Skip to content

chore(deps): bump the production group across 1 directory with 6 updates#56

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/production-fe30b89927
Closed

chore(deps): bump the production group across 1 directory with 6 updates#56
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/production-fe30b89927

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 6, 2026
edited
Loading

Bumps the production group with 6 updates in the / directory:

Package From To
@nestjs/common 11.1.17 11.1.18
@nestjs/core 11.1.17 11.1.18
@nestjs/platform-express 11.1.17 11.1.18
@nestjs/typeorm 11.0.0 11.0.1
axios 1.13.6 1.14.0
nodemailer 8.0.3 8.0.4

Updates @nestjs/common from 11.1.17 to 11.1.18

Release notes

Sourced from @​nestjs/common's releases.

v11.1.18 (2026-04-03)

Bug fixes

Dependencies

Committers: 6

Commits
  • 3c1cc5f chore(release): publish v11.1.18 release
  • a39e345 refactor(common): change console logger helpers to protected
  • 34f0f28 chore(deps): bump file-type from 21.3.3 to 21.3.4
  • 0e96b0a chore(deps): bump file-type from 21.3.2 to 21.3.3
  • 5a05f52 chore: update readme
  • See full diff in compare view

Updates @nestjs/core from 11.1.17 to 11.1.18

Release notes

Sourced from @​nestjs/core's releases.

v11.1.18 (2026-04-03)

Bug fixes

Dependencies

Committers: 6

Commits
  • 3c1cc5f chore(release): publish v11.1.18 release
  • 0f962c7 fix(core): sanitize sse message
  • 94aa424 Merge pull request #16679 from nestjs/renovate/path-to-regexp-8.x
  • 368691c fix(core): prevent injector hang when design:paramtypes is missing
  • 25d4fde fix(deps): update dependency path-to-regexp to v8.4.2
  • 5c0b11e fix(deps): update dependency path-to-regexp to v8.4.1
  • f7d4460 Merge pull request #16637 from JakobStaudinger/moduleref-create-transient-sco...
  • d0a9dc9 fix(deps): update dependency path-to-regexp to v8.4.0
  • 4677434 feat(core): export IEntryNestModule type
  • 7493b94 fix(core): dependency injection edge case with moduleref.create
  • Additional commits viewable in compare view

Updates @nestjs/platform-express from 11.1.17 to 11.1.18

Release notes

Sourced from @​nestjs/platform-express's releases.

v11.1.18 (2026-04-03)

Bug fixes

Dependencies

Committers: 6

Commits
  • 3c1cc5f chore(release): publish v11.1.18 release
  • 0ca5440 Merge pull request #16627 from ankitbelal/refactor/centralize-headers-and-par...
  • 25d4fde fix(deps): update dependency path-to-regexp to v8.4.2
  • 5c0b11e fix(deps): update dependency path-to-regexp to v8.4.1
  • d0a9dc9 fix(deps): update dependency path-to-regexp to v8.4.0
  • 1a14884 refactor(core): centralize headers for streamable file responses
  • 5a05f52 chore: update readme
  • See full diff in compare view

Updates @nestjs/typeorm from 11.0.0 to 11.0.1

Release notes

Sourced from @​nestjs/typeorm's releases.

Release 11.0.1

What's Changed

New Contributors

Full Changelog: nestjs/typeorm@11.0.0...11.0.1

Commits
  • 57bcd24 chore(): release v11.0.1
  • d08fc02 Merge pull request #2528 from nestjs/renovate/postgres-18.x
  • 3d42a8e Merge pull request #2566 from nestjs/renovate/cimg-node-24.x
  • 180b9c9 Merge pull request #2562 from naorpeled/feat/support-v1-of-typeorm
  • 429caa3 chore(deps): update dependency ts-jest to v29.4.9 (#2569)
  • 4473f7b chore(deps): update dependency typescript-eslint to v8.58.0 (#2568)
  • ed9f679 fix: resolve lock sync issues
  • 574b654 fix: Use ^1.0.0-dev for typeorm peer dependency range
  • f8a656a chore(deps): update node.js to v24.14.1
  • 70e63ed chore: Remove unnecessary unit tests
  • Additional commits viewable in compare view

Updates axios from 1.13.6 to 1.14.0

Release notes

Sourced from axios's releases.

v1.14.0

This release focuses on compatibility fixes, adapter stability improvements, and test/tooling modernisation.

