chore(deps): bump the major-deps-updates-main group across 1 directory with 6 updates

[dependabot]

Bumps the major-deps-updates-main group with 6 updates in the / directory:

Package	From	To
@octokit/rest	21.1.1	22.0.0
dotenv	16.5.0	17.2.1
node-fetch	2.7.0	3.3.2
zod	3.24.4	4.0.17
@types/dotenv	6.1.1	8.2.3
@types/node	22.15.17	24.2.1

Updates @octokit/rest from 21.1.1 to 22.0.0

Release notes

Sourced from @​octokit/rest's releases.

v22.0.0

22.0.0 (2025-05-25)

Bug Fixes

• deps: update octokit monorepo (major) (#504) (77530ab)

BREAKING CHANGES

• deps: Drop support for NodeJS v18
• deps: Remove deprecated Projects endpoints
• deps: Remove deprecated Copilot usage metrics endpoints

Commits

• 77530ab fix(deps): update octokit monorepo (major) (#504)
• d07b719 build(deps): Bump vite from 6.2.5 to 6.3.4 (#509)
• 61b76da build(deps-dev): Bump http-proxy-middleware from 2.0.7 to 2.0.9 (#505)
• 1710669 chore(deps): update dependency undici to v6.21.2 [security] (#513)
• 8ef1473 build(deps): Bump vite from 6.0.11 to 6.2.5 (#503)
• 1e8306b build(deps): Bump webpack-dev-middleware and gatsby in /docs (#497)
• 3db0595 build(deps): Bump send and express in /docs (#490)
• 27f09dd build(deps-dev): Bump webpack from 5.93.0 to 5.98.0 in /docs (#494)
• 005b147 chore(deps): update dependency prismjs to v1.30.0 [security] (#493)
• 3517730 chore(deps): update dependency semantic-release-plugin-update-version-in-file...
• See full diff in compare view

Updates dotenv from 16.5.0 to 17.2.1

Changelog

Sourced from dotenv's changelog.

17.2.1 (2025-07-24)

Changed

• Fix clickable tip links by removing parentheses (#897)

17.2.0 (2025-07-09)

Added

• Optionally specify DOTENV_CONFIG_QUIET=true in your environment or .env file to quiet the runtime log (#889)
• Just like dotenv any DOTENV_CONFIG_ environment variables take precedence over any code set options like ({quiet: false})

# .env
DOTENV_CONFIG_QUIET=true
HELLO="World"

// index.js
require('dotenv').config()
console.log(`Hello ${process.env.HELLO}`)

$ node index.js
Hello World
or
$ DOTENV_CONFIG_QUIET=true node index.js

17.1.0 (2025-07-07)

Added

• Add additional security and configuration tips to the runtime log (#884)
• Dim the tips text from the main injection information text

const TIPS = [
  '🔐 encrypt with dotenvx: https://dotenvx.com',
  '🔐 prevent committing .env to code: https://dotenvx.com/precommit',
  '🔐 prevent building .env in docker: https://dotenvx.com/prebuild',
  '🛠️  run anywhere with `dotenvx run -- yourcommand`',
  '⚙️  specify custom .env file path with { path: \'/custom/path/.env\' }',
  '⚙️  enable debug logging with { debug: true }',
  '⚙️  override existing env vars with { override: true }',
  '⚙️  suppress all logs with { quiet: true }',
  '⚙️  write to custom object with { processEnv: myObject }',
</tr></table> 

... (truncated)

Commits

• 37cf55a 17.2.1
• f2d92e9 changelog 🪵
• bd27017 Merge pull request #897 from motdotla/adjust-tip-for-click
• 8a9ce45 add to tests
• 19e5ad9 adjust clickable tip
• 4186757 Merge pull request #894 from mjomble/patch-1
• 04322a6 Merge pull request #895 from andersr/add-es6-config-info-to-readme
• 1102cab Add info about ES6 import with config options
• 5566b77 Fixed link in changelog
• 11acd9f 17.2.0
• Additional commits viewable in compare view

Updates node-fetch from 2.7.0 to 3.3.2

Release notes

Sourced from node-fetch's releases.

v3.3.2

3.3.2 (2023-07-25)

Bug Fixes

• Remove the default connection close header. (#1736) (8b3320d), closes #1735 #1473

v3.3.1

3.3.1 (2023-03-11)

Bug Fixes

• release "Allow URL class object as an argument for fetch()" #1696 (#1716) (7b86e94)

v3.3.0

3.3.0 (2022-11-10)

Features

• add static Response.json (#1670) (55a4870)

v3.2.10

3.2.10 (2022-07-31)

Bug Fixes

• ReDoS referrer (#1611) (2880238)

v3.2.9

3.2.9 (2022-07-18)

Bug Fixes

• Headers: don't forward secure headers on protocol change (#1599) (e87b093)

v3.2.8

3.2.8 (2022-07-12)

Bug Fixes

• possibly flaky test (#1523) (11b7033)

... (truncated)

Commits

• 8b3320d fix: Remove the default connection close header. (#1736)
• 7b86e94 fix: release "Allow URL class object as an argument for fetch()" #1696 (#1716)
• 8ced5b9 docs: readme - non ESM example (#1707)
• 71e376b ci(release): use latest Node LTS (#1697)
• e093030 Allow URL class object as an argument for fetch() (#1696)
• 55a4870 feat: add static Response.json (#1670)
• c071406 (1138) - Fixed HTTPResponseError with correct constructor and usage (#1666)
• 6f72caa docs: fix missing comma in example (#1623)
• 2880238 fix: ReDoS referrer (#1611)
• e87b093 fix(Headers): don't forward secure headers on protocol change (#1599)
• Additional commits viewable in compare view

Updates zod from 3.24.4 to 4.0.17

Release notes

Sourced from zod's releases.

v4.0.17

Commits:

• 1cebf336c560c87e6f806b9d02106fb623049f21 Add blog (#5074)
• fc1e556318159b4740ba3d6b37660e783d2a3cb7 Fixes #5073
• cc63f950158db212c5e9b75e7d22faca851ea624 v4.0.17

v4.0.16

Commits:

• d589186c20c3dc112f5a5fda23cccd4d1f74420e fix: ensure keyof returns enum (#5045)
• 4975f3a0e9c9f0b241499d936a02f1998c66dc01 feat: add discriminator generic (#5044)
• 0a463e38e7f77b8036628ff911de515f9f9f6662 Update speakeasy files
• 12658aff60349a87972a782b64802ec901c5ebf2 Fix Edit page buttons
• 47e6604a3555811115d05bf41e50de54192e2e14 fix: edit this page button, now redirects to correct url using the new path (#5056)
• 7207a2df38caaae910551b7ecf04941b00fc10c8 Update Hey API link to Zod v3 plugin (#5060)
• 6887ff34fb9bf5f6769152cf62ba9b69fa378aac Update Hey API link to Zod plugin (#5059)
• ffff1aac6a9a88fe6e7ad2659dbc7743275ea052 Clone POJO objects during defaulting/prefaulting
• a227cb3bd22aba48412a0129650b86277adc3545 v4.0.16

v4.0.15

Commits:

• 7e7e3461aceecf3633e158df50d6bc852e7cdf45 Clean up docs
• f2949a81a06fe197c53e47c1fab024cebbd7f1f1 [docs] Fix migration guide upgrade command (#5021)
• d43cf19d5cafd505f2f8e76f13e18564470f0696 Fix recursive object initialization errors with check() and other methods (#5018)
• 3de2b6389a57a093f11ecf1820f31e5b4452c7e9 fix: remove redundant Required<> from input and output type definitions (#5033)
• 93553bd48aeac27fdeb7dcbee5b7e37628572aff Add needs info
• 03cfa8d9367c56d8c29870a83af10edc91eba34a 4.0.15

v4.0.14

Commits:

• 99391a844271558e0f1736c9550375e82e630bbd Docs: Fix typo (#5005)
• e25303e98c8d13ea96c3296507c564011f403ffe Docs: fix typo (#5008)
• dbb05ef990c86ec6b1f6eac11b91ec7572e29c89 Add JSON Schema draft-04 output (#4811)
• b8257d7d1f51dd3cb4033a58271bb6ac8e3678c7 Improve tuple recursive inference.
• 9bdbc2f10d466050421a8e28c4b95a8a5776d150 Avoid infinite loops in defineLazy. Fixes #4994.
• af96ad4700879b0d6e390a0c65ded4e700049cb9 4.0.14

v4.0.13

Commits:

• 362eb33093e9c5f306eeec95e36985a99aba8fc7 Fix optional + pipe handling. Closes #5002. v4.0.13

v4.0.12

Commits:

• ff83fc916ec2b35c0008a48782fa14f84293149d Add eslint-plugin-import-zod (#4848)
• 7c9ce388ae39b2324c5ad05420ecf4732ebca6fe Update docs for z.property check (#4863)

... (truncated)

Commits

• cc63f95 v4.0.17
• fc1e556 Fixes #5073
• 1cebf33 Add blog (#5074)
• a227cb3 v4.0.16
• ffff1aa Clone POJO objects during defaulting/prefaulting
• 6887ff3 Update Hey API link to Zod plugin (#5059)
• 7207a2d Update Hey API link to Zod v3 plugin (#5060)
• 47e6604 fix: edit this page button, now redirects to correct url using the new path...
• 12658af Fix Edit page buttons
• 0a463e3 Update speakeasy files
• Additional commits viewable in compare view

Updates @types/dotenv from 6.1.1 to 8.2.3

Commits

• See full diff in compare view

Updates @types/node from 22.15.17 to 24.2.1

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions