Skip to content

build(deps): bump the bsv-workspace group with 32 updates#222

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/bsv-workspace-b26a9f28e3
Open

build(deps): bump the bsv-workspace group with 32 updates#222
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/bsv-workspace-b26a9f28e3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Bumps the bsv-workspace group with 32 updates:

Package From To
@asyncapi/generator 3.2.2 3.3.0
@types/node 25.9.1 26.0.0
ts-loader 9.6.1 9.6.2
tsx 4.22.3 4.22.4
chalk 4.1.2 5.6.2
joi 18.2.1 18.2.3
@chainsafe/libp2p-noise 16.1.5 17.0.0
@chainsafe/libp2p-yamux 7.0.4 8.0.1
@libp2p/bootstrap 11.0.47 12.0.25
@libp2p/crypto 5.1.18 5.1.20
@libp2p/identify 3.0.39 4.1.8
@libp2p/interface 3.2.2 3.2.4
@libp2p/kad-dht 15.1.11 16.3.3
@libp2p/peer-id 5.1.9 6.0.11
@libp2p/ping 2.0.37 3.1.7
@libp2p/pnet 2.0.47 3.0.23
@libp2p/pubsub-peer-discovery 11.0.2 12.0.0
@libp2p/tcp 10.1.19 11.0.22
@multiformats/multiaddr 12.5.1 13.0.3
libp2p 2.10.0 3.3.4
body-parser 2.2.2 2.3.0
uuid 14.0.0 14.0.1
react 18.3.1 19.2.7
@types/react 18.3.29 19.2.17
react-dom 18.3.1 19.2.7
@types/react-dom 18.3.7 19.2.3
better-sqlite3 12.10.0 12.11.1
mysql2 3.22.3 3.22.5
react-router-dom 6.30.3 7.18.0
@shikijs/rehype 1.29.2 4.2.0
@vitejs/plugin-react 4.7.0 6.0.2
vite 6.4.2 8.0.16

Updates @asyncapi/generator from 3.2.2 to 3.3.0

Release notes

Sourced from @​asyncapi/generator's releases.

@​asyncapi/generator@​3.3.0

Minor Changes

  • 5fe91b0: Generated Python and JavaScript WebSocket clients no longer swallow send errors. Failures are now forwarded to the registered error handlers and raised by default, so callers learn when a message fails to send. Pass raise_send_errors=False (Python) or throwSendErrors=false (JavaScript) to the constructor to keep a high-throughput producer loop running and rely on the error handlers instead.

Patch Changes

  • Updated dependencies [5fe91b0]
    • @​asyncapi/generator-components@​0.7.0

@​asyncapi/generator@​3.2.3

Patch Changes

  • 69c2fa1: The mapBaseUrlToFolder resolver now rejects $refs that resolve outside the configured base folder. Previously a reference such as https://schema.example.com/crm/../../../etc/passwd was passed through unnormalized, letting a malicious AsyncAPI document read files outside the mapped folder (path traversal). References that escape the base folder are now blocked with an explicit error.

    This only affects references that start with the mapped base URL and then use ../ to climb out of the mapped folder (e.g. https://schema.example.com/crm/../shared/common.json reaching a sibling folder). If you relied on this to reference files outside the mapped folder, map a higher-level base instead — e.g. map https://schema.example.com/ to ./schemas/ and reference https://schema.example.com/shared/common.json directly — so the resolved paths stay within the mapped folder.

Commits
  • 2b6f977 chore(release): release and bump versions of packages (#2122)
  • 5fe91b0 feat: improve js and python templates on send message error handling (#2109)
  • 07d6a9f chore(release): release and bump versions of packages (#2121)
  • 69c2fa1 fix: security issue with mapBaseUrlToFolder (#2110)
  • 13d0f89 docs: add AI usage policy for contributors (#2111)
  • 95dc0c0 chore(deps): bump protobufjs from 7.5.8 to 7.6.4 in /apps/generator/test/test...
  • af16b14 refactor: support multiple WebSocket channels with query parameters #1973 (#2...
  • db2a6fb refactor(dart): generate send methods dynamically from AsyncAPI operations (#...
  • d87ed49 ci: update of files from global .github repo (#2116)
  • See full diff in compare view

Updates @types/node from 25.9.1 to 26.0.0

Commits

Updates ts-loader from 9.6.1 to 9.6.2

Release notes

Sourced from ts-loader's releases.

v9.6.2

Officially ts-loader has supported 3.6.3+ versions of TypeScript. This change means that certain scenarios with older versions of TS will now certainly fail. If anyone is actually using these versions it would be surprising.

