chore(deps): bump the js-dependencies group across 1 directory with 25 updates #465

dependabot · 2026-01-13T00:47:10Z

Bumps the js-dependencies group with 25 updates in the /backend directory:

Package	From	To
@aws-sdk/client-cognito-identity-provider	`3.890.0`	`3.967.0`
@aws-sdk/client-s3	`3.890.0`	`3.967.0`
@eslint/eslintrc	`3.3.1`	`3.3.3`
@eslint/js	`9.35.0`	`9.39.2`
@smithy/types	`4.5.0`	`4.11.0`
body-parser	`2.2.0`	`2.2.2`
cross-env	`10.0.0`	`10.1.0`
dotenv	`17.2.2`	`17.2.3`
envalid	`8.1.0`	`8.1.1`
express	`5.1.0`	`5.2.1`
@types/express	`5.0.3`	`5.0.6`
get-tsconfig	`4.10.1`	`4.13.0`
rdflib	`2.2.37`	`2.3.5`
runtypes	`6.7.0`	`7.0.4`
typescript-eslint	`8.44.0`	`8.53.0`
ws	`8.18.3`	`8.19.0`
@eslint/compat	`1.3.2`	`2.0.1`
@types/cookie-parser	`1.4.9`	`1.4.10`
@types/node	`24.5.1`	`25.0.6`
@typescript-eslint/eslint-plugin	`8.44.0`	`8.53.0`
@typescript-eslint/parser	`8.44.0`	`8.53.0`
eslint	`9.35.0`	`9.39.2`
prettier	`3.6.2`	`3.7.4`
tsx	`4.20.5`	`4.21.0`
typescript	`5.8.3`	`5.9.3`

Updates @aws-sdk/client-cognito-identity-provider from 3.890.0 to 3.967.0

Release notes

Sourced from @aws-sdk/client-cognito-identity-provider's releases.

v3.967.0

3.967.0(2026-01-12)

Chores

continue on lerna changed exit code 1 (#7643) (8575e93c)

fix build versioning (#7642) (bc103bf3)

customize lerna versioning actions (#7635) (03e689b4)

codegen: update for hostPrefix fix (#7639) (eb666b56)

New Features

clients: update client endpoints as of 2026-01-12 (691a3a43)

client-billing: Cost Categories filtering support to BillingView data filter expressions through the new costCategories parameter, enabling users to filter billing views by AWS Cost Categories for more granular cost management and allocation. (419d38bf)

client-sagemaker: Added ultraServerType to the UltraServerInfo structure to support server type identification for SageMaker HyperPod (ed0201e3)

client-iot-managed-integrations: This release introduces WiFi Simple Setup (WSS) enabling device provisioning via barcode scanning with automated network discovery, authentication, and credential provisioning. Additionally, it introduces 2P Device Capability Rediscovery for updating hub-managed device capabilities post-onboarding. (0c3b5726)

Tests

core: add required CollectionName parameter to listGeofences (#7640) (a51203c4)

core/protocols: add integration test for hostPrefix (#7638) (da9b2a9a)

For list of updated packages, view updated-packages.md in assets-3.967.0.zip

v3.966.0

3.966.0(2026-01-09)

Chores

codegen:

release smithy-typescript-aws-codegen v0.41.1 (#7633) (f5048a66)

set rimraf to 5.0.10 (#7630) (367465e7)

util-arn-parser: mark arn parser internal (#7629) (7baf559c)

scripts: script to get changed package list (#7628) (a470a0e1)

New Features

clients: update client endpoints as of 2026-01-09 (060fef34)

client-medialive: MediaPackage v2 output groups in MediaLive can now accept one additional destination for single pipeline channels and up to two additional destinations for standard channels. MediaPackage v2 destinations now support sending to cross region MediaPackage channels. (ce039310)

client-bedrock-agentcore-control: Adds optional field "view" to GetMemory API input to give customers control over whether CMK encrypted data such as strategy decryption or override prompts is returned or not. (c68a59e8)

client-transcribe: Adds waiters to Amazon Transcribe. (93eb18c5)

client-glue: Adding MaterializedViews task run APIs (d430d646)

client-cloudfront: Added EntityLimitExceeded exception handling to the following API operations AssociateDistributionWebACL, AssociateDistributionTenantWebACL, UpdateDistributionWithStagingConfig (858e6e8b)

... (truncated)

Changelog

Sourced from @aws-sdk/client-cognito-identity-provider's changelog.

3.967.0 (2026-01-12)

Note: Version bump only for package @aws-sdk/client-cognito-identity-provider

3.966.0 (2026-01-09)

Note: Version bump only for package @aws-sdk/client-cognito-identity-provider

3.965.0 (2026-01-07)

Note: Version bump only for package @aws-sdk/client-cognito-identity-provider

3.964.0 (2026-01-06)

Note: Version bump only for package @aws-sdk/client-cognito-identity-provider

3.962.0 (2026-01-02)

Note: Version bump only for package @aws-sdk/client-cognito-identity-provider

3.958.0 (2025-12-23)

Note: Version bump only for package @aws-sdk/client-cognito-identity-provider

3.957.0 (2025-12-22)

... (truncated)

Commits

9c7d696 Publish v3.967.0
eb666b5 chore(codegen): update for hostPrefix fix (#7639)
8796f3a Publish v3.966.0
f5048a6 chore(codegen): release smithy-typescript-aws-codegen v0.41.1 (#7633)
1eea89d Publish v3.965.0
9a090fa chore: upgrade rimraf (#7626)
054abe7 Publish v3.964.0
821ef45 Publish v3.962.0
57ab7df Publish v3.958.0
da9c913 chore(build): generate clients without formatting prettier/eslint (#7599)
Additional commits viewable in compare view

Updates @aws-sdk/client-s3 from 3.890.0 to 3.967.0

Release notes

Sourced from @aws-sdk/client-s3's releases.

v3.967.0

3.967.0(2026-01-12)

Chores

continue on lerna changed exit code 1 (#7643) (8575e93c)

fix build versioning (#7642) (bc103bf3)

customize lerna versioning actions (#7635) (03e689b4)

codegen: update for hostPrefix fix (#7639) (eb666b56)

New Features

clients: update client endpoints as of 2026-01-12 (691a3a43)

client-billing: Cost Categories filtering support to BillingView data filter expressions through the new costCategories parameter, enabling users to filter billing views by AWS Cost Categories for more granular cost management and allocation. (419d38bf)

client-sagemaker: Added ultraServerType to the UltraServerInfo structure to support server type identification for SageMaker HyperPod (ed0201e3)

client-iot-managed-integrations: This release introduces WiFi Simple Setup (WSS) enabling device provisioning via barcode scanning with automated network discovery, authentication, and credential provisioning. Additionally, it introduces 2P Device Capability Rediscovery for updating hub-managed device capabilities post-onboarding. (0c3b5726)

Tests

core: add required CollectionName parameter to listGeofences (#7640) (a51203c4)

core/protocols: add integration test for hostPrefix (#7638) (da9b2a9a)

For list of updated packages, view updated-packages.md in assets-3.967.0.zip

v3.966.0

3.966.0(2026-01-09)

Chores

codegen:

release smithy-typescript-aws-codegen v0.41.1 (#7633) (f5048a66)

set rimraf to 5.0.10 (#7630) (367465e7)

util-arn-parser: mark arn parser internal (#7629) (7baf559c)

scripts: script to get changed package list (#7628) (a470a0e1)

New Features

clients: update client endpoints as of 2026-01-09 (060fef34)

client-medialive: MediaPackage v2 output groups in MediaLive can now accept one additional destination for single pipeline channels and up to two additional destinations for standard channels. MediaPackage v2 destinations now support sending to cross region MediaPackage channels. (ce039310)

client-bedrock-agentcore-control: Adds optional field "view" to GetMemory API input to give customers control over whether CMK encrypted data such as strategy decryption or override prompts is returned or not. (c68a59e8)

client-transcribe: Adds waiters to Amazon Transcribe. (93eb18c5)

client-glue: Adding MaterializedViews task run APIs (d430d646)

client-cloudfront: Added EntityLimitExceeded exception handling to the following API operations AssociateDistributionWebACL, AssociateDistributionTenantWebACL, UpdateDistributionWithStagingConfig (858e6e8b)

... (truncated)

Changelog

Sourced from @aws-sdk/client-s3's changelog.

3.967.0 (2026-01-12)

Note: Version bump only for package @aws-sdk/client-s3

3.966.0 (2026-01-09)

Note: Version bump only for package @aws-sdk/client-s3

3.965.0 (2026-01-07)

Note: Version bump only for package @aws-sdk/client-s3

3.964.0 (2026-01-06)

Note: Version bump only for package @aws-sdk/client-s3

3.962.0 (2026-01-02)

Note: Version bump only for package @aws-sdk/client-s3

3.958.0 (2025-12-23)

Features

client-s3: Add additional validation to Outpost bucket names. (2f30457)

... (truncated)

Commits

9c7d696 Publish v3.967.0
eb666b5 chore(codegen): update for hostPrefix fix (#7639)
8796f3a Publish v3.966.0
f5048a6 chore(codegen): release smithy-typescript-aws-codegen v0.41.1 (#7633)
1eea89d Publish v3.965.0
9a090fa chore: upgrade rimraf (#7626)
054abe7 Publish v3.964.0
821ef45 Publish v3.962.0
dbc6c8b chore(codegen): sync for waiter codegen fix (#7614)
57ab7df Publish v3.958.0
Additional commits viewable in compare view

Updates @eslint/eslintrc from 3.3.1 to 3.3.3

Release notes

Sourced from @eslint/eslintrc's releases.

eslintrc: v3.3.3

3.3.3 (2025-11-28)

Bug Fixes

release v3.3.3 because publishing v3.3.2 failed (#211) (8aa555a)

eslintrc: v3.3.2

3.3.2 (2025-11-25)

Bug Fixes

Remove name property from all and recommended configs (#200) (344da49)

Changelog

Sourced from @eslint/eslintrc's changelog.

3.3.3 (2025-11-28)

Bug Fixes

release v3.3.3 because publishing v3.3.2 failed (#211) (8aa555a)

3.3.2 (2025-11-25)

Bug Fixes

Remove name property from all and recommended configs (#200) (344da49)

Commits

fdb5298 chore: release 3.3.3 🚀 (#212)
8aa555a fix: release v3.3.3 because publishing v3.3.2 failed (#211)
a8b773d chore: release 3.3.2 🚀 (#204)
85244bb chore: switch to googleapis/release-please-action (#208)
d356360 docs: Update README sponsors
116bf03 chore: update js-yaml to version 4.1.1 (#207)
16e8d20 docs: Update README sponsors
3b089ac chore: update .gitignore to exclude shared workflows (#206)
1f6e2d1 docs: Update README sponsors
785c00b docs: Update README sponsors
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @eslint/eslintrc since your current version.

Updates @eslint/js from 9.35.0 to 9.39.2

Release notes

Sourced from @eslint/js's releases.

v9.39.2

Bug Fixes

5705833 fix: warn when eslint-env configuration comments are found (#20381) (sethamus)

Build Related

506f154 build: add .scss files entry to knip (#20391) (Milos Djermanovic)

Chores

7ca0af7 chore: upgrade to @eslint/[email protected] (#20394) (Francesco Trotta)

c43ce24 chore: package.json update for @eslint/js release (Jenkins)

4c9858e ci: add v9.x-dev branch (#20382) (Milos Djermanovic)

v9.39.1

Bug Fixes

650753e fix: Only pass node to JS lang visitor methods (#20283) (Nicholas C. Zakas)

Documentation

51b51f4 docs: add a section on when to use extends vs cascading (#20268) (Tanuj Kanti)

b44d426 docs: Update README (GitHub Actions Bot)

Chores

92db329 chore: update @eslint/js version to 9.39.1 (#20284) (Francesco Trotta)

c7ebefc chore: package.json update for @eslint/js release (Jenkins)

61778f6 chore: update eslint-config-eslint dependency @eslint/js to ^9.39.0 (#20275) (renovate[bot])

d9ca2fc ci: Add rangeStrategy to eslint group in renovate config (#20266) (唯然)

009e507 test: fix version tests for ESLint v10 (#20274) (Milos Djermanovic)

v9.39.0

Features

cc57d87 feat: update error loc to key in no-dupe-class-members (#20259) (Tanuj Kanti)

126552f feat: update error location in for-direction and no-dupe-args (#20258) (Tanuj Kanti)

167d097 feat: update complexity rule to highlight only static block header (#20245) (jaymarvelz)

Bug Fixes

15f5c7c fix: forward traversal step.args to visitors (#20253) (jaymarvelz)

5a1a534 fix: allow JSDoc comments in object-shorthand rule (#20167) (Nitin Kumar)

e86b813 fix: Use more types from @eslint/core (#20257) (Nicholas C. Zakas)

927272d fix: correct Scope typings (#20198) (jaymarvelz)

37f76d9 fix: use AST.Program type for Program node (#20244) (Francesco Trotta)

ae07f0b fix: unify timing report for concurrent linting (#20188) (jaymarvelz)

b165d47 fix: correct Rule typings (#20199) (jaymarvelz)

fb97cda fix: improve error message for missing fix function in suggestions (#20218) (jaymarvelz)

Documentation

d3e81e3 docs: Always recommend to include a files property (#20158) (Percy Ma)

0f0385f docs: use consistent naming recommendation (#20250) (Alex M. Spieslechner)

a3b1456 docs: Update README (GitHub Actions Bot)

cf5f2dd docs: fix correct tag of no-useless-constructor (#20255) (Tanuj Kanti)

10b995c docs: add TS options and examples for nofunc in no-use-before-define (#20249) (Tanuj Kanti)

2584187 docs: remove repetitive word in comment (#20242) (reddaisyy)

... (truncated)

Commits

c43ce24 chore: package.json update for @eslint/js release
c7ebefc chore: package.json update for @eslint/js release
2375a6d chore: package.json update for @eslint/js release
9e7fad4 chore: add script to auto-generate eslint:recommended configuration (#20208)
25d0e33 chore: package.json update for @eslint/js release
abee4ca chore: package.json update for @eslint/js release
90a71bf docs: update README files to add badge and instructions (#20115)
488cba6 chore: package.json update for @eslint/js release
1c0d850 fix: update eslint-all.js to use Object.freeze for rules object (#20116)
See full diff in compare view

Updates @smithy/types from 4.5.0 to 4.11.0

Release notes

Sourced from @smithy/types's releases.

@smithy/types@4.11.0

Minor Changes

9ccb841: add static union schema as a new type

@smithy/types@4.10.0

Minor Changes

5a56762: make protocol selection easier

Changelog

Sourced from @smithy/types's changelog.

4.11.0

Minor Changes

9ccb841: add static union schema as a new type

4.10.0

Minor Changes

5a56762: make protocol selection easier

4.9.0

Minor Changes

3926fd7: set release level for schemas

4.8.1

Patch Changes

6da0ab3: export used types

4.8.0

Minor Changes

8a2a912: remove usage of non-static schema classes

4.7.1

Patch Changes

052d261: fix ordering of static simple schema type

4.7.0

Minor Changes

761d89c: undeprecate socketTimeout for node:https requests

7f8af58: generation of static schema

4.6.0

Minor Changes

45ee67f: update dist-cjs generation to use rollup

Commits

521d67c Version NPM packages
9ccb841 fix(core/protocols): support for $unknown union members in schema-serde (#1820)
8b90f36 Version NPM packages
5a56762 feat(core/protocols): make protocol selection easier (#1812)
cc0124e Version NPM packages
3926fd7 feat(core/schemas): set public release level for schema API (#1766)
472a5ea Version NPM packages
6da0ab3 chore: apply eslint rule for import paths (#1755)
f7c7b82 Version NPM packages
8a2a912 chore(core/schema): deprecate prototyped schemas (#1742)
Additional commits viewable in compare view

Updates body-parser from 2.2.0 to 2.2.2

Release notes

Sourced from body-parser's releases.

v2.2.2

What's Changed

docs: update README links by @efekrskl in expressjs/body-parser#673

docs: release notes for the v1.20.4 release by @Phillip9587 in expressjs/body-parser#674

docs: update URL-encoded parser description to include ISO-8859-1 encoding support by @Phillip9587 in expressjs/body-parser#679

docs: use standard jsdoc tags everywhere by @Phillip9587 in expressjs/body-parser#677

deps: qs@^6.14.1 by @UlisesGascon in expressjs/body-parser#689

refactor(json): simplify strict mode error string construction by @jonchurch in expressjs/body-parser#693

Release: 2.2.2 by @UlisesGascon in expressjs/body-parser#691

New Contributors

@efekrskl made their first contribution in expressjs/body-parser#673

Full Changelog: expressjs/body-parser@v2.2.1...v2.2.2

v2.2.1

Important: Security

Security fix for CVE-2025-13466 (GHSA-wqch-xfxh-vrr4)

What's Changed

ci: add dependabot by @Phillip9587 in expressjs/body-parser#593

ci: use full SHAs for github action versions by @Phillip9587 in expressjs/body-parser#594

deps: type-is@^2.0.1 by @Phillip9587 in expressjs/body-parser#599

build(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by @dependabot[bot] in expressjs/body-parser#609

build(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by @dependabot[bot] in expressjs/body-parser#610

build(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by @dependabot[bot] in expressjs/body-parser#611

build(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by @dependabot[bot] in expressjs/body-parser#613

build(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by @dependabot[bot] in expressjs/body-parser#612

ci: add codeql github workflows scanning by @Phillip9587 in expressjs/body-parser#614

ci: update CodeQL config to ignore the test directory by @Phillip9587 in expressjs/body-parser#615

build(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by @dependabot[bot] in expressjs/body-parser#620

build(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by @dependabot[bot] in expressjs/body-parser#619

chore(deps): unpin devDependencies by @Phillip9587 in expressjs/body-parser#616

ci: add node.js 24 to test matrix by @Phillip9587 in expressjs/body-parser#621

build(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by @dependabot[bot] in expressjs/body-parser#623

build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @dependabot[bot] in expressjs/body-parser#624

chore: add funding to package.json by @Phillip9587 in expressjs/body-parser#617

build(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by @dependabot[bot] in expressjs/body-parser#625

build(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by @dependabot[bot] in expressjs/body-parser#630

refactor: move common request validation to read function by @Phillip9587 in expressjs/body-parser#600

deps: bump iconv-lite by @bjohansebas in expressjs/body-parser#631

doc: pull beta changelog forward into 2.0.0 by @jonchurch in expressjs/body-parser#629

refactor: optimize raw and text parsers with shared passthrough function by @Phillip9587 in expressjs/body-parser#634

build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in expressjs/body-parser#640

build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by @dependabot[bot] in expressjs/body-parser#639

build(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by @dependabot[bot] in expressjs/body-parser#636

build(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by @dependabot[bot] in expressjs/body-parser#637

build(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by @dependabot[bot] in expressjs/body-parser#638

deps: raw-body@^3.0.1 by @Phillip9587 in expressjs/body-parser#641

... (truncated)

Changelog

Sourced from body-parser's changelog.

2.2.2 / 2026-01-07

deps: qs@^6.14.1

refactor(json): simplify strict mode error string construction

2.2.1 / 2025-11-24

Security fix for GHSA-wqch-xfxh-vrr4

deps:

type-is@^2.0.1

iconv-lite@^0.7.0

Handle split surrogate pairs when encoding UTF-8

Avoid false positives in encodingExists by using prototype-less objects

raw-body@^3.0.1

debug@^4.4.3

Commits

3d24866 2.2.2 (#691)
8474a98 refactor(json): simplify strict mode error string construction (#693)
03f17c2 deps: qs@^6.14.1 (#689)
ea1f25e docs: use standard jsdoc tags everywhere (#677)
d7deef8 docs: update URL-encoded parser description to include ISO-8859-1 encoding su...
b6f52aa docs: release notes for the v1.20.4 release (#674)
2965ca4 docs: update links (#673)
d96b63d 2.2.1 (#659)
b204886 sec: security patch for CVE-2025-13466
e20e351 feat: remove history.md from being packaged on publish (#660)
Additional commits viewable in compare view

Updates cross-env from 10.0.0 to 10.1.0

Release notes

Sourced from cross-env's releases.

v10.1.0

10.1.0 (2025-09-29)

Features

add support for default value syntax (152ae6a)

For example:
"dev:server": "cross-env wrangler dev --port ${PORT:-8787}",
If PORT is already set, use that value, otherwise fallback to 8787.

Learn more about Shell Parameter Expansion

Commits

152ae6a feat: add support ofr default value syntax
bd70d1a chore: upgrade zshy
8e0b190 chore(ci): get coverage
See full diff in compare view

Updates dotenv from 17.2.2 to 17.2.3

Changelog

Sourced from dotenv's changelog.

17.2.3 (2025-09-29)

Changed

Fixed typescript error definition (#912)

Commits

affe113 17.2.3
db1ff1f changelog 🪵
7063f16 Merge pull request #913 from motdotla/new-tips
0bbe72c test against expected tips
017951b only run .js tests
39eda1f add space back
fcc030e update tips
b6c7a0d updated tips - as Dotenvx Radar has been renamed Dotenvx Ops
b3c8b16 remove unnecessary call to npx
d6e4c17 Merge pull request #912 from adjerbetian/fix/typescript-error-definition
Additional commits viewable in compare view

Updates envalid from 8.1.0 to 8.1.1

Commits

ff678f6 8.1.1
4735590 Bump vite from 7.0.0 to 7.1.5 (#236)
061b888 feat: improve IP RegExp to cover more cases (#239)
See full diff in compare view

Updates express from 5.1.0 to 5.2.1

Release notes

Sourced from express's releases.

v5.2.1

What's Changed

[!IMPORTANT]
The prior release (5.2.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.

Release: 5.2.1 by @UlisesGascon in expressjs/express#6933

Full Changelog: expressjs/express@v5.2.0...v5.2.1

v5.2.0

Important: Security

Security fix for CVE-2024-51999 (GHSA-pj86-cfqh-vqx6)

What's Changed

build(deps): bump github/codeql-action from 3.28.11 to 3.28.13 by @dependabot[bot] in expressjs/express#6429

Refactor: simplify acceptsLanguages implementation using spread operator by @Ayoub-Mabrouk in expressjs/express#6137

increased code coverage of utils.js file by @ashish3011 in expressjs/express#6386

chore: remove duplicate word by @dufucun in expressjs/express#6456

build(deps): bump github/codeql-action from 3.28.13 to 3.28.16 by @dependabot[bot] in expressjs/express#6498

build(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by @dependabot[bot] in expressjs/express#6497

build(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by @dependabot[bot] in expressjs/express#6496

ci: add node.js 24 to test matrix by @Phillip9587 in expressjs/express#6504

ci: update codeql config by @Phillip9587 in expressjs/express#6488

chore: wider range for query test skip by @jonchurch in expressjs/express#6512

chore: fix typos in test by @noritaka1166 in expressjs/express#6535

ci: disable credential persistence for checkout actions by @mertssmnoglu in expressjs/express#6522

ci: allow manual triggering of workflow by @shivarm in expressjs/express#6515

test: add coverage for app.listen() variants by @kgarg1 in expressjs/express#6476

docs: move documentation and charters to the discussions and .github … by @bjohansebas in expressjs/express#6427

build(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by @dependabot[bot] in

…5 updates Bumps the js-dependencies group with 25 updates in the /backend directory: | Package | From | To | | --- | --- | --- | | [@aws-sdk/client-cognito-identity-provider](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-cognito-identity-provider) | `3.890.0` | `3.967.0` | | [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.890.0` | `3.967.0` | | [@eslint/eslintrc](https://github.com/eslint/eslintrc) | `3.3.1` | `3.3.3` | | [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) | `9.35.0` | `9.39.2` | | [@smithy/types](https://github.com/smithy-lang/smithy-typescript/tree/HEAD/packages/types) | `4.5.0` | `4.11.0` | | [body-parser](https://github.com/expressjs/body-parser) | `2.2.0` | `2.2.2` | | [cross-env](https://github.com/kentcdodds/cross-env) | `10.0.0` | `10.1.0` | | [dotenv](https://github.com/motdotla/dotenv) | `17.2.2` | `17.2.3` | | [envalid](https://github.com/af/envalid) | `8.1.0` | `8.1.1` | | [express](https://github.com/expressjs/express) | `5.1.0` | `5.2.1` | | [@types/express](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/express) | `5.0.3` | `5.0.6` | | [get-tsconfig](https://github.com/privatenumber/get-tsconfig) | `4.10.1` | `4.13.0` | | [rdflib](https://github.com/linkeddata/rdflib.js) | `2.2.37` | `2.3.5` | | [runtypes](https://github.com/runtypes/runtypes) | `6.7.0` | `7.0.4` | | [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.44.0` | `8.53.0` | | [ws](https://github.com/websockets/ws) | `8.18.3` | `8.19.0` | | [@eslint/compat](https://github.com/eslint/rewrite/tree/HEAD/packages/compat) | `1.3.2` | `2.0.1` | | [@types/cookie-parser](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/cookie-parser) | `1.4.9` | `1.4.10` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `24.5.1` | `25.0.6` | | [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.44.0` | `8.53.0` | | [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.44.0` | `8.53.0` | | [eslint](https://github.com/eslint/eslint) | `9.35.0` | `9.39.2` | | [prettier](https://github.com/prettier/prettier) | `3.6.2` | `3.7.4` | | [tsx](https://github.com/privatenumber/tsx) | `4.20.5` | `4.21.0` | | [typescript](https://github.com/microsoft/TypeScript) | `5.8.3` | `5.9.3` | Updates `@aws-sdk/client-cognito-identity-provider` from 3.890.0 to 3.967.0 - [Release notes](https://github.com/aws/aws-sdk-js-v3/releases) - [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-cognito-identity-provider/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.967.0/clients/client-cognito-identity-provider) Updates `@aws-sdk/client-s3` from 3.890.0 to 3.967.0 - [Release notes](https://github.com/aws/aws-sdk-js-v3/releases) - [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.967.0/clients/client-s3) Updates `@eslint/eslintrc` from 3.3.1 to 3.3.3 - [Release notes](https://github.com/eslint/eslintrc/releases) - [Changelog](https://github.com/eslint/eslintrc/blob/main/CHANGELOG.md) - [Commits](eslint/eslintrc@v3.3.1...eslintrc-v3.3.3) Updates `@eslint/js` from 9.35.0 to 9.39.2 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](https://github.com/eslint/eslint/commits/v9.39.2/packages/js) Updates `@smithy/types` from 4.5.0 to 4.11.0 - [Release notes](https://github.com/smithy-lang/smithy-typescript/releases) - [Changelog](https://github.com/smithy-lang/smithy-typescript/blob/main/packages/types/CHANGELOG.md) - [Commits](https://github.com/smithy-lang/smithy-typescript/commits/@smithy/[email protected]/packages/types) Updates `body-parser` from 2.2.0 to 2.2.2 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@v2.2.0...v2.2.2) Updates `cross-env` from 10.0.0 to 10.1.0 - [Release notes](https://github.com/kentcdodds/cross-env/releases) - [Changelog](https://github.com/kentcdodds/cross-env/blob/main/CHANGELOG.md) - [Commits](kentcdodds/cross-env@v10.0.0...v10.1.0) Updates `dotenv` from 17.2.2 to 17.2.3 - [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md) - [Commits](motdotla/dotenv@v17.2.2...v17.2.3) Updates `envalid` from 8.1.0 to 8.1.1 - [Release notes](https://github.com/af/envalid/releases) - [Commits](af/envalid@v8.1.0...v8.1.1) Updates `express` from 5.1.0 to 5.2.1 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@v5.1.0...v5.2.1) Updates `@types/express` from 5.0.3 to 5.0.6 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/express) Updates `get-tsconfig` from 4.10.1 to 4.13.0 - [Release notes](https://github.com/privatenumber/get-tsconfig/releases) - [Commits](privatenumber/get-tsconfig@v4.10.1...v4.13.0) Updates `rdflib` from 2.2.37 to 2.3.5 - [Release notes](https://github.com/linkeddata/rdflib.js/releases) - [Changelog](https://github.com/linkeddata/rdflib.js/blob/main/changes.txt) - [Commits](linkeddata/rdflib.js@v2.2.37...v2.3.5) Updates `runtypes` from 6.7.0 to 7.0.4 - [Release notes](https://github.com/runtypes/runtypes/releases) - [Commits](runtypes/runtypes@v6.7.0...v7.0.4) Updates `typescript-eslint` from 8.44.0 to 8.53.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.53.0/packages/typescript-eslint) Updates `ws` from 8.18.3 to 8.19.0 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@8.18.3...8.19.0) Updates `@eslint/compat` from 1.3.2 to 2.0.1 - [Release notes](https://github.com/eslint/rewrite/releases) - [Changelog](https://github.com/eslint/rewrite/blob/main/packages/compat/CHANGELOG.md) - [Commits](https://github.com/eslint/rewrite/commits/compat-v2.0.1/packages/compat) Updates `@types/cookie-parser` from 1.4.9 to 1.4.10 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/cookie-parser) Updates `@types/express` from 5.0.3 to 5.0.6 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/express) Updates `@types/node` from 24.5.1 to 25.0.6 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@typescript-eslint/eslint-plugin` from 8.44.0 to 8.53.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.53.0/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 8.44.0 to 8.53.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.53.0/packages/parser) Updates `eslint` from 9.35.0 to 9.39.2 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v9.35.0...v9.39.2) Updates `prettier` from 3.6.2 to 3.7.4 - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](prettier/prettier@3.6.2...3.7.4) Updates `tsx` from 4.20.5 to 4.21.0 - [Release notes](https://github.com/privatenumber/tsx/releases) - [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs) - [Commits](privatenumber/tsx@v4.20.5...v4.21.0) Updates `typescript` from 5.8.3 to 5.9.3 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Commits](microsoft/TypeScript@v5.8.3...v5.9.3) --- updated-dependencies: - dependency-name: "@aws-sdk/client-cognito-identity-provider" dependency-version: 3.967.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: js-dependencies - dependency-name: "@aws-sdk/client-s3" dependency-version: 3.967.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: js-dependencies - dependency-name: "@eslint/eslintrc" dependency-version: 3.3.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: js-dependencies - dependency-name: "@eslint/js" dependency-version: 9.39.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: js-dependencies - dependency-name: "@smithy/types" dependency-version: 4.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: js-dependencies - dependency-name: body-parser dependency-version: 2.2.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: js-dependencies - dependency-name: cross-env dependency-version: 10.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: js-dependencies - dependency-name: dotenv dependency-version: 17.2.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: js-dependencies - dependency-name: envalid dependency-version: 8.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: js-dependencies - dependency-name: express dependency-version: 5.2.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: js-dependencies - dependency-name: "@types/express" dependency-version: 5.0.6 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: js-dependencies - dependency-name: get-tsconfig dependency-version: 4.13.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: js-dependencies - dependency-name: rdflib dependency-version: 2.3.5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: js-dependencies - dependency-name: runtypes dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-major dependency-group: js-dependencies - dependency-name: typescript-eslint dependency-version: 8.53.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: js-dependencies - dependency-name: ws dependency-version: 8.19.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: js-dependencies - dependency-name: "@eslint/compat" dependency-version: 2.0.1 dependency-type: direct:development update-type: version-update:semver-major dependency-group: js-dependencies - dependency-name: "@types/cookie-parser" dependency-version: 1.4.10 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: js-dependencies - dependency-name: "@types/express" dependency-version: 5.0.6 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: js-dependencies - dependency-name: "@types/node" dependency-version: 25.0.6 dependency-type: direct:development update-type: version-update:semver-major dependency-group: js-dependencies - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.53.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: js-dependencies - dependency-name: "@typescript-eslint/parser" dependency-version: 8.53.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: js-dependencies - dependency-name: eslint dependency-version: 9.39.2 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: js-dependencies - dependency-name: prettier dependency-version: 3.7.4 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: js-dependencies - dependency-name: tsx dependency-version: 4.21.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: js-dependencies - dependency-name: typescript dependency-version: 5.9.3 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: js-dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

sonarqubecloud · 2026-01-13T00:47:58Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jan 13, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the js-dependencies group across 1 directory with 25 updates #465

chore(deps): bump the js-dependencies group across 1 directory with 25 updates #465

Uh oh!

dependabot bot commented on behalf of github Jan 13, 2026 •

edited

Loading

Uh oh!

sonarqubecloud bot commented Jan 13, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

chore(deps): bump the js-dependencies group across 1 directory with 25 updates #465

Are you sure you want to change the base?

chore(deps): bump the js-dependencies group across 1 directory with 25 updates #465

Uh oh!

Conversation

dependabot bot commented on behalf of github Jan 13, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v3.967.0

3.967.0(2026-01-12)

Chores

New Features

Tests

v3.966.0

3.966.0(2026-01-09)

Chores

New Features

3.967.0 (2026-01-12)

3.966.0 (2026-01-09)

3.965.0 (2026-01-07)

3.964.0 (2026-01-06)

3.962.0 (2026-01-02)

3.958.0 (2025-12-23)

3.957.0 (2025-12-22)

v3.967.0

3.967.0(2026-01-12)

Chores

New Features

Tests

v3.966.0

3.966.0(2026-01-09)

Chores

New Features

3.967.0 (2026-01-12)

3.966.0 (2026-01-09)

3.965.0 (2026-01-07)

3.964.0 (2026-01-06)

3.962.0 (2026-01-02)

3.958.0 (2025-12-23)

Features

eslintrc: v3.3.3

3.3.3 (2025-11-28)

Bug Fixes

eslintrc: v3.3.2

3.3.2 (2025-11-25)

Bug Fixes

3.3.3 (2025-11-28)

Bug Fixes

3.3.2 (2025-11-25)

Bug Fixes

v9.39.2

Bug Fixes

Build Related

Chores

v9.39.1

Bug Fixes

Documentation

Chores

v9.39.0

Features

Bug Fixes

Documentation

@​smithy/types@​4.11.0

Minor Changes

@​smithy/types@​4.10.0

Minor Changes

4.11.0

Minor Changes

4.10.0

Minor Changes

4.9.0

Minor Changes

4.8.1

Patch Changes

4.8.0

Minor Changes

4.7.1

Patch Changes

4.7.0

Minor Changes

4.6.0

dependabot bot commented on behalf of github Jan 13, 2026 •

edited

Loading

`@smithy/types@4`.11.0

`@smithy/types@4`.10.0