chore(deps): update dependency @nestjs/common to v11.0.16 [security]

[renovate-bot]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@nestjs/common (source)	11.0.10 -> 11.0.16

GitHub Vulnerability Alerts

CVE-2024-29409

File Upload vulnerability in nestjs nest prior to v.11.0.16 allows a remote attacker to execute arbitrary code via the Content-Type header.

---

Release Notes

nestjs/nest (@​nestjs/common)

v11.0.16

Compare Source

v11.0.16 (2025-04-11)

• fix(common): use file-type to validate file mimetypes by @​Chathula in https://github.com/nestjs/nest/pull/14881

v11.0.15

Compare Source

v11.0.15 (2025-04-10)

Bug fixes

• platform-fastify
  • #​14935 fix(fastify): methods comparison (@​johaven)

Committers: 1

• Johan Legrand (@​johaven)

v11.0.14

Compare Source

v11.0.14 (2025-04-09)

Bug fixes

• platform-fastify
  • #​14511 fix(fastify): adds the non-standard http methods to the instance (@​johaven)

Committers: 1

• Johan Legrand (@​johaven)

v11.0.13

Compare Source

v11.0.13 (2025-04-03)

Bug fixes

• platform-fastify
  • #​14895 fix(fastify-adapter): global prefix exclusion path handling w/middleware (@​KyleLilly)
• microservices
  • #​14869 fix(microservices): do not re-create client connection once get client by service name (@​mingo023)

Dependencies

• platform-express
  • #​14883 fix(deps): update dependency express to v5.1.0 (@​renovate[bot])
  • #​14817 fix(deps): update dependency multer to v1.4.5-lts.2 (@​renovate[bot])
• platform-fastify
  • #​14861 fix(deps): update dependency fastify to v5.2.2 (@​renovate[bot])
  • #​14864 chore(deps): bump @​fastify/cors from 11.0.0 to 11.0.1 (@​dependabot[bot])

Committers: 2

• Kyle Lilly (@​KyleLilly)
• Minh Ngo (@​mingo023)

v11.0.12

Compare Source

v11.0.12 (2025-03-19)

Bug fixes

• core
  • #​14803 fix(core): infinite loop on broken circular reference (@​kamilmysliwiec)
  • https://github.com/nestjs/nest/pull/14792 dependencies not resolving for request-scoped lazy providers (@​anizozina)

Enhancements

• core
  • #​14802 feat(core): add options to the legacy route converter (@​kamilmysliwiec)

v11.0.11

Compare Source

v11.0.11 (2025-02-28)

Enhancements

• platform-fastify
  • #​14677 perf: Switch deprecated parser querystring for fast-querystring (@​smith558)

Dependencies

• platform-fastify
  • #​14711 fix(deps): update dependency @​fastify/cors to v11 (@​renovate[bot])
• platform-ws
  • #​14689 chore(deps): bump ws from 8.18.0 to 8.18.1 (@​dependabot[bot])

Committers: 1

• Stanislav (Stanley) Modrak (@​smith558)

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 89.62%. Comparing base (27f5c66) to head (bb4b79a).
Report is 3 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2791      +/-   ##
==========================================
- Coverage   89.67%   89.62%   -0.05%     
==========================================
  Files         184      184              
  Lines        8946     8946              
  Branches     1834     1834              
==========================================
- Hits         8022     8018       -4     
- Misses        924      928       +4     

see 1 file with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.