⚠️ Important Changes

  • Breaking Changes: None identified in this release.
  • Action Required: If you rely on env-based proxy behaviour or CJS resolution edge-cases, validate your integration after upgrade (notably proxy-from-env v2 alignment and main entry compatibility fix).

🚀 New Features

  • Runtime Features: No new end-user features were introduced in this release.
  • Test Coverage Expansion: Added broader smoke/module test coverage for CJS and ESM package usage. (#7510)

🐛 Bug Fixes

  • Headers: Trim trailing CRLF in normalised header values. (#7456)
  • HTTP/2: Close detached HTTP/2 sessions on timeout to avoid lingering sessions. (#7457)
  • Fetch Adapter: Cancel ReadableStream created during request-stream capability probing to prevent async resource leaks. (#7515)
  • Proxy Handling: Fixed env proxy behavior with proxy-from-env v2 usage. (#7499)
  • CommonJS Compatibility: Fixed package main entry regression affecting CJS consumers. (#7532)

🔧 Maintenance & Chores

  • Security/Dependencies: Updated formidable and refreshed package set to newer versions. (#7533, #10556)
  • Tooling: Continued migration to Vitest and modernised CI/test harnesses. (#7484, #7489, #7498)
  • Build/Lint Stack: Rollup, ESLint, TypeScript, and related dev-dependency updates. (#7508, #7509, #7522)
  • Documentation: Clarified JSON parsing and adapter-related docs/comments. (#7398, #7460, #7478)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve Axios:

Full Changelog: v1.13.6...v1.14.0

Commits
Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Updates nodemailer from 8.0.3 to 8.0.4

Release notes

Sourced from nodemailer's releases.

v8.0.4

8.0.4 (2026-03-25)

Bug Fixes

  • sanitize envelope size to prevent SMTP command injection (2d7b971)
Changelog

Sourced from nodemailer's changelog.

8.0.4 (2026-03-25)

Bug Fixes

  • sanitize envelope size to prevent SMTP command injection (2d7b971)
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the production group across 1 directory with 6 updates
601f1a6 
Bumps the production group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@nestjs/common](https://github.com/nestjs/nest/tree/HEAD/packages/common) | `11.1.17` | `11.1.18` |
| [@nestjs/core](https://github.com/nestjs/nest/tree/HEAD/packages/core) | `11.1.17` | `11.1.18` |
| [@nestjs/platform-express](https://github.com/nestjs/nest/tree/HEAD/packages/platform-express) | `11.1.17` | `11.1.18` |
| [@nestjs/typeorm](https://github.com/nestjs/typeorm) | `11.0.0` | `11.0.1` |
| [axios](https://github.com/axios/axios) | `1.13.6` | `1.14.0` |
| [nodemailer](https://github.com/nodemailer/nodemailer) | `8.0.3` | `8.0.4` |



Updates `@nestjs/common` from 11.1.17 to 11.1.18
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.1.18/packages/common)

Updates `@nestjs/core` from 11.1.17 to 11.1.18
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.1.18/packages/core)

Updates `@nestjs/platform-express` from 11.1.17 to 11.1.18
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.1.18/packages/platform-express)

Updates `@nestjs/typeorm` from 11.0.0 to 11.0.1
- [Release notes](https://github.com/nestjs/typeorm/releases)
- [Commits](nestjs/typeorm@11.0.0...11.0.1)

Updates `axios` from 1.13.6 to 1.14.0
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.13.6...v1.14.0)

Updates `nodemailer` from 8.0.3 to 8.0.4
- [Release notes](https://github.com/nodemailer/nodemailer/releases)
- [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md)
- [Commits](nodemailer/nodemailer@v8.0.3...v8.0.4)

---
updated-dependencies:
- dependency-name: "@nestjs/common"
  dependency-version: 11.1.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: "@nestjs/core"
  dependency-version: 11.1.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: "@nestjs/platform-express"
  dependency-version: 11.1.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: "@nestjs/typeorm"
  dependency-version: 11.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: axios
  dependency-version: 1.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
- dependency-name: nodemailer
  dependency-version: 8.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Apr 6, 2026

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot requested a review from vineethkrishnan as a code owner April 6, 2026 09:43
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Apr 13, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Apr 13, 2026
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/production-fe30b89927 branch April 13, 2026 10:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vineethkrishnan vineethkrishnan Awaiting requested review from vineethkrishnan vineethkrishnan is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants