Bump the npm_and_yarn group across 3 directories with 6 updates

[dependabot]

Bumps the npm_and_yarn group with 1 update in the /e2e/nestjs directory: @nestjs/common.
Bumps the npm_and_yarn group with 4 updates in the /e2e/react-native directory: @babel/helpers, cookie, @remix-run/node and image-size.
Bumps the npm_and_yarn group with 1 update in the /sdk/highlight-nest directory: @nestjs/common.

Updates @nestjs/common from 10.4.15 to 11.0.14

Release notes

Sourced from @​nestjs/common's releases.

v11.0.14 (2025-04-09)

Bug fixes

• platform-fastify
  • #14511 fix(fastify): adds the non-standard http methods to the instance (@​johaven)

Committers: 1

• Johan Legrand (@​johaven)

v11.0.13 (2025-04-03)

Bug fixes

• platform-fastify
  • #14895 fix(fastify-adapter): global prefix exclusion path handling w/middleware (@​KyleLilly)
• microservices
  • #14869 fix(microservices): do not re-create client connection once get client by service name (@​mingo023)

Dependencies

• platform-express
  • #14883 fix(deps): update dependency express to v5.1.0 (@​renovate[bot])
  • #14817 fix(deps): update dependency multer to v1.4.5-lts.2 (@​renovate[bot])
• platform-fastify
  • #14861 fix(deps): update dependency fastify to v5.2.2 (@​renovate[bot])
  • #14864 chore(deps): bump @​fastify/cors from 11.0.0 to 11.0.1 (@​dependabot[bot])

Committers: 2

• Kyle Lilly (@​KyleLilly)
• Minh Ngo (@​mingo023)

v11.0.12 (2025-03-19)

Bug fixes

• core
  • #14803 fix(core): infinite loop on broken circular reference (@​kamilmysliwiec)
  • nestjs/nest#14792 dependencies not resolving for request-scoped lazy providers (@​anizozina)

Enhancements

• core
  • #14802 feat(core): add options to the legacy route converter (@​kamilmysliwiec)

v11.0.11 (2025-02-28)

Enhancements

• platform-fastify
  • #14677 perf: Switch deprecated parser querystring for fast-querystring (@​smith558)

Dependencies

• platform-fastify
  • #14711 fix(deps): update dependency @​fastify/cors to v11 (@​renovate[bot])
• platform-ws

... (truncated)

Commits

• dbc0378 chore(@​nestjs) publish v11.0.14 release
• 466e9b9 chore(@​nestjs) publish v11.0.13 release
• c58f49a chore(@​nestjs) publish v11.0.12 release
• 132c1df chore(@​nestjs) publish v11.0.11 release
• baba45e chore(@​nestjs) publish v11.0.10 release
• 3c276c9 chore(@​nestjs) publish v11.0.9 release
• de76147 fix(common): revert to original value (swc builders regression) #14430
• 1093d99 chore(@​nestjs) publish v11.0.8 release
• f81ce5f fix(common): addLeadingSlash optional group support
• 13290e9 chore(@​nestjs) publish v11.0.7 release
• Additional commits viewable in compare view

Updates @babel/helpers from 7.26.0 to 7.27.0

Release notes

Sourced from @​babel/helpers's releases.

v7.27.0 (2025-03-24)

Thanks @​ishchhabra and @​vovkasm for your first PRs!

👓 Spec Compliance

• babel-generator, babel-parser
  • #16977 Default importAttributesKeyword to with (@​JLHwung)

🚀 New Feature

• babel-helper-create-class-features-plugin, babel-traverse, babel-types
  • #17169 Allow traverseFast to exit early (@​liuxingbaoyu)
• babel-parser, babel-types
  • #17110 Add ImportAttributes to Standardized and move its parser test fixtures (@​JLHwung)
• babel-generator
  • #17100 fix(babel-generator): add named export of generate function (@​vovkasm)
• babel-parser, babel-template
  • #17149 Add allowYieldOutsideFunction to parser (@​liuxingbaoyu)
• babel-plugin-transform-typescript, babel-traverse
  • #17102 feat: Add upToScope parameter to hasBinding (@​liuxingbaoyu)
• babel-parser
  • #17082 Support ESTree AccessorProperty (@​JLHwung)
• babel-types
  • #17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@​ishchhabra)

🐛 Bug Fix

• babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • #16816 fix: Class reference in type throws error (@​liuxingbaoyu)
• babel-traverse
  • #17170 fix: Reset child scopes when scope.crawl() (@​liuxingbaoyu)
• babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #17118 Fix: align behaviour to tsc rewriteRelativeImportExtensions (@​JLHwung)
• babel-cli
  • #17182 fix: @babel/cli generates duplicate inline source maps (@​liuxingbaoyu)
• babel-plugin-transform-named-capturing-groups-regex, babel-types
  • #17175 Generate computed proto key (@​JLHwung)

🏃‍♀️ Performance

• babel-types
  • #16870 perf: Improve builders of @babel/types (@​liuxingbaoyu)
• babel-helper-create-regexp-features-plugin
  • #17176 fix: improve duplicate named groups check (@​JLHwung)

Committers: 5

• Babel Bot (@​babel-bot)
• Huáng Jùnliàng (@​JLHwung)
• Ish Chhabra (@​ishchhabra)
• Vladimir Timofeev (@​vovkasm)
• @​liuxingbaoyu

v7.26.10 (2025-03-11)

... (truncated)

Changelog

Sourced from @​babel/helpers's changelog.

v7.27.0 (2025-03-24)

👓 Spec Compliance

• babel-generator, babel-parser
  • #16977 Default importAttributesKeyword to with (@​JLHwung)

🚀 New Feature

• babel-helper-create-class-features-plugin, babel-traverse, babel-types
  • #17169 Allow traverseFast to exit early (@​liuxingbaoyu)
• babel-parser, babel-types
  • #17110 Add ImportAttributes to Standardized and move its parser test fixtures (@​JLHwung)
• babel-generator
  • #17100 fix(babel-generator): add named export of generate function (@​vovkasm)
• babel-parser, babel-template
  • #17149 Add allowYieldOutsideFunction to parser (@​liuxingbaoyu)
• babel-plugin-transform-typescript, babel-traverse
  • #17102 feat: Add upToScope parameter to hasBinding (@​liuxingbaoyu)
• babel-parser
  • #17082 Support ESTree AccessorProperty (@​JLHwung)
• babel-types
  • #17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@​ishchhabra)

🐛 Bug Fix

• babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • #16816 fix: Class reference in type throws error (@​liuxingbaoyu)
• babel-traverse
  • #17170 fix: Reset child scopes when scope.crawl() (@​liuxingbaoyu)
• babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #17118 Fix: align behaviour to tsc rewriteRelativeImportExtensions (@​JLHwung)
• babel-cli
  • #17182 fix: @babel/cli generates duplicate inline source maps (@​liuxingbaoyu)
• babel-plugin-transform-named-capturing-groups-regex, babel-types
  • #17175 Generate computed proto key (@​JLHwung)

🏃‍♀️ Performance

• babel-types
  • #16870 perf: Improve builders of @babel/types (@​liuxingbaoyu)
• babel-helper-create-regexp-features-plugin
  • #17176 fix: improve duplicate named groups check (@​JLHwung)

v7.26.10 (2025-03-11)

👓 Spec Compliance

• babel-parser
  • #17159 Disallow decorator in array pattern (@​JLHwung)

🐛 Bug Fix

• babel-parser, babel-template
  • #17164 Fix: always initialize ExportDeclaration attributes (@​JLHwung)
• babel-core
  • #17142 fix: "Map maximum size exceeded" in deepClone (@​liuxingbaoyu)

... (truncated)

Commits

• 5c350ea v7.27.0
• ca4865a Fix: align behaviour to tsc rewriteRelativeImportExtensions (#17118)
• e1ce99d v7.26.10
• d5952e8 Fix processing of replacement pattern with named capture groups (#17173)
• 64bca7b v7.26.9
• 4cf5c9e [babel 8] Use @babel/types for parser's return type (#17117)
• 2d95140 v7.26.7
• 0e6199b Make "object without properties" helpers ES6-compatible (#17086)
• cd24cc0 chore: Update TS 5.7 (#17053)
• See full diff in compare view

Updates cookie from 0.6.0 to 0.7.2

Release notes

Sourced from cookie's releases.

