Skip to content

build(deps): bump @feathersjs/configuration from 5.0.41 to 5.0.43#1286

Merged
mergify[bot] merged 1 commit intomainfrom
dependabot/npm_and_yarn/feathersjs/configuration-5.0.43
Apr 1, 2026
Merged

build(deps): bump @feathersjs/configuration from 5.0.41 to 5.0.43#1286
mergify[bot] merged 1 commit intomainfrom
dependabot/npm_and_yarn/feathersjs/configuration-5.0.43

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 1, 2026
edited
Loading

Bumps @feathersjs/configuration from 5.0.41 to 5.0.43.

Release notes

Sourced from @​feathersjs/configuration's releases.

v5.0.43

5.0.43 (2026-03-21)

Bug Fixes

  • authentication-oauth: prevent open redirect via domain suffix attack (#3669) (9905f9f)
  • authentication-oauth: Use actual URL origin comparison for origin check (#3676) (32f04d0)
  • mongodb: Block $rename operator in _patch data by default (CWE-943) (#3665) (0526ffd)

v5.0.42

5.0.42 (2026-03-04)

Bug Fixes

  • authentication-oauth: Fix OAuth Callback Account Takeover (#3663) (d6b0b5c)
  • mongodb: Ensure arbitrary objects can't be passed as MongoDB ids (#3664) (163e664)
  • Update dependencies (#3666) (477bf45)
Changelog

Sourced from @​feathersjs/configuration's changelog.

5.0.43 (2026-03-21)

Note: Version bump only for package @​feathersjs/configuration

5.0.42 (2026-03-04)

Bug Fixes

Commits

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Apr 1, 2026
mergify[bot]
mergify bot approved these changes Apr 1, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@mergify mergify bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Automatically approving dependabot

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/feathersjs/configuration-5.0.43 branch from 82f954e to 1f6bf1f Compare April 1, 2026 01:46
@dependabot
build(deps): bump @feathersjs/configuration from 5.0.41 to 5.0.43
0583ffd 
Bumps [@feathersjs/configuration](https://github.com/feathersjs/feathers/tree/HEAD/packages/configuration) from 5.0.41 to 5.0.43.
- [Release notes](https://github.com/feathersjs/feathers/releases)
- [Changelog](https://github.com/feathersjs/feathers/blob/dove/packages/configuration/CHANGELOG.md)
- [Commits](https://github.com/feathersjs/feathers/commits/v5.0.43/packages/configuration)

---
updated-dependencies:
- dependency-name: "@feathersjs/configuration"
  dependency-version: 5.0.43
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/feathersjs/configuration-5.0.43 branch from 1f6bf1f to 0583ffd Compare April 1, 2026 01:53
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Apr 1, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@mergify mergify bot merged commit feebc30 into main Apr 1, 2026
16 checks passed
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/feathersjs/configuration-5.0.43 branch April 1, 2026 01:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mergify mergify[bot] mergify[bot] approved these changes

Assignees

@berviantoleo berviantoleo

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@berviantoleo