Sourced from @​octokit/request's releases.

v9.2.3

9.2.3 (2025-04-10)

Bug Fixes

• deps: update dependency @​octokit/types to v14 (#753) (7d576b0)

v9.2.2

9.2.2 (2025-02-14)

Bug Fixes

• deps: update dependency @​octokit/request-error to v6.1.7 [security] (#740) (4b2f485)

v9.2.1

9.2.1 (2025-02-13)

Bug Fixes

• mitigate ReDos vulnerabilities & lint (#738) (6bb29ba)

v9.2.0

9.2.0 (2025-01-16)

Features

• correctly parse response bodies as JSON where the Content-Type is application/scim+json (#731) (00bf316)

v9.1.4

9.1.4 (2024-12-29)

Bug Fixes

• deps: bump @octokit/types to fix deno compat (#730) (324ffef)

v9.1.3

9.1.3 (2024-07-14)

Bug Fixes

• improve toErrorMessage (#714) (fcc5b25)

v9.1.2

9.1.2 (2024-07-13)

... (truncated)

• 7d576b0 fix(deps): update dependency @​octokit/types to v14 (#753)
• c9bfc37 build(deps): bump vite from 6.1.0 to 6.2.5 (#750)
• f7b9616 ci(prettier): use Node LTS instead of Node 16 (#748)
• 1955847 chore(deps): update dependency prettier to v3.5.3 (#745)
• b71107b chore(deps): update dependency semantic-release-plugin-update-version-in-file...
• c855943 chore(deps): update dependency prettier to v3.5.2 (#743)
• 4b2f485 fix(deps): update dependency @​octokit/request-error to v6.1.7 [security] (#740)
• 0320a42 chore(deps): update dependency prettier to v3.5.1 (#737)
• 6bb29ba fix: mitigate ReDos vulnerabilities & lint (#738)
• 34ff07e Merge commit from fork
• Additional commits viewable in compare view

Sourced from @​octokit/core's releases.

v6.1.5

6.1.5 (2025-04-10)

Bug Fixes

• deps: update dependency @​octokit/types to v14 (#731) (3700c41)

v6.1.4

6.1.4 (2025-02-13)

Bug Fixes

• deps: bump Octokit dependencies vulnerable to ReDos (#723) (582d8bd)

v6.1.3

6.1.3 (2025-01-03)

Bug Fixes

• deps: bump Octokit dependencies to fix Deno compat (#715) (e2b21bb)

v6.1.2

6.1.2 (2024-04-09)

Bug Fixes

• pkg: add default fallback and types export (#673) (af3d390), closes #665 #667

v6.1.1

6.1.1 (2024-04-03)

Bug Fixes

• deps: update dependency @​octokit/types to v13 (ade2813)

v6.1.0

6.1.0 (2024-04-03)

Features

• security: Add provenance (#671) (1c2bd25)

... (truncated)

• 3700c41 fix(deps): update dependency @​octokit/types to v14 (#731)
• fcfe306 chore(deps): bump vite from 6.1.0 to 6.2.5 (#729)
• 59c0138 ci(prettier): use Node LTS instead of Node v16 (#727)
• 7304860 chore(deps): update dependency prettier to v3.5.3 (#726)
• 768204c chore(deps): update dependency prettier to v3.5.2 (#725)
• 3105ee1 chore(deps): update dependency semantic-release-plugin-update-version-in-file...
• 2ddb327 chore(deps): update dependency prettier to v3.5.1 (#722)
• 582d8bd fix(deps): bump Octokit dependencies vulnerable to ReDos (#723)
• 4c21074 chore(deps): update dependency esbuild to ^0.25.0 (#721)
• 5fa1fe1 chore(deps-dev): bump vitest and @​vitest/coverage-v8 (#720)
• Additional commits viewable in compare view

Sourced from @​octokit/request-error's releases.

v6.1.8

6.1.8 (2025-04-10)

Bug Fixes

• deps: update dependency @​octokit/types to v14 (#505) (ab4ea7b)

v6.1.7

6.1.7 (2025-02-13)

Bug Fixes

• ReDos regex vulnerability, reported by @​DayShift (d558320874a4bc8d356babf1079e6f0056a59b9e)

v6.1.6

6.1.6 (2024-12-29)

Bug Fixes

• deps: bump @octokit/types to fix Deno compat (#483) (e01d470)

v6.1.5

6.1.5 (2024-09-24)

Bug Fixes

• types: add explicit | undefined to optional fields (#462) (43fc3bd)

v6.1.4

6.1.4 (2024-07-11)

Bug Fixes

• improve perf of request error instantiations (#444) (ba04ffa)

v6.1.3

6.1.3 (2024-07-11)

Bug Fixes

• docs: correct title in README (#443) (e24d923)

v6.1.2

6.1.2 (2024-07-10)

... (truncated)

• ab4ea7b fix(deps): update dependency @​octokit/types to v14 (#505)
• 7eba3d2 chore(deps): update dependency tinybench to v4 (#501)
• 549624b build(deps): bump vite from 6.2.2 to 6.2.5 (#504)
• 11c1adc build(deps): lock file maintenance (#502)
• de5f24d chore(deps): update dependency prettier to v3.5.3 (#499)
• ef66347 build(deps): lock file maintenance (#500)
• 787201d build(deps): lock file maintenance (#498)
• 5ab6a76 chore(deps): update dependency prettier to v3.5.2 (#497)
• f8f8c4a build(deps): lock file maintenance (#496)
• eee2491 chore(deps): update dependency prettier to v3.5.1 (#493)
• Additional commits viewable in compare view

Sourced from @​sentry/node's releases.

8.55.0

Important Changes

• chore(ci/v8): Switch lambda layer name to SentryNodeServerlessSDKv8 (#15351)

The SentryNodeServerlessSDK AWS Lambda Layer will stop receiving updates. If you intend to stay on v8 and receive updates use SentryNodeServerlessSDKv8 instead.

Other Changes

• feat(flags/v8): add Statsig browser integration (#15347)
• feat(v8/node): Add missing vercelAIIntegration export (#15339)
• feat(v8/nuxt): Add enabled to disable Sentry module (#15337) (#15381)
• feat(v8/vue): Support Pinia v3 (#15384)
• fix(astro): Add vue to registerEsmLoaderHooks (#15352)
• fix(react/v8): Support lazy-loaded routes and components (#15281)
• fix(v8/nuxt): Detect Azure Function runtime for flushing with timeout (#15297)
• fix(v8/solidstart): Do not copy release-injection map file (#15304)
• fix(v8/svelte): Guard component tracking beforeUpdate call (#15262)

Work in this release was contributed by @​aryanvdesh. Thank you for your contribution!

Bundle size 📦

Path	Size
@​sentry/browser	23.3 KB
@​sentry/browser - with treeshaking flags	23.17 KB
@​sentry/browser (incl. Tracing)	35.9 KB
@​sentry/browser (incl. Tracing, Replay)	73.27 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags	66.71 KB
@​sentry/browser (incl. Tracing, Replay with Canvas)	77.57 KB
@​sentry/browser (incl. Tracing, Replay, Feedback)	89.5 KB
@​sentry/browser (incl. Feedback)	39.51 KB
@​sentry/browser (incl. sendFeedback)	27.91 KB
@​sentry/browser (incl. FeedbackAsync)	32.71 KB
@​sentry/react	25.98 KB
@​sentry/react (incl. Tracing)	38.71 KB
@​sentry/vue	27.58 KB
@​sentry/vue (incl. Tracing)	37.75 KB
@​sentry/svelte	23.46 KB
CDN Bundle	24.49 KB
CDN Bundle (incl. Tracing)	37.6 KB
CDN Bundle (incl. Tracing, Replay)	72.9 KB
CDN Bundle (incl. Tracing, Replay, Feedback)	78.23 KB
CDN Bundle - uncompressed	71.92 KB
CDN Bundle (incl. Tracing) - uncompressed	111.52 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed	225.78 KB
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed	238.88 KB
@​sentry/nextjs (client)	38.96 KB

... (truncated)

Sourced from @​sentry/node's changelog.

8.55.0

Important Changes

• chore(ci/v8): Switch lambda layer name to SentryNodeServerlessSDKv8 (#15351)

The SentryNodeServerlessSDK AWS Lambda Layer will stop receiving updates. If you intend to stay on v8 and receive updates use SentryNodeServerlessSDKv8 instead.

Other Changes

• feat(flags/v8): add Statsig browser integration (#15347)
• feat(v8/node): Add missing vercelAIIntegration export (#15339)
• feat(v8/nuxt): Add enabled to disable Sentry module (#15337) (#15381)
• feat(v8/vue): Support Pinia v3 (#15384)
• fix(astro): Add vue to registerEsmLoaderHooks (#15352)
• fix(react/v8): Support lazy-loaded routes and components (#15281)
• fix(v8/nuxt): Detect Azure Function runtime for flushing with timeout (#15297)
• fix(v8/solidstart): Do not copy release-injection map file (#15304)
• fix(v8/svelte): Guard component tracking beforeUpdate call (#15262)

Work in this release was contributed by @​aryanvdesh. Thank you for your contribution!

8.54.0

• feat(v8/deps): Upgrade all OpenTelemetry dependencies (#15098)
• fix(node/v8): Add compatibility layer for Prisma v5 (#15210)

Work in this release was contributed by @​nwalters512. Thank you for your contribution!

8.53.0

• feat(v8/nuxt): Add url to SourcemapsUploadOptions (#15202)
• fix(v8/react): fromLocation can be undefined in Tanstack Router Instrumentation (#15237)

Work in this release was contributed by @​tannerlinsley. Thank you for your contribution!

8.52.1

• fix(v8/nextjs): Fix nextjs build warning (#15226)
• ref(v8/browser): Add protocol attributes to resource spans #15224
• ref(v8/core): Don't set this.name to new.target.prototype.constructor.name (#15222)

Work in this release was contributed by @​Zen-cronic. Thank you for your contribution!

8.52.0

Important Changes

• feat(solidstart): Add withSentry wrapper for SolidStart config (#15135)

... (truncated)

• 134fcf3 release: 8.55.0
• 23d5606 meta(changelog): Update changelog for 8.55.0 (#15388)
• f6a63bc feat(v8/nuxt): Add enabled to disable Sentry module (#15337) (#15381)
• b10978f feat(v8/vue): Support Pinia v3 (#15384)
• 6e996e0 fix(react/v8): Support lazy-loaded routes and components (#15281)
• c785829 ci(v8): Tag packages with v8 (#15358)
• 3041da7 feat(flags/v8): add Statsig browser integration (#15347)
• bffbe8b fix(v8/solidstart): Do not copy release-injection map file (#15304)
• a474841 fix(astro): Add vue to registerEsmLoaderHooks (#15352)
• c1e76e3 chore(ci/v8): Switch lambda layer name to SentryNodeServerlessSDKv8 (#15351)
• Additional commits viewable in compare view

Sourced from axios's releases.

Release v1.8.4

Release notes:

Bug Fixes

• buildFullPath: handle allowAbsoluteUrls: false without baseURL (#6833) (f10c2e0)

Contributors to this release

• Marc Hassan

Release v1.8.3

Release notes:

Bug Fixes

• add missing type for allowAbsoluteUrls (#6818) (10fa70e)
• xhr/fetch: pass allowAbsoluteUrls to buildFullPath in xhr and fetch adapters (#6814) (ec159e5)

Contributors to this release

• Ashcon Partovi
• StefanBRas
• Marc Hassan

Release v1.8.2

Release notes:

Bug Fixes

• http-adapter: add allowAbsoluteUrls to path building (#6810) (fb8eec2)

Contributors to this release

• Fasoro-Joseph Alexander

Release v1.8.1

Release notes:

Bug Fixes

• utils: move generateString to platform utils to avoid importing crypto module into client builds; (#6789) (36a5a62)

Contributors to this release

• Dmitriy Mozgovoy

Release v1.8.0

Release notes:

Bug Fixes

• examples: application crashed when navigating examples in browser (#5938) (1260ded)
• missing word in SUPPORT_QUESTION.yml (#6757) (1f890b1)
• utils: replace getRandomValues with crypto module (#6788) (23a25af)

... (truncated)

Sourced from axios's changelog.

1.8.4 (2025-03-19)

Bug Fixes

• buildFullPath: handle allowAbsoluteUrls: false without baseURL (#6833) (f10c2e0)

Contributors to this release

• Marc Hassan

1.8.3 (2025-03-10)

Bug Fixes

• add missing type for allowAbsoluteUrls (#6818) (10fa70e)
• xhr/fetch: pass allowAbsoluteUrls to buildFullPath in xhr and fetch adapters (#6814) (ec159e5)

Contributors to this release

• Ashcon Partovi
• StefanBRas
• Marc Hassan

1.8.2 (2025-03-07)

Bug Fixes

• http-adapter: add allowAbsoluteUrls to path building (#6810) (fb8eec2)

Contributors to this release

• Fasoro-Joseph Alexander

1.8.1 (2025-02-26)

Bug Fixes

• utils: move generateString to platform utils to avoid importing crypto module into client builds; (#6789) (36a5a62)

Contributors to this release

• Dmitriy Mozgovoy

1.8.0 (2025-02-25)

... (truncated)

• 9f6f97b chore(release): v1.8.4 (#6844)
• f10c2e0 fix(buildFullPath): handle allowAbsoluteUrls: false without baseURL (#6833)
• 1e6632c chore(deps): bump tj-actions/changed-files in the github-actions group (#6838)
• 39ec206 chore(release): v1.8.3 (#6819)
• 10fa70e fix: add missing type for allowAbsoluteUrls (#6818)
• 7821ef9 docs: update readme to include bun install (#6811)
• ec159e5 fix(xhr/fetch): pass allowAbsoluteUrls to buildFullPath in xhr and `fet...
• a9f7689 chore(release): v1.8.2 (#6812)
• fb8eec2 fix(http-adapter): add allowAbsoluteUrls to path building (#6810)
• 9812045 chore(sponsor): update sponsor block (#6804)
• Additional commits viewable in compare view

Sourced from vite's releases.

v5.4.18

Please refer to CHANGELOG.md for details.

v5.4.17

Please refer to CHANGELOG.md for details.

v5.4.16

Please refer to CHANGELOG.md for details.

v5.4.15

Please refer to CHANGELOG.md for details.

v5.4.14

Please refer to CHANGELOG.md for details.

v5.4.13

Please refer to CHANGELOG.md for details.

v5.4.12

This version contains a breaking change due to security fixes. See GHSA-vg6x-rcgg-rjx6 for more details.

Please refer to CHANGELOG.md for details.

v5.4.11

Please refer to CHANGELOG.md for details.

v5.4.10

Please refer to CHANGELOG.md for details.

v5.4.9

Please refer to CHANGELOG.md for details.

v5.4.8

Please refer to CHANGELOG.md for details.

v5.4.7

Please refer to CHANGELOG.md for details.

Sourced from vite's changelog.

5.4.18 (2025-04-10)

• fix: backport #19830, reject requests with # in request-target (#19831) (823675b), closes #19830 #19831

5.4.17 (2025-04-03)

• fix: backport #19782, fs check with svg and relative paths (#19784) (84b2b46), closes #19782 #19784

5.4.16 (2025-03-31)

• fix: backport #19761, fs check in transform middleware (#19762) (b627c50), closes #19761 #19762

5.4.15 (2025-03-24)

• fix: backport #19702, fs raw query with query separators (#19703) (807d7f0), closes #19702 #19703

5.4.14 (2025-01-21)

• fix: preview.allowedHosts with specific values was not respected (#19246) (9df6e6b), closes #19246
• fix: allow CORS from loopback addresses by default (#19249) (7d1699c), closes #19249

5.4.13 (2025-01-20)

• fix: try parse server.origin URL (#19241) (5946215), closes #19241

5.4.12 (2025-01-20)

• fix!: check host header to prevent DNS rebinding attacks and introduce server.allowedHosts (9da4abc)
• fix!: default server.cors: false to disallow fetching from untrusted origins (dfea38f)
• fix: verify token for HMR WebSocket connection (b71a5c8)
• chore: add deps update changelog (ecd2375)

5.4.11 (2024-11-11)

• fix(deps): update dependencies of postcss-modules (ceb15db), closes #18617

... (truncated)

• 731b77d release: v5.4.18
• 823675b fix: backport #19830, reject requests with # in request-target (#19831)
• 0a2518a release: v5.4.17
• 84b2b46 fix: backport #19782, fs check with svg and relative paths (#19784)
• 712cb71 release: v5.4.16
• b627c50 fix: backport #19761, fs check in transform middleware (#19762)
• 9b0f4c8 release: v5.4.15
• 807d7f0 fix: backport #19702, fs raw query with query separators (#19703)
• e7eb3c5 release: v5.4.14
• 7d1699c fix: allow CORS from loopback addresses by default (#19249)
• Additional commits viewable in compare view

Sourced from esbuild's releases.

v0.25.3

• Fix lowered async arrow functions before super() (#4141, #4142)

  This change makes it possible to call an async arrow function in a constructor before calling super() when targeting environments without async support, as long as the function body doesn't reference this. Here's an example (notice the change from this to null):

  // Original code
  class Foo extends Object {
    constructor() {
      (async () => await foo())()
      super()
    }
  }
  // Old output (with --target=es2016)
  class Foo extends Object {
  constructor() {
  (() => __async(this, null, function* () {
  return yield foo();
  }))();
  super();
  }
  }
  // New output (with --target=es2016)
  class Foo extends Object {
  constructor() {
  (() => __async(null, null, function* () {
  return yield foo();
  }))();
  super();
  }
  }

  Some background: Arrow functions with the async keyword are transformed into generator functions for older language targets such as --target=es2016. Since arrow functions capture this, the generated code forwards this into the body of the generator function. However, JavaScript class syntax forbids using this in a constructor before calling super(), and this forwarding was problematic since previously happened even when the function body doesn't use this. Starting with this release, esbuild will now only forward this if it's used within the function body.

  This fix was contributed by @​magic-akari.

• Fix memory leak with --watch=true (#4131, #4132)

  This release fixes a memory leak with esbuild when --watch=true is used instead of --watch. Previously using --watch=true caused esbuild to continue to use more and more memory for every rebuild, but --watch=true should now behave like --watch and not leak memory.

  This bug happened because esbuild disables the garbage collector when it's not run as a long-lived process for extra speed, but esbuild's checks for which arguments cause esbuild to be a long-lived process weren't updated for the new --watch=true style of boolean command-line flags. This has been an issue since this boolean flag syntax was added in version 0.14.24 in 2022. These checks are unfortunately separate from the regular argument parser because of how esbuild's internals are organized (the command-line interface is exposed as a separate Go API so you can build your own custom esbuild CLI).

  This fix was contributed by @​mxschmitt.

• More concise output for repeated legal comments (#4139)

  Some libraries have many files and also use the same legal comment text in all files. Previously esbuild would copy each legal comment to the output file. Starting with this release, legal comments duplicated across separate files will now be grouped in the output file by unique comment content.

... (truncated)

Sourced from esbuild's changelog.

Changelog: 2024

This changelog documents all esbuild versions published in the year 2024 (versions 0.19.12 through 0.24.2).

0.24.2

• Fix regression with --define and import.meta (#4010, #4012, #4013)

  The previous change in version 0.24.1 to use a more expression-like parser for define values to allow quoted property names introduced a regression that removed the ability to use --define:import.meta=.... Even though import is normally a keyword that can't be used as an identifier, ES modules special-case the import.meta expression to behave like an identifier anyway. This change fixes the regression.

  This fix was contributed by @​sapphi-red.

0.24.1

• Allow es2024 as a target in tsconfig.json (#4004)

  TypeScript recently added es2024 as a compilation target, so esbuild now supports this in the target field of tsconfig.json files, such as in the following configuration file:

  {
    "compilerOptions": {
      "target": "ES2024"
    }
  }

  As a reminder, the only thing that esbuild uses this field for is determining whether or not to use legacy TypeScript behavior for class fields. You can read more in the documentation.

  This fix was contributed by @​billyjanitsch.

• Allow automatic semicolon insertion after get/set

  This change fixes a grammar bug in the parser that incorrectly treated the following code as a syntax error:

  class Foo {
    get
    *x() {}
    set
    *y() {}
  }

  The above code will be considered valid starting with this release. This change to esbuild follows a similar change to TypeScript which will allow this syntax starting with TypeScript 5.7.

• Allow quoted property names in --define and --pure (#4008)

  The define and pure API options now accept identifier expressions containing quoted property names. Previously all identifiers in the identifier expression had to be bare identifiers. This change now makes --define and --pure consistent with --global-name, which already supported quoted property names. For example, the following is now possible:

... (truncated)

• 677910b publish 0.25.3 to npm
• a41040e fix #4110: support custom non-IP host values
• dfe0e1c fix #4114: add a limit to css nesting expansion
• a54916b fix #4139: deduplicate repeated legal comments
• dc60e60 run make update-compat-table
• d917038 fix #4144: node path resolution edge case
• 7ed1684 fix #4141: Avoid redundant this access during async function lowering (#4142)
• edc3a23 docs(dev): update alias command for make test-go (#4113)
• 1ee8b67 workaround process.exit() not exiting in node
• 5c56e07 changelog note with credit for the fix
• Additional commits viewable in compare view

Sourced from @​vitejs/plugin-react's releases.

[email protected]

Fix type issue when using moduleResolution: "node" in tsconfig #462

[email protected]

Make compatible with rolldown-vite

This plugin is now compatible with rolldown-powered version of Vite. Note that currently the __source property value position might be incorrect. This will be fixed in the near future.

[email protected]

Add reactRefreshHost option

Add reactRefreshHost option to set a React Fast Refresh runtime URL prefix. This is useful in a module federation context to enable HMR by specifying the host application URL in the Vite config of a remote application. See full discussion here: module-federation/vite#183

export default defineConfig({
  plugins: [react({ reactRefreshHost: 'http://localhost:3000' })],
})

[email protected]

No release notes provided.

[email protected]

Add Vite 6 to peerDependencies range

Vite 6 is highly backward compatible, not much to add!

Force Babel to output spec compliant import attributes #386

The default was an old spec (with type: "json"). We now enforce spec compliant (with { type: "json" })

[email protected]

React Compiler runtimeModule option removed

React Compiler was updated to accept a target option and runtimeModule was removed. vite-plugin-react will still detect runtimeModule for backwards compatibility.

When using a custom runtimeModule or target !== '19', the plugin will not try to pre-optimize react/compiler-runtime dependency.

The react-compiler-runtime is now available on npm can be used instead of the local shim for people using the compiler with React < 19.

Here is the configuration to use the compiler with React 18 and correct source maps in development:

npm install babel-plugin-react-compiler react-compiler-runtime @babel/plugin-transform-react-jsx-development

</tr></table> 

... (truncated)

Sourced from @​vitejs/plugin-react's changelog.

4.4.1 (2025-04-19)

Fix type issue when using moduleResolution: "node" in tsconfig #462

4.4.0 (2025-04-15)

Make compatible with rolldown-vite

This plugin is now compatible with rolldown-powered version of Vite. Note that currently the __source property value position might be incorrect. This will be fixed in the near future.

4.4.0-beta.2 (2025-04-15)

Add reactRefreshHost option

Add reactRefreshHost option to set a React Fast Refresh runtime URL prefix. This is useful in a module federation context to enable HMR by specifying the host application URL in the Vite config of a remote application. See full discussion here: module-federation/vite#183

export default defineConfig({
  plugins: [react({ reactRefreshHost: 'http://localhost:3000' })],
})

4.4.0-beta.1 (2025-04-09)

4.4.0-beta.0 (2025-04-09)

4.3.4 (2024-11-26)

Add Vite 6 to peerDependencies range

Vite 6 is highly backward compatible, not much to add!

Force Babel to output spec compliant import attributes #386

The default was an old spec (with type: "json"). We now enforce spec compliant (with { type: "json" })

4.3.3 (2024-10-19)

React Compiler runtimeModule option removed

React Compiler was updated to accept a target option and runtimeModule was removed. vite-plugin-react will still detect runtimeModule for backwards compatibility.

When using a custom runtimeModule or target !== '19', the plugin will not try to pre-optimize react/compiler-runtime dependency.

The react-compiler-runtime is now available on npm can be used instead of the local shim for people using the compiler with React < 19.

Here is the configuration to use the compiler with React 18 and correct source maps in development:

... (truncated)