Changelog

Sourced from ts-loader's changelog.

9.6.2

Officially ts-loader has supported 3.6.3+ versions of TypeScript. This change means that certain scenarios with older versions of TS will now certainly fail. If anyone is actually using these versions it would be surprising.

Commits
  • b347bb7 chore: trim runtime dependencies — remove enhanced-resolve/semver, swap micro...
  • See full diff in compare view

Updates tsx from 4.22.3 to 4.22.4

Release notes

Sourced from tsx's releases.

v4.22.4

4.22.4 (2026-05-31)

Bug Fixes

  • resolve CommonJS directory requires inside dependencies (#803) (1ce8463)

This release is also available on:

Commits

Updates chalk from 4.1.2 to 5.6.2

Release notes

Sourced from chalk's releases.

v5.6.2

v5.6.0

  • Make WezTerm terminal use true color a8f5bf7

chalk/chalk@v5.5.0...v5.6.0

v5.5.0

  • Make Ghostty terminal use true color (#653) 79ee2d3

chalk/chalk@v5.4.1...v5.5.0

v5.4.1

  • Fix navigator not defined ReferenceError (#642) 4ebb62d

chalk/chalk@v5.4.0...v5.4.1

v5.4.0

  • Update CIRCLECI environments to return level 3 color support f838120

chalk/chalk@v5.3.0...v5.4.0

v5.3.0

  • Add sideEffects field to package.json 5aafc0a
  • Add support for Gitea Actions (#603) 29b8569

chalk/chalk@v5.2.0...v5.3.0

v5.2.0

  • Improve Deno compatibility (#579) 7443e9f
  • Detect true-color support for GitHub Actions (#579) 7443e9f
  • Detect true-color support for Kitty terminal (#579) 7443e9f
  • Fix test for Azure DevOps environment (#579) 7443e9f

chalk/chalk@v5.1.2...v5.2.0

v5.1.2

  • Fix exported styles names (#569) a34bcf6

chalk/chalk@v5.1.1...v5.1.2

v5.1.1

  • Improved the names of exports introduced in 5.1.0 (#567) 6e0df05
    • We of course preserved the old names.

... (truncated)

Commits

Updates joi from 18.2.1 to 18.2.3

Commits
  • c86ddc0 18.2.3
  • 8077125 Merge pull request #3125 from hapijs/fix/json-schema-multiple-patterns
  • 223217a fix: expose multiple string patterns in json schemas
  • 85947a8 Merge pull request #3124 from hapijs/chore/object-proto
  • fe41c4f chore: deny prototype pollution in objects by restoring prototype
  • 87d3a62 18.2.2
  • 1c7d34e Merge pull request #3120 from hapijs/fix/json-schema-bugfixes
  • 515a8f0 test(json-schema): drop runtime validation from json-schema tests
  • 6574f75 fix(json-schema): register id'd child schemas in $defs
  • 770a2cf fix(json-schema): skip rule handlers with ref arguments
  • Additional commits viewable in compare view

Updates @chainsafe/libp2p-noise from 16.1.5 to 17.0.0

Release notes

Sourced from @​chainsafe/libp2p-noise's releases.

v17.0.0

17.0.0 (2025-09-25)

⚠ BREAKING CHANGES

  • Must be used with libp2p@3.x.x, it cannot be used with earlier versions

Features

Bug Fixes

Trivial Changes

  • release: 17.0.0 [skip ci] (3c628a2)
Changelog

Sourced from @​chainsafe/libp2p-noise's changelog.

17.0.0 (2025-09-25)

⚠ BREAKING CHANGES

  • Must be used with libp2p@3.x.x, it cannot be used with earlier versions

Features

Bug Fixes

Trivial Changes

  • release: 17.0.0 [skip ci] (3c628a2)

17.0.0 (2025-09-25)

⚠ BREAKING CHANGES

  • Must be used with libp2p@3.x.x, it cannot be used with earlier versions

Features

Commits

Updates @chainsafe/libp2p-yamux from 7.0.4 to 8.0.1

Release notes

Sourced from @​chainsafe/libp2p-yamux's releases.

v8.0.1

8.0.1 (2025-10-15)

Bug Fixes

  • make sendReset synchronous to avoid unhandled rejections (#113) (232fb1b)

v8.0.0

8.0.0 (2025-09-25)

⚠ BREAKING CHANGES

  • Must be used with libp2p@3.x.x, it cannot be used with earlier versions

Features

Changelog

Sourced from @​chainsafe/libp2p-yamux's changelog.

8.0.1 (2025-10-15)

Bug Fixes

  • make sendReset synchronous to avoid unhandled rejections (#113) (232fb1b)

8.0.0 (2025-09-25)

⚠ BREAKING CHANGES

  • Must be used with libp2p@3.x.x, it cannot be used with earlier versions

Features

Commits

Updates @libp2p/bootstrap from 11.0.47 to 12.0.25

Release notes

Sourced from @​libp2p/bootstrap's releases.

mplex: v12.0.25

12.0.25 (2026-06-13)

Bug Fixes

Dependencies

  • update uint8array related deps (#3542) (54ec417)
  • The following workspace dependencies were updated
    • dependencies
      • @​libp2p/interface bumped from ^3.2.3 to ^3.2.4
      • @​libp2p/utils bumped from ^7.2.2 to ^7.2.3
    • devDependencies
      • @​libp2p/interface-compliance-tests bumped from ^7.0.24 to ^7.0.25
      • @​libp2p/logger bumped from ^6.2.8 to ^6.2.9

peer-store: v12.0.22

12.0.22 (2026-06-13)

Dependencies

  • update uint8array related deps (#3542) (54ec417)
  • The following workspace dependencies were updated
    • dependencies
      • @​libp2p/crypto bumped from ^5.1.19 to ^5.1.20
      • @​libp2p/interface bumped from ^3.2.3 to ^3.2.4
      • @​libp2p/peer-collections bumped from ^7.0.21 to ^7.0.22
      • @​libp2p/peer-id bumped from ^6.0.10 to ^6.0.11
      • @​libp2p/peer-record bumped from ^9.0.11 to ^9.0.12
    • devDependencies
      • @​libp2p/logger bumped from ^6.2.8 to ^6.2.9

mdns: v12.0.25

12.0.25 (2026-06-13)

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • @​libp2p/interface bumped from ^3.2.3 to ^3.2.4
      • @​libp2p/interface-internal bumped from ^3.1.6 to ^3.1.7
      • @​libp2p/peer-id bumped from ^6.0.10 to ^6.0.11
      • @​libp2p/utils bumped from ^7.2.2 to ^7.2.3
    • devDependencies

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​libp2p/bootstrap since your current version.


Updates @libp2p/crypto from 5.1.18 to 5.1.20

Release notes

Sourced from @​libp2p/crypto's releases.

crypto: v5.1.20

5.1.20 (2026-06-13)

Bug Fixes

Dependencies

  • update uint8array related deps (#3542) (54ec417)
  • The following workspace dependencies were updated
    • dependencies
      • @​libp2p/interface bumped from ^3.2.3 to ^3.2.4
Commits

Updates @libp2p/identify from 3.0.39 to 4.1.8

Release notes

Sourced from @​libp2p/identify's releases.

identify: v4.1.8

4.1.8 (2026-06-13)

Dependencies

  • update uint8array related deps (#3542) (54ec417)
  • The following workspace dependencies were updated
    • dependencies
      • @​libp2p/crypto bumped from ^5.1.19 to ^5.1.20
      • @​libp2p/interface bumped from ^3.2.3 to ^3.2.4
      • @​libp2p/interface-internal bumped from ^3.1.6 to ^3.1.7
      • @​libp2p/peer-id bumped from ^6.0.10 to ^6.0.11
      • @​libp2p/peer-record bumped from ^9.0.11 to ^9.0.12
      • @​libp2p/utils bumped from ^7.2.2 to ^7.2.3
    • devDependencies
      • @​libp2p/logger bumped from ^6.2.8 to ^6.2.9

fetch: v4.1.7

4.1.7 (2026-06-13)

Dependencies

  • update uint8array related deps (#3542) (54ec417)
  • The following workspace dependencies were updated
    • dependencies
      • @​libp2p/interface bumped from ^3.2.3 to ^3.2.4
      • @​libp2p/interface-internal bumped from ^3.1.6 to ^3.1.7
      • @​libp2p/utils bumped from ^7.2.2 to ^7.2.3
    • devDependencies
      • @​libp2p/crypto bumped from ^5.1.19 to ^5.1.20
      • @​libp2p/peer-id bumped from ^6.0.10 to ^6.0.11

echo: v3.1.7

3.1.7 (2026-06-13)

Dependencies

  • update uint8array related deps (#3542) (54ec417)
  • The following workspace dependencies were updated
    • dependencies
      • @​libp2p/interface bumped from ^3.2.3 to ^3.2.4
      • @​libp2p/interface-internal bumped from ^3.1.6 to ^3.1.7
      • @​libp2p/utils bumped from ^7.2.2 to ^7.2.3

interface-internal: v3.1.7

3.1.7 (2026-06-13)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​libp2p/identify since your current version.


Updates @libp2p/interface from 3.2.2 to 3.2.4

Release notes

Sourced from @​libp2p/interface's releases.

interface: v3.2.4

3.2.4 (2026-06-13)

Dependencies

interface: v3.2.3

3.2.3 (2026-05-30)

Dependencies

Commits

Updates @libp2p/kad-dht from 15.1.11 to 16.3.3

Release notes

Sourced from @​libp2p/kad-dht's releases.

kad-dht: v16.3.3

16.3.3 (2026-06-13)

Bug Fixes

Documentation

  • kad-dht: correct the alpha option default in the JSDoc (#3541) (5e07d59)

Dependencies

  • update uint8array related deps (#3542) (54ec417)
  • The following workspace dependencies were updated
    • dependencies
      • @​libp2p/crypto bumped from ^5.1.19 to ^5.1.20
      • @​libp2p/interface bumped from ^3.2.3 to ^3.2.4
      • @​libp2p/interface-internal bumped from ^3.1.6 to ^3.1.7
      • @​libp2p/peer-collections bumped from ^7.0.21 to ^7.0.22
      • @​libp2p/peer-id bumped from ^6.0.10 to ^6.0.11
      • @​libp2p/ping bumped from ^3.1.6 to ^3.1.7
      • @​libp2p/record bumped from ^4.0.13 to ^4.0.14
      • @​libp2p/utils bumped from ^7.2.2 to ^7.2.3
    • devDependencies
      • @​libp2p/logger bumped from ^6.2.8 to ^6.2.9
      • @​libp2p/peer-store bumped from ^12.0.21 to ^12.0.22

gossipsub: v16.0.3

16.0.3 (2026-06-13)

Bug Fixes

Dependencies

  • update uint8array related deps (#3542) (54ec417)
  • The following workspace dependencies were updated
    • dependencies
      • @​libp2p/crypto bumped from ^5.1.19 to ^5.1.20
      • @​libp2p/interface bumped from ^3.2.3 to ^3.2.4
      • @​libp2p/interface-internal bumped from ^3.1.6 to ^3.1.7
      • @​libp2p/peer-id bumped from ^6.0.10 to ^6.0.11
      • @​libp2p/utils bumped from ^7.2.2 to ^7.2.3

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​libp2p/kad-dht since your current version.


Updates @libp2p/peer-id from 5.1.9 to 6.0.11

Release notes

Sourced from @​libp2p/peer-id's releases.

peer-id: v6.0.11

6.0.11 (2026-06-13)

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • @​libp2p/crypto bumped from ^5.1.19 to ^5.1.20
      • @​libp2p/interface bumped from ^3.2.3 to ^3.2.4

crypto: v5.1.20

5.1.20 (2026-06-13)

Bug Fixes

Dependencies

  • update uint8array related deps (#3542) (54ec417)
  • The following workspace dependencies were updated
    • dependencies
      • @​libp2p/interface bumped from ^3.2.3 to ^3.2.4

peer-id: v6.0.10

6.0.10 (2026-05-30)

Dependencies

  • upgrade multiformats to 14 and multiaddr to 13.0.3 (#3526) (5b8813a)
  • upgrade to aegir v48 (#3495) (29797a5)
  • The following workspace dependencies were updated
    • dependencies
      • @​libp2p/crypto bumped from ^5.1.18 to ^5.1.19
      • @​libp2p/interface bumped from ^3.2.2 to ^3.2.3
Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​libp2p/peer-id since your current version.


Updates @libp2p/ping from 2.0.37 to 3.1.7

Release notes

Sourced from @​libp2p/ping's releases.

ping: v3.1.7

3.1.7 (2026-06-13)

Bug Fixes

Dependencies

  • update uint8array related deps (#3542) (54ec417)
  • The following workspace dependencies were updated
    • dependencies
      • @​libp2p/interface bumped from ^3.2.3 to ^3.2.4
      • @​libp2p/interface-internal bumped from ^3.1.6 to ^3.1.7
    • devDependencies
      • @​libp2p/crypto bumped from ^5.1.19 to ^5.1.20
      • @​libp2p/peer-id bumped from ^6.0.10 to ^6.0.11
      • @​libp2p/utils bumped from ^7.2.2 to ^7.2.3

echo: v3.1.7

3.1.7 (2026-06-13)

Dependencies

  • update uint8array related deps (#3542) (54ec417)
  • The following workspace dependencies were updated
    • dependencies
      • @​libp2p/interface bumped from ^3.2.3 to ^3.2.4
      • @​libp2p/interface-internal bumped from ^3.1.6 to ^3.1.7
      • @​libp2p/utils bumped from ^7.2.2 to ^7.2.3

dcutr: v3.0.22

3.0.22 (2026-06-13)

Dependencies

  • update uint8array related deps (#3542) (54ec417)
  • The following workspace dependencies were updated
    • dependencies
      • @​libp2p/interface bumped from ^3.2.3 to ^3.2.4
      • @​libp2p/interface-internal bumped from ^3.1.6 to ^3.1.7
      • @​libp2p/utils bumped from ^7.2.2 to ^7.2.3

autonat: v3.0.22

3.0.22 (2026-06-13)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​libp2p/ping since your current version.


Updates @libp2p/pnet from 2.0.47 to 3.0.23

Release notes

Sourced from @​libp2p/pnet's releases.

pnet: v3.0.23

3.0.23 (2026-06-13)

Bug Fixes

Dependencies

  • update uint8array related deps (#3542) (54ec417)
  • The following workspace dependencies were updated
    • dependencies
      • @​libp2p/interface bumped from ^3.2.3 to ^3.2.4
      • @​libp2p/utils bumped from ^7.2.2 to ^7.2.3

plaintext: v3.0.22

3.0.22 (2026-06-13)

Dependencies

  • update uint8array related deps (#3542) (54ec417)
  • The following workspace dependencies were updated
    • dependencies
      • @​libp2p/crypto bumped from ^5.1.19 to ^5.1.20
      • @​libp2p/interface bumped from ^3.2.3 to ^3.2.4
      • @​libp2p/peer-id bumped from ^6.0.10 to ^6.0.11
      • @​libp2p/utils bumped from ^7.2.2 to ^7.2.3
    • devDependencies
      • @​libp2p/crypto bumped from ^5.1.19 to ^5.1.20
      • @​libp2p/logger bumped from ^6.2.8 to ^6.2.9

dcutr: v3.0.21

3.0.21 (2026-05-30)

Dependencies

  • upgrade multiformats to 14 and multiaddr to 13.0.3 (#3526) (5b8813a)
  • upgrade to aegir v48 (#3495) (29797a5)
  • The following workspace dependencies were updated
    • dependencies
      • @​libp2p/interface bumped from ^3.2.2 to ^3.2.3
      • @​libp2p/interface-internal bumped from ^3.1.5 to ^3.1.6
      • @​libp2p/utils bumped from ^7.2.1 to ^7.2.2
      <...

      Description has been truncated

@dependabot
build(deps): bump the bsv-workspace group with 32 updates
b15ef8a 
Bumps the bsv-workspace group with 32 updates:

| Package | From | To |
| --- | --- | --- |
| [@asyncapi/generator](https://github.com/asyncapi/generator) | `3.2.2` | `3.3.0` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.9.1` | `26.0.0` |
| [ts-loader](https://github.com/TypeStrong/ts-loader) | `9.6.1` | `9.6.2` |
| [tsx](https://github.com/privatenumber/tsx) | `4.22.3` | `4.22.4` |
| [chalk](https://github.com/chalk/chalk) | `4.1.2` | `5.6.2` |
| [joi](https://github.com/hapijs/joi) | `18.2.1` | `18.2.3` |
| [@chainsafe/libp2p-noise](https://github.com/ChainSafe/js-libp2p-noise) | `16.1.5` | `17.0.0` |
| [@chainsafe/libp2p-yamux](https://github.com/ChainSafe/js-libp2p-yamux) | `7.0.4` | `8.0.1` |
| [@libp2p/bootstrap](https://github.com/libp2p/js-libp2p) | `11.0.47` | `12.0.25` |
| [@libp2p/crypto](https://github.com/libp2p/js-libp2p) | `5.1.18` | `5.1.20` |
| [@libp2p/identify](https://github.com/libp2p/js-libp2p) | `3.0.39` | `4.1.8` |
| [@libp2p/interface](https://github.com/libp2p/js-libp2p) | `3.2.2` | `3.2.4` |
| [@libp2p/kad-dht](https://github.com/libp2p/js-libp2p) | `15.1.11` | `16.3.3` |
| [@libp2p/peer-id](https://github.com/libp2p/js-libp2p) | `5.1.9` | `6.0.11` |
| [@libp2p/ping](https://github.com/libp2p/js-libp2p) | `2.0.37` | `3.1.7` |
| [@libp2p/pnet](https://github.com/libp2p/js-libp2p) | `2.0.47` | `3.0.23` |
| [@libp2p/pubsub-peer-discovery](https://github.com/libp2p/js-libp2p-pubsub-peer-discovery) | `11.0.2` | `12.0.0` |
| [@libp2p/tcp](https://github.com/libp2p/js-libp2p) | `10.1.19` | `11.0.22` |
| [@multiformats/multiaddr](https://github.com/multiformats/js-multiaddr) | `12.5.1` | `13.0.3` |
| [libp2p](https://github.com/libp2p/js-libp2p) | `2.10.0` | `3.3.4` |
| [body-parser](https://github.com/expressjs/body-parser) | `2.2.2` | `2.3.0` |
| [uuid](https://github.com/uuidjs/uuid) | `14.0.0` | `14.0.1` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `18.3.1` | `19.2.7` |
| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `18.3.29` | `19.2.17` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `18.3.1` | `19.2.7` |
| [@types/react-dom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-dom) | `18.3.7` | `19.2.3` |
| [better-sqlite3](https://github.com/WiseLibs/better-sqlite3) | `12.10.0` | `12.11.1` |
| [mysql2](https://github.com/sidorares/node-mysql2) | `3.22.3` | `3.22.5` |
| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `6.30.3` | `7.18.0` |
| [@shikijs/rehype](https://github.com/shikijs/shiki/tree/HEAD/packages/rehype) | `1.29.2` | `4.2.0` |
| [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) | `4.7.0` | `6.0.2` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.4.2` | `8.0.16` |


Updates `@asyncapi/generator` from 3.2.2 to 3.3.0
- [Release notes](https://github.com/asyncapi/generator/releases)
- [Commits](https://github.com/asyncapi/generator/compare/@asyncapi/generator@3.2.2...@asyncapi/generator@3.3.0)

Updates `@types/node` from 25.9.1 to 26.0.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `ts-loader` from 9.6.1 to 9.6.2
- [Release notes](https://github.com/TypeStrong/ts-loader/releases)
- [Changelog](https://github.com/TypeStrong/ts-loader/blob/main/CHANGELOG.md)
- [Commits](TypeStrong/ts-loader@v9.6.1...v9.6.2)

Updates `tsx` from 4.22.3 to 4.22.4
- [Release notes](https://github.com/privatenumber/tsx/releases)
- [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs)
- [Commits](privatenumber/tsx@v4.22.3...v4.22.4)

Updates `chalk` from 4.1.2 to 5.6.2
- [Release notes](https://github.com/chalk/chalk/releases)
- [Commits](chalk/chalk@v4.1.2...v5.6.2)

Updates `joi` from 18.2.1 to 18.2.3
- [Commits](hapijs/joi@v18.2.1...v18.2.3)

Updates `@chainsafe/libp2p-noise` from 16.1.5 to 17.0.0
- [Release notes](https://github.com/ChainSafe/js-libp2p-noise/releases)
- [Changelog](https://github.com/ChainSafe/js-libp2p-noise/blob/master/CHANGELOG.md)
- [Commits](ChainSafe/js-libp2p-noise@v16.1.5...v17.0.0)

Updates `@chainsafe/libp2p-yamux` from 7.0.4 to 8.0.1
- [Release notes](https://github.com/ChainSafe/js-libp2p-yamux/releases)
- [Changelog](https://github.com/ChainSafe/js-libp2p-yamux/blob/master/CHANGELOG.md)
- [Commits](ChainSafe/js-libp2p-yamux@v7.0.4...v8.0.1)

Updates `@libp2p/bootstrap` from 11.0.47 to 12.0.25
- [Release notes](https://github.com/libp2p/js-libp2p/releases)
- [Commits](libp2p/js-libp2p@mdns-v11.0.47...mdns-v12.0.25)

Updates `@libp2p/crypto` from 5.1.18 to 5.1.20
- [Release notes](https://github.com/libp2p/js-libp2p/releases)
- [Commits](libp2p/js-libp2p@crypto-v5.1.18...crypto-v5.1.20)

Updates `@libp2p/identify` from 3.0.39 to 4.1.8
- [Release notes](https://github.com/libp2p/js-libp2p/releases)
- [Commits](libp2p/js-libp2p@identify-v3.0.39...crypto-v4.1.8)

Updates `@libp2p/interface` from 3.2.2 to 3.2.4
- [Release notes](https://github.com/libp2p/js-libp2p/releases)
- [Commits](libp2p/js-libp2p@libp2p-v3.2.2...libp2p-v3.2.4)

Updates `@libp2p/kad-dht` from 15.1.11 to 16.3.3
- [Release notes](https://github.com/libp2p/js-libp2p/releases)
- [Commits](libp2p/js-libp2p@kad-dht-v15.1.11...kad-dht-v16.3.3)

Updates `@libp2p/peer-id` from 5.1.9 to 6.0.11
- [Release notes](https://github.com/libp2p/js-libp2p/releases)
- [Commits](libp2p/js-libp2p@crypto-v5.1.9...daemon-v6.0.11)

Updates `@libp2p/ping` from 2.0.37 to 3.1.7
- [Release notes](https://github.com/libp2p/js-libp2p/releases)
- [Commits](libp2p/js-libp2p@ping-v2.0.37...echo-v3.1.7)

Updates `@libp2p/pnet` from 2.0.47 to 3.0.23
- [Release notes](https://github.com/libp2p/js-libp2p/releases)
- [Commits](libp2p/js-libp2p@pnet-v2.0.47...perf-v3.0.23)

Updates `@libp2p/pubsub-peer-discovery` from 11.0.2 to 12.0.0
- [Release notes](https://github.com/libp2p/js-libp2p-pubsub-peer-discovery/releases)
- [Changelog](https://github.com/libp2p/js-libp2p-pubsub-peer-discovery/blob/main/CHANGELOG.md)
- [Commits](libp2p/js-libp2p-pubsub-peer-discovery@v11.0.2...v12.0.0)

Updates `@libp2p/tcp` from 10.1.19 to 11.0.22
- [Release notes](https://github.com/libp2p/js-libp2p/releases)
- [Commits](libp2p/js-libp2p@tcp-v10.1.19...tcp-v11.0.22)

Updates `@multiformats/multiaddr` from 12.5.1 to 13.0.3
- [Release notes](https://github.com/multiformats/js-multiaddr/releases)
- [Changelog](https://github.com/multiformats/js-multiaddr/blob/main/CHANGELOG.md)
- [Commits](multiformats/js-multiaddr@v12.5.1...v13.0.3)

Updates `libp2p` from 2.10.0 to 3.3.4
- [Release notes](https://github.com/libp2p/js-libp2p/releases)
- [Commits](libp2p/js-libp2p@libp2p-v2.10.0...libp2p-v3.3.4)

Updates `body-parser` from 2.2.2 to 2.3.0
- [Release notes](https://github.com/expressjs/body-parser/releases)
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)
- [Commits](expressjs/body-parser@v2.2.2...v2.3.0)

Updates `uuid` from 14.0.0 to 14.0.1
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v14.0.0...v14.0.1)

Updates `react` from 18.3.1 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react)

Updates `@types/react` from 18.3.29 to 19.2.17
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `react-dom` from 18.3.1 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom)

Updates `@types/react-dom` from 18.3.7 to 19.2.3
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-dom)

Updates `better-sqlite3` from 12.10.0 to 12.11.1
- [Release notes](https://github.com/WiseLibs/better-sqlite3/releases)
- [Commits](WiseLibs/better-sqlite3@v12.10.0...v12.11.1)

Updates `mysql2` from 3.22.3 to 3.22.5
- [Release notes](https://github.com/sidorares/node-mysql2/releases)
- [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md)
- [Commits](sidorares/node-mysql2@v3.22.3...v3.22.5)

Updates `react-router-dom` from 6.30.3 to 7.18.0
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/react-router-dom@7.18.0/packages/react-router-dom/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@7.18.0/packages/react-router-dom)

Updates `@shikijs/rehype` from 1.29.2 to 4.2.0
- [Release notes](https://github.com/shikijs/shiki/releases)
- [Commits](https://github.com/shikijs/shiki/commits/v4.2.0/packages/rehype)

Updates `@types/react-dom` from 18.3.7 to 19.2.3
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-dom)

Updates `@vitejs/plugin-react` from 4.7.0 to 6.0.2
- [Release notes](https://github.com/vitejs/vite-plugin-react/releases)
- [Changelog](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite-plugin-react/commits/plugin-react@6.0.2/packages/plugin-react)

Updates `vite` from 6.4.2 to 8.0.16
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.0.16/packages/vite)

---
updated-dependencies:
- dependency-name: "@asyncapi/generator"
  dependency-version: 3.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: bsv-workspace
- dependency-name: "@types/node"
  dependency-version: 26.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: ts-loader
  dependency-version: 9.6.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: bsv-workspace
- dependency-name: tsx
  dependency-version: 4.22.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: bsv-workspace
- dependency-name: chalk
  dependency-version: 5.6.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: joi
  dependency-version: 18.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: bsv-workspace
- dependency-name: "@chainsafe/libp2p-noise"
  dependency-version: 17.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: "@chainsafe/libp2p-yamux"
  dependency-version: 8.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: "@libp2p/bootstrap"
  dependency-version: 12.0.25
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: "@libp2p/crypto"
  dependency-version: 5.1.20
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: bsv-workspace
- dependency-name: "@libp2p/identify"
  dependency-version: 4.1.8
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: "@libp2p/interface"
  dependency-version: 3.2.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: bsv-workspace
- dependency-name: "@libp2p/kad-dht"
  dependency-version: 16.3.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: "@libp2p/peer-id"
  dependency-version: 6.0.11
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: "@libp2p/ping"
  dependency-version: 3.1.7
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: "@libp2p/pnet"
  dependency-version: 3.0.23
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: "@libp2p/pubsub-peer-discovery"
  dependency-version: 12.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: "@libp2p/tcp"
  dependency-version: 11.0.22
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: "@multiformats/multiaddr"
  dependency-version: 13.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: libp2p
  dependency-version: 3.3.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: body-parser
  dependency-version: 2.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: bsv-workspace
- dependency-name: uuid
  dependency-version: 14.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: bsv-workspace
- dependency-name: react
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: "@types/react"
  dependency-version: 19.2.17
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: react-dom
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: "@types/react-dom"
  dependency-version: 19.2.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: better-sqlite3
  dependency-version: 12.11.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: bsv-workspace
- dependency-name: mysql2
  dependency-version: 3.22.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: bsv-workspace
- dependency-name: react-router-dom
  dependency-version: 7.18.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: "@shikijs/rehype"
  dependency-version: 4.2.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: "@types/react-dom"
  dependency-version: 19.2.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: "@vitejs/plugin-react"
  dependency-version: 6.0.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
- dependency-name: vite
  dependency-version: 8.0.16
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: bsv-workspace
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 22, 2026
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 22, 2026
@dependabot dependabot Bot added the javascript Pull requests that update javascript code label Jun 22, 2026
@sonarqubecloud

sonarqubecloud Bot commented Jun 22, 2026

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@socket-security

socket-security Bot commented Jun 22, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Addednpm/​react-router-dom@​7.18.01001006598100
Addednpm/​@​shikijs/​rehype@​4.2.01001006995100
Addednpm/​@​libp2p/​pnet@​3.0.2376100100100100
Addednpm/​joi@​18.2.31001007997100
Addednpm/​@​libp2p/​pubsub-peer-discovery@​12.0.08010010086100
Addednpm/​@​asyncapi/​generator@​3.3.0971008197100
Addednpm/​@​types/​node@​26.0.01001008196100
Addednpm/​vite@​8.0.16991008298100
Addednpm/​@​chainsafe/​libp2p-noise@​17.0.0981009984100
Addednpm/​@​chainsafe/​libp2p-yamux@​8.0.19810010084100
Addednpm/​@​vitejs/​plugin-react@​6.0.210010010090100
Addednpm/​@​libp2p/​interface@​3.2.410010090100100
Addednpm/​@​libp2p/​crypto@​5.1.2010010090100100
Addednpm/​@​libp2p/​peer-id@​6.0.1110010091100100
Addednpm/​@​libp2p/​tcp@​11.0.229810093100100
Addednpm/​@​libp2p/​ping@​3.1.79710093100100
Addednpm/​uuid@​14.0.110010010093100
Addednpm/​ts-loader@​9.6.29910010094100
Addednpm/​@​libp2p/​kad-dht@​16.3.395100100100100
Addednpm/​@​libp2p/​bootstrap@​12.0.259710096100100
Addednpm/​libp2p@​3.3.49810010098100
Addednpm/​@​libp2p/​identify@​4.1.89810099100100

View full report

sirdeggen added a commit that referenced this pull request Jun 23, 2026
@sirdeggen @claude
chore(infra): merge dependabot PRs #222 and #223 into feat/infra-open…
83a38c2 
…telemetry

Incorporates bsv-workspace dep bumps (#222) and infra-deps bumps (#223).
Resolved conflicts by keeping OTel packages from this branch and taking
newer body-parser/axios/@google-cloud/storage versions from dependabot.
Regenerated package-lock.json files for affected infra services.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sirdeggen sirdeggen Awaiting requested review from sirdeggen sirdeggen is a code owner

@ty-everett ty-everett Awaiting requested review from ty-everett ty-everett is a code owner

@BraydenLangley BraydenLangley Awaiting requested review from BraydenLangley BraydenLangley is a code owner

@tonesnotes tonesnotes Awaiting requested review from tonesnotes tonesnotes is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants