueberdosis/hocuspocus@v3.3.2...v3.4.0

v3.3.2

same as v3.3.0

Full Changelog: ueberdosis/hocuspocus@v3.3.1...v3.3.2

v3.3.0

What's Changed

feat: add onTokenSync hook for auth token re-sync by @0xb4lamx in ueberdosis/hocuspocus#1001

fix: fixes timing issues when multiple users leave the same document together

... (truncated)

Changelog

Sourced from @hocuspocus/server's changelog.

3.4.3 (2025-12-15)

Note: Version bump only for package hocuspocus

3.4.2 (2025-12-15)

Bug Fixes

fixes memory leak under high load, replace nextTick by setTimeout (1f0b5a4)

3.4.1 (2025-12-09)

Bug Fixes

on awareness craah prevention and memory leak onStoreDocument (#1032) (67957ae), closes #1 #3 #1027

3.4.0 (2025-10-24)

Bug Fixes

fixes timing issues with debouncer: new debounced functions may start before the previous had finished (708bfdb)

make beforeSync not async, as this may break message processing order (see yjs/yjs#591) (abeb298)

make beforeSync not async, as this may break message processing order (see issue 591 of yjs) (1d11bea)

make handleUpdate sync to avoid timing issues (9a6485b)

Features

adds Document.lastChangeTime, which is set to Date.now() whenever a change on the documment has been detected (9092efd)

3.3.2 (2025-10-23)

... (truncated)

Commits

cc66673 v3.4.3
19c7287 chore: adds repository.url field to all package.json for trusted publishing
8d20212 v3.4.2
1f0b5a4 fix: fixes memory leak under high load, replace nextTick by setTimeout
adaff27 build(deps): bump next from 15.4.9 to 15.4.10 in /playground/frontend (#1036)
d6849c2 build(deps): bump next from 15.4.8 to 15.4.9 in /playground/frontend (#1035)
eb8f623 Update publishing workflow to use trusted publishing (#1033)
f1d282d v3.4.1
67957ae fix: on awareness craah prevention and memory leak onStoreDocument (#1032)
cc04534 build(deps): bump next from 15.4.7 to 15.4.8 in /playground/frontend (#1026)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @hocuspocus/server since your current version.

Updates @types/formidable from 3.4.5 to 3.4.6

Commits

See full diff in compare view

Updates cookie from 1.0.2 to 1.1.1

Release notes

Sourced from cookie's releases.

v1.1.1

Fixed

Overwrite value in passed in options (#253) c66147c

When value was provided in serialize(key, value, { value }) the value in options was used instead of the value passed as an argument

jshttp/cookie@v1.1.0...v1.1.1

v1.1.0

Added:

Add stringifyCookie and parseSetCookie methods (#244, #214)

Rename existing methods for clarity (old method names remain for backward compatibility)

parse → parseCookie

serialize → stringifySetCookie

Add side effects field (#245) 00b0327

jshttp/cookie@v1.0.2...v1.1.0

Commits

1b89eec 1.1.1
c66147c Overwrite value in passed in options (#253)
09cec9f 1.1.0
05ebd34 Add tests for parsing top sites (#249)
6214eaf Add benchmark for parseSetCookie (#247)
71798d7 Fix skip over of boolean attributes (#248)
9e41cf1 build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...
6fea506 Add parse method for set-cookie (#244)
00b0327 Add side effects field (#245)
94586de feat: remove dependabot from repo (#242)
Additional commits viewable in compare view

Updates cron from 4.3.3 to 4.4.0

Release notes

Sourced from cron's releases.

v4.4.0

4.4.0 (2025-12-09)

✨ Features

update node versions to include 24 and 25 (#1031) (b228e7c), closes #1000

♻️ Chores

deps: lock file maintenance (570f9bc)

deps: lock file maintenance (#1026) (ac05b84)

v4.3.5

4.3.5 (2025-11-30)

🐛 Bug Fixes

suppress setTimeout warning with negatives (#1030) (74d3b74), closes #1000

♻️ Chores

action: update actions/checkout action to v5.0.1 (0f3b9f3)

action: update actions/checkout action to v6 (#1028) (232f23a)

action: update actions/create-github-app-token action to v2.2.0 (1ade9ce)

action: update actions/setup-node action to v6 (#1017) (288cf0d)

action: update actions/upload-artifact action to v5 (#1018) (7091186)

action: update github/codeql-action action to v3.31.2 (8c5c4db)

action: update github/codeql-action action to v3.31.5 (c6516f1)

action: update github/codeql-action action to v4 (#1014) (258ee3b)

action: update step-security/harden-runner action to v2.13.2 (2f44428)

deps: update dependency @eslint/js to v9.39.1 (319462a)

deps: update dependency @semantic-release/github to v12.0.1 (dfa3411)

deps: update dependency @swc/core to v1.15.0 (7aa02a2)

deps: update dependency @swc/core to v1.15.3 (af87e4d)

deps: update dependency @types/node to v22.19.0 (67701aa)

deps: update dependency @types/node to v22.19.1 (2c0d2bb)

deps: update dependency @types/sinon to v21 (#1029) (028b8b7)

deps: update semantic-release related packages (e29b122)

v4.3.4

4.3.4 (2025-11-06)

🐛 Bug Fixes

catch errors in async onTick functions (#1013) (2ac3001)

🛠 Builds

add GitHub app token to use for release (#1024) (61b54f6)

remove chai since we aren't using it (#1012) (cf14205)

... (truncated)

Changelog

Sourced from cron's changelog.

4.4.0 (2025-12-09)

✨ Features

update node versions to include 24 and 25 (#1031) (b228e7c), closes #1000

♻️ Chores

deps: lock file maintenance (570f9bc)

deps: lock file maintenance (#1026) (ac05b84)

4.3.5 (2025-11-30)

🐛 Bug Fixes

suppress setTimeout warning with negatives (#1030) (74d3b74), closes #1000

♻️ Chores

action: update actions/checkout action to v5.0.1 (0f3b9f3)

action: update actions/checkout action to v6 (#1028) (232f23a)

action: update actions/create-github-app-token action to v2.2.0 (1ade9ce)

action: update actions/setup-node action to v6 (#1017) (288cf0d)

action: update actions/upload-artifact action to v5 (#1018) (7091186)

action: update github/codeql-action action to v3.31.2 (8c5c4db)

action: update github/codeql-action action to v3.31.5 (c6516f1)

action: update github/codeql-action action to v4 (#1014) (258ee3b)

action: update step-security/harden-runner action to v2.13.2 (2f44428)

deps: update dependency @eslint/js to v9.39.1 (319462a)

deps: update dependency @semantic-release/github to v12.0.1 (dfa3411)

deps: update dependency @swc/core to v1.15.0 (7aa02a2)

deps: update dependency @swc/core to v1.15.3 (af87e4d)

deps: update dependency @types/node to v22.19.0 (67701aa)

deps: update dependency @types/node to v22.19.1 (2c0d2bb)

deps: update dependency @types/sinon to v21 (#1029) (028b8b7)

deps: update semantic-release related packages (e29b122)

4.3.4 (2025-11-06)

🐛 Bug Fixes

catch errors in async onTick functions (#1013) (2ac3001)

🛠 Builds

add GitHub app token to use for release (#1024) (61b54f6)

remove chai since we aren't using it (#1012) (cf14205)

switch to using built in GitHub token (#1022) (d24b3ea)

update release config to use trusted publishing (#1023) (0cb3ff6), closes #1017 #1018

use trusted publishing to publish to NPM (#1021) (44f14f3)

... (truncated)

Commits

d2f18cf Release v4.4.0 [skip ci]
b228e7c feat: update node versions to include 24 and 25 (#1031)
570f9bc chore(deps): lock file maintenance
ac05b84 chore(deps): lock file maintenance (#1026)
3f1f009 Release v4.3.5 [skip ci]
74d3b74 fix: suppress setTimeout warning with negatives (#1030)
258ee3b chore(action): update github/codeql-action action to v4 (#1014)
288cf0d chore(action): update actions/setup-node action to v6 (#1017)
7091186 chore(action): update actions/upload-artifact action to v5 (#1018)
232f23a chore(action): update actions/checkout action to v6 (#1028)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for cron since your current version.

Updates jsonwebtoken from 9.0.2 to 9.0.3

Changelog

Sourced from jsonwebtoken's changelog....

Description has been truncated

Bumps the production-dependencies group with 7 updates in the /backend directory: | Package | From | To | | --- | --- | --- | | [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.896.0` | `3.956.0` | | [@hocuspocus/extension-database](https://github.com/ueberdosis/hocuspocus) | `3.2.3` | `3.4.3` | | [@hocuspocus/extension-logger](https://github.com/ueberdosis/hocuspocus) | `3.2.3` | `3.4.3` | | [@types/formidable](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/formidable) | `3.4.5` | `3.4.6` | | [cookie](https://github.com/jshttp/cookie) | `1.0.2` | `1.1.1` | | [cron](https://github.com/kelektiv/node-cron) | `4.3.3` | `4.4.0` | | [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) | `9.0.2` | `9.0.3` | Updates `@aws-sdk/client-s3` from 3.896.0 to 3.956.0 - [Release notes](https://github.com/aws/aws-sdk-js-v3/releases) - [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.956.0/clients/client-s3) Updates `@hocuspocus/extension-database` from 3.2.3 to 3.4.3 - [Release notes](https://github.com/ueberdosis/hocuspocus/releases) - [Changelog](https://github.com/ueberdosis/hocuspocus/blob/main/CHANGELOG.md) - [Commits](ueberdosis/hocuspocus@v3.2.3...v3.4.3) Updates `@hocuspocus/extension-logger` from 3.2.3 to 3.4.3 - [Release notes](https://github.com/ueberdosis/hocuspocus/releases) - [Changelog](https://github.com/ueberdosis/hocuspocus/blob/main/CHANGELOG.md) - [Commits](ueberdosis/hocuspocus@v3.2.3...v3.4.3) Updates `@hocuspocus/server` from 3.2.3 to 3.4.3 - [Release notes](https://github.com/ueberdosis/hocuspocus/releases) - [Changelog](https://github.com/ueberdosis/hocuspocus/blob/main/CHANGELOG.md) - [Commits](ueberdosis/hocuspocus@v3.2.3...v3.4.3) Updates `@types/formidable` from 3.4.5 to 3.4.6 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/formidable) Updates `cookie` from 1.0.2 to 1.1.1 - [Release notes](https://github.com/jshttp/cookie/releases) - [Commits](jshttp/cookie@v1.0.2...v1.1.1) Updates `cron` from 4.3.3 to 4.4.0 - [Release notes](https://github.com/kelektiv/node-cron/releases) - [Changelog](https://github.com/kelektiv/node-cron/blob/main/CHANGELOG.md) - [Commits](kelektiv/node-cron@v4.3.3...v4.4.0) Updates `jsonwebtoken` from 9.0.2 to 9.0.3 - [Changelog](https://github.com/auth0/node-jsonwebtoken/blob/master/CHANGELOG.md) - [Commits](auth0/node-jsonwebtoken@v9.0.2...v9.0.3) --- updated-dependencies: - dependency-name: "@aws-sdk/client-s3" dependency-version: 3.956.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: "@hocuspocus/extension-database" dependency-version: 3.4.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: "@hocuspocus/extension-logger" dependency-version: 3.4.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: "@hocuspocus/server" dependency-version: 3.4.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: "@types/formidable" dependency-version: 3.4.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: cookie dependency-version: 1.1.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: cron dependency-version: 4.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: jsonwebtoken dependency-version: 9.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Dec 22, 2025

JannikStreek merged commit dc079b8 into main Dec 22, 2025
3 checks passed

dependabot bot deleted the dependabot/npm_and_yarn/backend/production-dependencies-5bfbc7439a branch December 22, 2025 14:16

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the production-dependencies group across 1 directory with 8 updates#31

Bump the production-dependencies group across 1 directory with 8 updates#31
JannikStreek merged 1 commit intomainfrom
dependabot/npm_and_yarn/backend/production-dependencies-5bfbc7439a

dependabot bot commented on behalf of github Dec 22, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot bot commented on behalf of github Dec 22, 2025

v3.956.0

3.956.0(2025-12-19)

Chores

Documentation Changes

New Features

Bug Fixes

v3.955.0

3.955.0(2025-12-18)

Chores

New Features

3.956.0 (2025-12-19)

3.955.0 (2025-12-18)

3.954.0 (2025-12-17)

3.953.0 (2025-12-16)

Features

3.952.0 (2025-12-15)

Features

3.948.0 (2025-12-09)

v3.4.3

v3.4.2

What's Changed

v3.4.1

What's Changed

New Contributors

v3.4.0

What's Changed

v3.3.2

v3.3.0

What's Changed

3.4.3 (2025-12-15)

3.4.2 (2025-12-15)

Bug Fixes

3.4.1 (2025-12-09)

Bug Fixes

3.4.0 (2025-10-24)

Bug Fixes

Features

3.3.2 (2025-10-23)

v3.4.3

v3.4.2

What's Changed

v3.4.1

What's Changed

New Contributors

v3.4.0

What's Changed

v3.3.2

v3.3.0

What's Changed

3.4.3 (2025-12-15)

3.4.2 (2025-12-15)

Bug Fixes

3.4.1 (2025-12-09)

Bug Fixes

3.4.0 (2025-10-24)

Bug Fixes

Features

3.3.2 (2025-10-23)

v3.4.3

v3.4.2

What's Changed

v3.4.1

What's Changed

New Contributors

v3.4.0

What's Changed

v3.3.2

v3.3.0

What's Changed

3.4.3 (2025-12-15)

3.4.2 (2025-12-15)

Bug Fixes

3.4.1 (2025-12-09)

Bug Fixes

3.4.0 (2025-10-24)

Bug Fixes

Features

3.3.2 (2025-10-23)