chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@cloudscape-design/components (source)	3.0.1121 -> 3.0.1126			dependencies	patch
@sentry/nextjs (source)	10.22.0 -> 10.23.0			dependencies	minor
@types/node (source)	22.18.8 -> 22.19.0			devDependencies	minor
eslint (source)	9.37.0 -> 9.39.1			devDependencies	minor
eslint-config-next (source)	15.5.4 -> 15.5.6			devDependencies	patch
node (source)	22.20.0 -> 22.21.1				minor

---

Release Notes

cloudscape-design/components (@​cloudscape-design/components)

v3.0.1126

Compare Source

3.0.1126 (2025-11-05)

No customer visible changes in this release

v3.0.1125

Compare Source

3.0.1125 (2025-11-05)

Features

• implement style api for textarea component (#​4001) (5727a40)
• Method onToggleFocusMode for the left drawer (#​3996) (f598161)

Bug Fixes

• Fixes chart popover click outside when in iframe (#​4005) (58547d1)
• header focus outline to use CDS styles instead of native outline (#​4008) (3b7067b)
• Left panel size calculation (#​4006) (dbfeb04)
• Multi app layout detection (#​3999) (4550381)
• vertical centering for h2 headers without description in expandable sections (#​3993) (6ca64cd)

v3.0.1124

Compare Source

3.0.1124 (2025-11-04)

Features

• add i18n support for itemRemovedAriaLive in attribute-editor (#​3985) (6393a71)

Bug Fixes

• Don't automatically focus on hidden/invisible elements (#​3983) (a59c74f)
• Toolbar with triggerless global drawers (#​4000) (0a448ad)

v3.0.1123

Compare Source

3.0.1123 (2025-11-03)

Features

• add custom primary actions for wizard component (#​3994) (67a26ae)

v3.0.1122

Compare Source

3.0.1122 (2025-11-03)

Features

• implement style api for input component (#​3992) (05d1e35)

getsentry/sentry-javascript (@​sentry/nextjs)

v10.23.0

Compare Source

• feat(core): Send user-agent header with envelope requests in server SDKs (#​17929)
• feat(browser): Limit transport buffer size (#​18046)
• feat(core): Remove default value of maxValueLength: 250 (#​18043)
• feat(react-router): Align options with shared build time options type (#​18014)
• fix(browser-utils): cache element names for INP (#​18052)
• fix(browser): Capture unhandled rejection errors for web worker integration (#​18054)
• fix(cloudflare): Ensure types for cloudflare handlers (#​18064)
• fix(nextjs): Update proxy template wrapping (#​18086)
• fix(nuxt): Added top-level fallback exports (#​18083)
• fix(nuxt): check for H3 error cause before re-capturing (#​18035)
• fix(replay): Linked errors not resetting session id (#​17854)
• fix(tracemetrics): Bump metrics buffer to 1k (#​18039)
• fix(vue): Make options parameter optional on attachErrorHandler (#​18072)
• ref(core): Set span status internal_error instead of unknown_error (#​17909)

Internal Changes

• fix(tests): un-override nitro dep version for nuxt-3 test (#​18056)
• fix(e2e): Add p-map override to fix React Router 7 test builds (#​18068)
• feat: Add a note to save changes before starting (#​17987)
• test(browser): Add test for INP target name after navigation or DOM changes (#​18033)
• chore: Add external contributor to CHANGELOG.md (#​18032)
• chore(aws-serverless): Fix typo in timeout warning function name (#​18031)
• chore(browser): upgrade fake-indexeddb to v6 (#​17975)
• chore(tests): pass test flags through to the test command (#​18062)

Work in this release was contributed by @​hanseo0507. Thank you for your contribution!

Bundle size 📦

Path	Size
@​sentry/browser	24.06 KB
@​sentry/browser - with treeshaking flags	22.58 KB
@​sentry/browser (incl. Tracing)	40.29 KB
@​sentry/browser (incl. Tracing, Profiling)	44.47 KB
@​sentry/browser (incl. Tracing, Replay)	77.64 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags	67.58 KB
@​sentry/browser (incl. Tracing, Replay with Canvas)	82.23 KB
@​sentry/browser (incl. Tracing, Replay, Feedback)	94.12 KB
@​sentry/browser (incl. Feedback)	40.34 KB
@​sentry/browser (incl. sendFeedback)	28.62 KB
@​sentry/browser (incl. FeedbackAsync)	33.44 KB
@​sentry/react	25.71 KB
@​sentry/react (incl. Tracing)	42.23 KB
@​sentry/vue	28.45 KB
@​sentry/vue (incl. Tracing)	42.04 KB
@​sentry/svelte	24.07 KB
CDN Bundle	26.27 KB
CDN Bundle (incl. Tracing)	40.82 KB
CDN Bundle (incl. Tracing, Replay)	76.24 KB
CDN Bundle (incl. Tracing, Replay, Feedback)	81.6 KB
CDN Bundle - uncompressed	77.04 KB
CDN Bundle (incl. Tracing) - uncompressed	121.1 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed	233.6 KB
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed	246.06 KB
@​sentry/nextjs (client)	44.3 KB
@​sentry/sveltekit (client)	40.69 KB
@​sentry/node-core	49.62 KB
@​sentry/node	154.18 KB
@​sentry/node - without tracing	90.52 KB
@​sentry/aws-serverless	103.93 KB

eslint/eslint (eslint)

v9.39.1

Compare Source

v9.39.0

Compare Source

v9.38.0

Compare Source

Features

• ce40f74 feat: update complexity rule to only highlight function header (#​20048) (Atul Nair)
• e37e590 feat: correct no-loss-of-precision false positives with e notation (#​20187) (Francesco Trotta)

Bug Fixes

• 50c3dfd fix: improve type support for isolated dependencies in pnpm (#​20201) (Francesco Trotta)
• a1f06a3 fix: correct SourceCode typings (#​20114) (Pixel998)

Documentation

• 462675a docs: improve web accessibility by hiding non-semantic character (#​20205) (루밀LuMir)
• c070e65 docs: correct formatting in no-irregular-whitespace rule documentation (#​20203) (루밀LuMir)
• b39e71a docs: Update README (GitHub Actions Bot)
• cd39983 docs: move custom-formatters type descriptions to nodejs-api (#​20190) (Percy Ma)

Chores

• d17c795 chore: upgrade @​eslint/js@​9.38.0 (#​20221) (Milos Djermanovic)
• 25d0e33 chore: package.json update for @​eslint/js release (Jenkins)
• c82b5ef refactor: Use types from @​eslint/core (#​20168) (Nicholas C. Zakas)
• ff31609 ci: add Node.js 25 to ci.yml (#​20220) (루밀LuMir)
• 004577e ci: bump github/codeql-action from 3 to 4 (#​20211) (dependabot[bot])
• eac71fb test: remove use of nodejsScope option of eslint-scope from tests (#​20206) (Milos Djermanovic)
• 4168a18 chore: fix typo in legacy-eslint.js (#​20202) (Sweta Tanwar)
• 205dbd2 chore: fix typos (#​20200) (ntnyq)
• dbb200e chore: use team member's username when name is not available in data (#​20194) (Milos Djermanovic)
• 8962089 chore: mark deprecated rules as available until v11.0.0 (#​20184) (Pixel998)

vercel/next.js (eslint-config-next)

v15.5.6

Compare Source

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Turbopack: don't define process.cwd() in node_modules #​83452

Credits

Huge thanks to @​mischnic for helping!

v15.5.5

Compare Source

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Split code-frame into separate compiled package (#​84238)
• Add deprecation warning to Runtime config (#​84650)
• fix: unstable_cache should perform blocking revalidation during ISR revalidation (#​84716)
• feat: experimental.middlewareClientMaxBodySize body cloning limit (#​84722)
• fix: missing next/link types with typedRoutes (#​84779)

Misc Changes

• docs: early October improvements and fixes (#​84334)

Credits

Huge thanks to @​devjiwonchoi, @​ztanner, and @​icyJoseph for helping!

nodejs/node (node)

v22.21.1: 2025-10-28, Version 22.21.1 'Jod' (LTS), @​aduh95

Compare Source

Commits

• [af33e8e668] - benchmark: remove unused variable from util/priority-queue (Bruno Rodrigues) #​59872
• [6764ce8756] - benchmark: update count to n in permission startup (Bruno Rodrigues) #​59872
• [4e8d99f0dc] - benchmark: update num to n in dgram offset-length (Bruno Rodrigues) #​59872
• [af0a8ba7f8] - benchmark: adjust dgram offset-length len values (Bruno Rodrigues) #​59708
• [78efd1be4a] - benchmark: update num to n in dgram offset-length (Bruno Rodrigues) #​59708
• [df72dc96e9] - console,util: improve array inspection performance (Ruben Bridgewater) #​60037
• [ef67d09f50] - http: improve writeEarlyHints by avoiding for-of loop (Haram Jeong) #​59958
• [23468fd76b] - http2: fix allowHttp1+Upgrade, broken by shouldUpgradeCallback (Tim Perry) #​59924
• [56abc4ac76] - lib: optimize priority queue (Gürgün Dayıoğlu) #​60039
• [ea5cfd98c5] - lib: implement passive listener behavior per spec (BCD1me) #​59995
• [c2dd6eed2f] - process: fix wrong asyncContext under unhandled-rejections=strict (Shima Ryuhei) #​60103
• [81a3055710] - process: fix default env for process.execve (Richard Lau) #​60029
• [fe492c7ace] - process: fix hrtime fast call signatures (Renegade334) #​59600
• [76b4cab8fc] - src: bring permissions macros in line with general C/C++ standards (Anna Henningsen) #​60053
• [21970970c7] - src: remove AnalyzeTemporaryDtors option from .clang-tidy (iknoom) #​60008
• [609c063e81] - src: remove unused variables from report (Moonki Choi) #​60047
• [987841a773] - src: avoid unnecessary string allocations in SPrintF impl (Anna Henningsen) #​60052
• [6e386c0632] - src: make ToLower/ToUpper input args more flexible (Anna Henningsen) #​60052
• [c3be1226c7] - src: allow std::string_view arguments to SPrintF() and friends (Anna Henningsen) #​60058
• [764d35647d] - src: remove unnecessary std::string error messages (Anna Henningsen) #​60057
• [1289ef89ec] - src: remove unnecessary shadowed functions on Utf8Value & BufferValue (Anna Henningsen) #​60056
• [d1fb8a538d] - src: avoid unnecessary string -> char* -> string round trips (Anna Henningsen) #​60055
• [54b439fb5a] - src: fill options_args, options_env after vectors are finalized (iknoom) #​59945
• [c7c597e2ca] - src: use RAII for uv_process_options_t (iknoom) #​59945
• [b928ea9716] - test: ensure that the message event is fired (Luigi Pinca) #​59952
• [e4b95a5158] - test: replace diagnostics_channel stackframe in output snapshots (Chengzhong Wu) #​60024
• [4206406694] - test: mark test-web-locks skip on IBM i (SRAVANI GUNDEPALLI) #​59996
• [26394cd5bf] - test: expand tls-check-server-identity coverage (Diango Gavidia) #​60002
• [b58df47995] - test: fix typo of test-benchmark-readline.js (Deokjin Kim) #​59993
• [af3a59dba8] - test: verify tracing channel doesn't swallow unhandledRejection (Gerhard Stöbich) #​59974
• [cee362242b] - timers: fix binding fast call signatures (Renegade334) #​59600
• [40fea57fdd] - tools: add message on auto-fixing js lint issues in gh workflow (Dario Piotrowicz) #​59128
• [aac90d351b] - tools: verify signatures when updating nghttp* (Antoine du Hamel) #​60113
• [9fae03c7d9] - tools: use dependabot cooldown and move tools/doc (Rafael Gonzaga) #​59978
• [81548abdf6] - wasi: fix WasiFunction fast call signature (Renegade334) #​59600

v22.21.0: 2025-10-20, Version 22.21.0 'Jod' (LTS), @​aduh95

Compare Source

Notable Changes

• [1486fedea1] - (SEMVER-MINOR) cli: add --use-env-proxy (Joyee Cheung) #​59151
• [bedaaa11fc] - (SEMVER-MINOR) http: support http proxy for fetch under NODE_USE_ENV_PROXY (Joyee Cheung) #​57165
• [af8b5fa29d] - (SEMVER-MINOR) http: add shouldUpgradeCallback to let servers control HTTP upgrades (Tim Perry) #​59824
• [42102594b1] - (SEMVER-MINOR) http,https: add built-in proxy support in http/https.request and Agent (Joyee Cheung) #​58980
• [686ac49b82] - (SEMVER-MINOR) src: add percentage support to --max-old-space-size (Asaf Federman) #​59082

Commits

• [a71dd592e3] - benchmark: calibrate config dgram multi-buffer (Bruno Rodrigues) #​59696
• [16c4b466f4] - benchmark: calibrate config cluster/echo.js (Nam Yooseong) #​59836
• [53cb9f3b6c] - build: add the missing macro definitions for OpenHarmony (hqzing) #​59804
• [ec5290fe01] - build: do not include custom ESLint rules testing in tarball (Antoine du Hamel) #​59809
• [1486fedea1] - (SEMVER-MINOR) cli: add --use-env-proxy (Joyee Cheung) #​59151
• [1f93913446] - crypto: use return await when returning Promises from async functions (Renegade334) #​59841
• [f488b2ff73] - crypto: use async functions for non-stub Promise-returning functions (Renegade334) #​59841
• [aed9fd5ac4] - crypto: avoid calls to promise.catch() (Renegade334) #​59841
• [37c2d186f0] - deps: update amaro to 1.1.4 (pmarchini) #​60044
• [28aea13419] - deps: update archs files for openssl-3.5.4 (Node.js GitHub Bot) #​60101
• [ddbc1aa0bb] - deps: upgrade openssl sources to openssl-3.5.4 (Node.js GitHub Bot) #​60101
• [badbba2da9] - deps: update googletest to 50b8600 (Node.js GitHub Bot) #​59955
• [48aaf98a08] - deps: update archs files for openssl-3.5.3 (Node.js GitHub Bot) #​59901
• [e02a562ea6] - deps: upgrade openssl sources to openssl-3.5.3 (Node.js GitHub Bot) #​59901
• [7e0e86cb92] - deps: upgrade npm to 10.9.4 (npm team) #​60074
• [91dda5facf] - deps: update undici to 6.22.0 (Matteo Collina) #​60112
• [3a3220a2f0] - dgram: restore buffer optimization in fixBufferList (Yoo) #​59934
• [09bdcce6b8] - diagnostics_channel: fix race condition with diagnostics_channel and GC (Ugaitz Urien) #​59910
• [b3eeb3bd13] - doc: provide alternative to url.parse() using WHATWG URL (Steven) #​59736
• [1ddaab1904] - doc: mention reverse proxy and include simple example (Steven) #​59736
• [3b3b71e99c] - doc: mark .env files support as stable (Santeri Hiltunen) #​59925
• [d37f67d1bd] - doc: remove optional title prefixes (Aviv Keller) #​60087
• [ca2dff63f9] - doc: fix typo on child_process.md (Angelo Gazzola) #​60114
• [3fca564a05] - doc: add automated migration info to deprecations (Augustin Mauroy) #​60022
• [4bc366fc16] - doc: use "WebAssembly" instead of "Web Assembly" (Tobias Nießen) #​59954
• [4808dbdd9a] - doc: fix typo in section on microtask order (Tobias Nießen) #​59932
• [d6e303d645] - doc: update V8 fast API guidance (René) #​58999
• [0a3a3f729e] - doc: add security escalation policy (Ulises Gascón) #​59806
• [8fd669c70d] - doc: type improvement of file http.md (yusheng chen) #​58189
• [9833dc6060] - doc: rephrase dynamic import() description (Nam Yooseong) #​59224
• [2870a73681] - doc,crypto: update subtle.generateKey and subtle.importKey (Filip Skokan) #​59851
• [85818db93c] - fs,win: do not add a second trailing slash in readdir (Gerhard Stöbich) #​59847
• [bedaaa11fc] - (SEMVER-MINOR) http: support http proxy for fetch under NODE_USE_ENV_PROXY (Joyee Cheung) #​57165
• [af8b5fa29d] - (SEMVER-MINOR) http: add shouldUpgradeCallback to let servers control HTTP upgrades (Tim Perry) #​59824
• [758271ae66] - http: optimize checkIsHttpToken for short strings (방진혁) #​59832
• [42102594b1] - (SEMVER-MINOR) http,https: add built-in proxy support in http/https.request and Agent (Joyee Cheung) #​58980
• [a33ed9bf96] - inspector: ensure adequate memory allocation for Binary::toBase64 (René) #​59870
• [34c686be2b] - lib: update inspect output format for subclasses (Miguel Marcondes Filho) #​59687
• [12e553529c] - lib: add source map support for assert messages (Chengzhong Wu) #​59751
• [d2a70571f8] - lib,src: refactor assert to load error source from memory (Chengzhong Wu) #​59751
• [20a9e86b5d] - meta: move Michael to emeritus (Michael Dawson) #​60070
• [c591cca15c] - meta: bump github/codeql-action from 3.30.0 to 3.30.5 (dependabot[bot]) #​60089
• [090ba141b1] - meta: bump codecov/codecov-action from 5.5.0 to 5.5.1 (dependabot[bot]) #​60091
• [a0ba6884a5] - meta: bump actions/stale from 9.1.0 to 10.0.0 (dependabot[bot]) #​60092
• [0feca0c541] - meta: bump actions/setup-node from 4.4.0 to 5.0.0 (dependabot[bot]) #​60093
• [7cd2b42d18] - meta: bump step-security/harden-runner from 2.12.2 to 2.13.1 (dependabot[bot]) #​60094
• [1f3b9d66ac] - meta: bump actions/cache from 4.2.4 to 4.3.0 (dependabot[bot]) #​60095
• [0fedbb3de7] - meta: bump ossf/scorecard-action from 2.4.2 to 2.4.3 (dependabot[bot]) #​60096
• [04590b8267] - meta: bump actions/setup-python from 5.6.0 to 6.0.0 (dependabot[bot]) #​60090
• [2bf0a9318f] - meta: add .npmrc with ignore-scripts=true (Joyee Cheung) #​59914
• [e10dc7b81c] - module: allow overriding linked requests for a ModuleWrap (Chengzhong Wu) #​59527
• [2237142369] - module: link module with a module request record (Chengzhong Wu) #​58886
• [6d24b88fbc] - node-api: added SharedArrayBuffer api (Mert Can Altin) #​59071
• [4cc84c96f4] - node-api: make napi_delete_reference use node_api_basic_env (Jeetu Suthar) #​59684
• [e790eb6b50] - repl: fix cpu overhead pasting big strings to the REPL (Ruben Bridgewater) #​59857
• [99ea08dc43] - repl: add isValidParentheses check before wrap input (Xuguang Mei) #​59607
• [e4a4f63019] - sqlite: fix crash session extension callbacks with workers (Bart Louwers) #​59848
• [42c5544b97] - src: assert memory calc for max-old-space-size-percentage (Asaf Federman) #​59460
• [686ac49b82] - (SEMVER-MINOR) src: add percentage support to --max-old-space-size (Asaf Federman) #​59082
• [84701ff668] - src: clear all linked module caches once instantiated (Chengzhong Wu) #​59117
• [8e182e561f] - src: remove unnecessary Environment::GetCurrent() calls (Moonki Choi) #​59814
• [c9cde35c4d] - src: simplify is_callable by making it a concept (Tobias Nießen) #​58169
• [892b425ee1] - src: rename private fields to follow naming convention (Moonki Choi) #​59923
• [36b68db7f5] - src: reduce the nearest parent package JSON cache size (Michael Smith) #​59888
• [26b40bad02] - src: replace FIXED_ONE_BYTE_STRING with Environment-cached strings (Moonki Choi) #​59891
• [34dcb7dc32] - src: create strings in FIXED_ONE_BYTE_STRING as internalized (Anna Henningsen) #​59826
• [4d748add05] - src: remove std::array overload of FIXED_ONE_BYTE_STRING (Anna Henningsen) #​59826
• [bb6fd7c2d1] - src: ensure v8::Eternal is empty before setting it (Anna Henningsen) #​59825
• [7a91282bf9] - src: use simdjson::pad (0hm☘️) #​59391
• [ba00875f01] - stream: use new AsyncResource instead of bind (Matteo Collina) #​59867
• [ebec3ef68b] - (SEMVER-MINOR) test: move http proxy tests to test/client-proxy (Joyee Cheung) #​58980
• [7067d79fb3] - test: mark sea tests flaky on macOS x64 (Richard Lau) #​60068
• [ca1942c9d5] - test: testcase demonstrating issue 59541 (Eric Rannaud) #​59801
• [660d57355e] - test,doc: skip --max-old-space-size-percentage on 32-bit platforms (Asaf Federman) #​60144
• [19a7b1ef26] - tls: load bundled and extra certificates off-thread (Joyee Cheung) #​59856
• [095e7a81fc] - tls: only do off-thread certificate loading on loading tls (Joyee Cheung) #​59856
• [c42c1204c7] - tools: fix tools/make-v8.sh for clang (Richard Lau) #​59893
• [b632a1d98d] - tools: skip test-internet workflow for draft PRs (Michaël Zasso) #​59817
• [6021c3ac76] - tools: copyedit build-tarball.yml (Antoine du Hamel) #​59808
• [ef005d0c9b] - typings: update 'types' binding (René) #​59692
• [28ef564ecd] - typings: remove unused imports (Nam Yooseong) #​59880
• [f88752ddb6] - url: replaced slice with at (Mikhail) #​59181
• [24c224960c] - url: add type checking to urlToHttpOptions() (simon-id) #​59753
• [f2fbcc576d] - util: fix debuglog.enabled not being present with callback logger (Ruben Bridgewater) #​59858
• [6277058e43] - vm: sync-ify SourceTextModule linkage (Chengzhong Wu) #​59000
• [5bf21a4309] - vm: explain how to share promises between contexts w/ afterEvaluate (Eric Rannaud) #​59801
• [312b33a083] - vm: "afterEvaluate", evaluate() return a promise from the outer context (Eric Rannaud) #​59801
• [1eadab863c] - win,tools: add description to signature (Martin Costello) #​59877
• [816e1befb1] - zlib: reduce code duplication (jhofstee) #​57810

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[socket-security]

All alerts resolved. Learn more about Socket for GitHub.

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

View full report

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	eslint-config-next@​15.5.4 ⏵ 15.5.6
	@​types/​node@​22.18.8 ⏵ 22.19.0			+1
	@​cloudscape-design/​components@​3.0.1121 ⏵ 3.0.1126			+1	+1
	@​sentry/​nextjs@​10.22.0 ⏵ 10.23.0	+1		+1
	eslint@​9.37.0 ⏵ 9.39.1	+1			+1

View full report