v0.7.2

Fixed

• Fix object assignment of hasOwnProperty (#177) bc38ffd

jshttp/cookie@v0.7.1...v0.7.2

0.7.1

Fixed

• Allow leading dot for domain (#174)
  • Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec
• Add fast path for serialize without options, use obj.hasOwnProperty when parsing (#172)

jshttp/cookie@v0.7.0...v0.7.1

0.7.0

• perf: parse cookies ~10% faster (#144 by @​kurtextrem and #170)
• fix: narrow the validation of cookies to match RFC6265 (#167 by @​bewinsnw)
• fix: add main to package.json for rspack (#166 by @​proudparrot2)

jshttp/cookie@v0.6.0...v0.7.0

Commits

• d19eaa1 0.7.2
• bc38ffd Fix object assignment of hasOwnProperty (#177)
• cf4658f 0.7.1
• 6a8b8f5 Allow leading dot for domain (#174)
• 58015c0 Remove more code and perf wins (#172)
• ab057d6 0.7.0
• 5f02ca8 Migrate history to GitHub releases
• a5d591c Migrate history to GitHub releases
• 51968f9 Skip isNaN
• 9e7ca51 perf(parse): cache length, return early (#144)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for cookie since your current version.

Updates @remix-run/node from 2.15.2 to 2.16.5

Release notes

Sourced from @​remix-run/node's releases.

v2.16.5

See the changelog for the release notes: https://github.com/remix-run/remix/blob/main/CHANGELOG.md#v2165

v2.16.4

See the changelog for the release notes: https://github.com/remix-run/remix/blob/main/CHANGELOG.md#v2164

v2.16.3

See the changelog for the release notes: https://github.com/remix-run/remix/blob/main/CHANGELOG.md#v2163

v2.16.2

See the changelog for the release notes: https://github.com/remix-run/remix/blob/main/CHANGELOG.md#v2162

v2.16.1

See the changelog for the release notes: https://github.com/remix-run/remix/blob/main/CHANGELOG.md#v2161

v2.16.0

See the changelog for the release notes: https://github.com/remix-run/remix/blob/main/CHANGELOG.md#v2160

v2.15.3

See the changelog for the release notes: https://github.com/remix-run/remix/blob/main/CHANGELOG.md#v2153

Changelog

Sourced from @​remix-run/node's changelog.

2.16.5

Patch Changes

• Bump undici to version 6.21.2 to address security advisory (#10562)
• Updated dependencies:
  • @remix-run/[email protected]

2.16.4

Patch Changes

• Updated dependencies:
  • @remix-run/[email protected]

2.16.3

Patch Changes

• Updated dependencies:
  • @remix-run/[email protected]

2.16.2

Patch Changes

• Updated dependencies:
  • @remix-run/[email protected]

2.16.1

Patch Changes

• Updated dependencies:
  • @remix-run/[email protected]

2.16.0

Patch Changes

• Updated dependencies:
  • @remix-run/[email protected]

2.15.3

Patch Changes

• Updated dependencies:
  • @remix-run/[email protected]

Commits

• 55be116 chore: Update version for release (#10577)
• a03d5c1 chore: Update version for release (pre) (#10573)
• 070ab76 chore: bump undici (#10562)
• 5cd2821 chore: Update version for release (#10561)
• f946b92 chore: Update version for release (pre) (#10560)
• c9c1da1 chore: Update version for release (#10556)
• 0d7fd9b chore: Update version for release (pre) (#10554)
• b206d9b chore: Update version for release (#10541)
• 3764a7c chore: Update version for release (pre) (#10537)
• b5b3ea6 chore: Update version for release (#10536)
• Additional commits viewable in compare view

Updates image-size from 1.2.0 to 1.2.1

Release notes

Sourced from image-size's releases.

v1.2.1

Fixes

• fix potential Denial of Service via specially crafted payloads in image-size/image-size@640a67d

Full Changelog: image-size/image-size@v1.2.0...v1.2.1

Commits

• a4178fb 1.2.1
• 640a67d fix potential Denial of Service via specially crafted payloads
• See full diff in compare view

Updates undici from 6.21.0 to 6.21.2

Release notes

Sourced from undici's releases.

v6.21.2

What's Changed

• fix(types): add missing DNS interceptor by @​slagiewka in nodejs/undici#4024
• [v6.x] fix wpts on windows by @​mcollina in nodejs/undici#4093
• Removed clients with unrecoverable errors from the Pool nodejs/undici#4088

New Contributors

• @​slagiewka made their first contribution in nodejs/undici#4024

Full Changelog: nodejs/undici@v6.21.1...v6.21.2

v6.21.1

⚠️ Security Release ⚠️

Fixes CVE CVE-2025-22150 GHSA-c76h-2ccp-4975 (embargoed until 22-01-2025).

What's Changed

• fix(#3736): back-port 183f8e9 to v6.x by @​ggoodman in nodejs/undici#3855
• fix(#3817): send servername for SNI on TLS (#3821) [backport] by @​metcoder95 in nodejs/undici#3864
• fix: sending formdata bodies with http2 (#3863) [backport] by @​metcoder95 in nodejs/undici#3866
• [Backport v6.x] fix: Fixed the issue that there is no running request when http2 goaway by @​github-actions in nodejs/undici#3877
• types: [backport] Update return type of RetryCallback (#3851) by @​metcoder95 in nodejs/undici#3876

Full Changelog: nodejs/undici@v6.21.0...v6.21.1

Commits

• b63d939 Bumped v6.21.2
• de1e4b8 [v6.x] fix wpts on windows (#4093)
• 4e07dda test: fix windows wpt (#4050)
• 1333871 Removed clients with unrecoverable errors from the Pool (#4088)
• a0e76c7 fix(types): add missing DNS interceptor (#4024)
• e260e7b Bumped v6.21.1
• c3acc60 Merge commit from fork
• 2414bc9 Update return type of RetryCallback (#3851) (#3876)
• be8cd0a [Backport v6.x] fix: Fixed the issue that there is no running request when ht...
• ee6176c fix: sending formdata bodies with http2 (#3863) [backport] (#3866)
• Additional commits viewable in compare view

Updates @nestjs/common from 10.4.15 to 11.0.14

Release notes

Sourced from @​nestjs/common's releases.

v11.0.14 (2025-04-09)

Bug fixes

• platform-fastify
  • #14511 fix(fastify): adds the non-standard http methods to the instance (@​johaven)

Committers: 1

• Johan Legrand (@​johaven)

v11.0.13 (2025-04-03)

Bug fixes

• platform-fastify
  • #14895 fix(fastify-adapter): global prefix exclusion path handling w/middleware (@​KyleLilly)
• microservices
  • #14869 fix(microservices): do not re-create client connection once get client by service name (@​mingo023)

Dependencies

• platform-express
  • #14883 fix(deps): update dependency express to v5.1.0 (@​renovate[bot])
  • #14817 fix(deps): update dependency multer to v1.4.5-lts.2 (@​renovate[bot])
• platform-fastify
  • #14861 fix(deps): update dependency fastify to v5.2.2 (@​renovate[bot])
  • #14864 chore(deps): bump @​fastify/cors from 11.0.0 to 11.0.1 (@​dependabot[bot])

Committers: 2

• Kyle Lilly (@​KyleLilly)
• Minh Ngo (@​mingo023)

v11.0.12 (2025-03-19)

Bug fixes

• core
  • #14803 fix(core): infinite loop on broken circular reference (@​kamilmysliwiec)
  • nestjs/nest#14792 dependencies not resolving for request-scoped lazy providers (@​anizozina)

Enhancements

• core
  • #14802 feat(core): add options to the legacy route converter (@​kamilmysliwiec)

v11.0.11 (2025-02-28)

Enhancements

• platform-fastify
  • #14677 perf: Switch deprecated parser querystring for fast-querystring (@​smith558)

Dependencies

• platform-fastify
  • #14711 fix(deps): update dependency @​fastify/cors to v11 (@​renovate[bot])
• platform-ws

... (truncated)

Commits

• dbc0378 chore(@​nestjs) publish v11.0.14 release
• 466e9b9 chore(@​nestjs) publish v11.0.13 release
• c58f49a chore(@​nestjs) publish v11.0.12 release
• 132c1df chore(@​nestjs) publish v11.0.11 release
• baba45e chore(@​nestjs) publish v11.0.10 release
• 3c276c9 chore(@​nestjs) publish v11.0.9 release
• de76147 fix(common): revert to original value (swc builders regression) #14430
• 1093d99 chore(@​nestjs) publish v11.0.8 release
• f81ce5f fix(common): addLeadingSlash optional group support
• 13290e9 chore(@​nestjs) publish v11.0.7 release
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml