Bump the npm-dependencies group across 1 directory with 25 updates

[dependabot]

Bumps the npm-dependencies group with 25 updates in the / directory:

Package	From	To
debug	4.4.0	4.4.3
express	4.21.2	5.2.1
express-rate-limit	7.5.0	8.2.1
express-slow-down	2.0.3	3.0.1
helmet	8.0.0	8.1.0
http-errors	2.0.0	2.0.1
i18next-browser-languagedetector	8.0.2	8.2.0
i18next-http-backend	3.0.1	3.0.2
morgan	1.10.0	1.10.1
react-i18next	15.3.0	16.5.0
system-sleep	1.3.7	1.3.8
@babel/core	7.26.0	7.28.5
@babel/preset-env	7.26.0	7.28.5
@babel/preset-react	7.26.3	7.28.5
babel-loader	9.2.1	10.0.0
bootstrap	5.3.3	5.3.8
eslint	9.17.0	9.39.2
i18next	24.2.0	25.7.2
mocha	11.0.1	11.7.5
react	19.0.0	19.2.3
react-bootstrap	2.10.7	2.10.10
react-dom	19.0.0	19.2.3
react-router-dom	7.1.1	7.10.1
supertest	7.0.0	7.1.4
webpack	5.97.1	5.103.0

Updates debug from 4.4.0 to 4.4.3

Release notes

Sourced from debug's releases.

4.4.3

Functionally identical release to 4.4.1.

Version 4.4.2 is compromised. Please see debug-js/debug#1005.

4.4.1

What's Changed

• fix(Issue-996): replace whitespaces in namespaces string with commas globally by @​pdahal-cx in debug-js/debug#997
• fixes #987 fallback to localStorage.DEBUG if debug is not defined by @​lzilioli in debug-js/debug#988

New Contributors

• @​pdahal-cx made their first contribution in debug-js/debug#997
• @​lzilioli made their first contribution in debug-js/debug#988

Full Changelog: debug-js/debug@4.4.0...4.4.1

Commits

• 6b2c5fb 4.4.3
• 33330fa 4.4.1
• 98df33e remove istanbul
• bf2f574 fixes #987 fallback to localStorage.DEBUG if debug is not defined (#988)
• a0497bd Replace whitespaces in namespaces string with commas globally instead of just...
• See full diff in compare view

Updates express from 4.21.2 to 5.2.1

Release notes

Sourced from express's releases.

v5.2.1

What's Changed

[!IMPORTANT]
The prior release (5.2.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.

• Release: 5.2.1 by @​UlisesGascon in expressjs/express#6933

Full Changelog: expressjs/express@v5.2.0...v5.2.1

v5.2.0

Important: Security

• Security fix for CVE-2024-51999 (GHSA-pj86-cfqh-vqx6)

What's Changed

• build(deps): bump github/codeql-action from 3.28.11 to 3.28.13 by @​dependabot[bot] in expressjs/express#6429
• Refactor: simplify acceptsLanguages implementation using spread operator by @​Ayoub-Mabrouk in expressjs/express#6137
• increased code coverage of utils.js file by @​ashish3011 in expressjs/express#6386
• chore: remove duplicate word by @​dufucun in expressjs/express#6456
• build(deps): bump github/codeql-action from 3.28.13 to 3.28.16 by @​dependabot[bot] in expressjs/express#6498
• build(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by @​dependabot[bot] in expressjs/express#6497
• build(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by @​dependabot[bot] in expressjs/express#6496
• ci: add node.js 24 to test matrix by @​Phillip9587 in expressjs/express#6504
• ci: update codeql config by @​Phillip9587 in expressjs/express#6488
• chore: wider range for query test skip by @​jonchurch in expressjs/express#6512
• chore: fix typos in test by @​noritaka1166 in expressjs/express#6535
• ci: disable credential persistence for checkout actions by @​mertssmnoglu in expressjs/express#6522
• ci: allow manual triggering of workflow by @​shivarm in expressjs/express#6515
• test: add coverage for app.listen() variants by @​kgarg1 in expressjs/express#6476
• docs: move documentation and charters to the discussions and .github … by @​bjohansebas in expressjs/express#6427
• build(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by @​dependabot[bot] in expressjs/express#6549
• build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @​dependabot[bot] in expressjs/express#6548
• chore: enforce explicit Buffer import and add lint rule by @​shivarm in expressjs/express#6525
• chore: use node protocol for querystring by @​shivarm in expressjs/express#6520
• chore: fix typo by @​mountdisk in expressjs/express#6609
• build(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by @​dependabot[bot] in expressjs/express#6618
• add deprecation warnings for redirect arguments undefined by @​bjohansebas in expressjs/express#6405
• ci: run CI when the markdown changes by @​bjohansebas in expressjs/express#6632
• doc: fix CONTRIBUTING link by @​jonchurch in expressjs/express#6653
• doc: update contributing guidelines and code of conduct links by @​ShubhamOulkar in expressjs/express#6601
• build(deps-dev): bump morgan from 1.10.0 to 1.10.1 by @​dependabot[bot] in expressjs/express#6679
• build(deps-dev): bump cookie-session from 2.1.0 to 2.1.1 by @​dependabot[bot] in expressjs/express#6678
• lint: add --fix flag to automatic fix linting issue by @​shivarm in expressjs/express#6644
• chore: ignore yarn.lock file and update example by @​shivarm in expressjs/express#6588
• lib: use req.socket over deprecated req.connection by @​bjohansebas in expressjs/express#6705
• doc: update express app example by @​shivarm in expressjs/express#6718
• build(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by @​dependabot[bot] in expressjs/express#6675
• Remove history.md from being packaged on publish by @​sheplu in expressjs/express#6780

... (truncated)

Changelog

Sourced from express's changelog.

5.2.1 / 2025-12-01

• Revert security fix for CVE-2024-51999 (GHSA-pj86-cfqh-vqx6)
  • The prior release (5.2.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.

5.2.0 / 2025-12-01

• Security fix for CVE-2024-51999 (GHSA-pj86-cfqh-vqx6)
• deps: body-parser@^2.2.1
• A deprecation warning was added when using res.redirect with undefined arguments, Express now emits a warning to help detect calls that pass undefined as the status or URL and make them easier to fix.

5.1.0 / 2025-03-31

• Add support for Uint8Array in res.send()
• Add support for ETag option in res.sendFile()
• Add support for multiple links with the same rel in res.links()
• Add funding field to package.json
• perf: use loop for acceptParams
• refactor: prefix built-in node module imports
• deps: remove setprototypeof
• deps: remove safe-buffer
• deps: remove utils-merge
• deps: remove methods
• deps: remove depd
• deps: debug@^4.4.0
• deps: body-parser@^2.2.0
• deps: router@^2.2.0
• deps: content-type@^1.0.5
• deps: finalhandler@^2.1.0
• deps: qs@^6.14.0
• deps: [email protected]
• deps: [email protected]

5.0.1 / 2024-10-08

• Update cookie semver lock to address CVE-2024-47764

5.0.0 / 2024-09-10

• remove:
  • path-is-absolute dependency - use path.isAbsolute instead
• breaking:
  • res.status() accepts only integers, and input must be greater than 99 and less than 1000
    • will throw a RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000. for inputs outside this range
    • will throw a TypeError: Invalid status code: ${code}. Status code must be an integer. for non integer inputs
  • deps: [email protected]

... (truncated)

Commits

• dbac741 5.2.1
• 697547c Revert "sec: security patch for CVE-2024-51999"
• 4007ad1 Release: 5.2.0 (#6920)
• 2f64f68 sec: security patch for CVE-2024-51999
• ed0ba3f build(deps): bump actions/checkout from 5.0.0 to 6.0.0 (#6928)
• 8eace46 build(deps): bump github/codeql-action from 4.31.2 to 4.31.6 (#6929)
• 30bae81 build(deps): bump coverallsapp/github-action from 2.3.6 to 2.3.7 (#6930)
• 758d435 deps: body-parser@^2.2.1 (#6922)
• 77bcd52 docs: update emeritus triagers (#6890)
• f33caf1 Nominate to @​efekrskl for triage team (#6888)
• Additional commits viewable in compare view

Updates express-rate-limit from 7.5.0 to 8.2.1

Release notes

Sourced from express-rate-limit's releases.

v8.2.1

You can view the changelog here.

v8.2.0

You can view the changelog here.

v8.1.0

You can view the changelog here.

v8.0.1

You can view the changelog here.

v8.0.0

You can view the changelog here.

v7.5.1

Changed

• Narrowed type of standardHeaders from string to just the supported values via a TypeScript const assertion (#506)

---

You can view the full changelog here.

Commits

• fe1604d 8.2.1
• b11c05b Fix: don't warn for extra config from express-slow-down (#580)
• 3734733 8.2.0
• 962d737 feat: Unknown Options validation check (#578)
• 992c15c chore(deps-dev): bump the development-dependencies group with 3 updates (#579)
• 449a28a chore(deps-dev): bump the development-dependencies group across 1 directory w...
• ceaff6f chore(deps-dev): bump @​biomejs/biome from 2.2.5 to 2.2.6 (#574)
• 4fccb9e chore(deps-dev): bump lint-staged from 16.2.4 to 16.2.5 (#573)
• b597770 Rework dependabot grouping
• 03e8336 chore(deps-dev): bump mintlify from 4.2.114 to 4.2.175 (#572)
• Additional commits viewable in compare view

Updates express-slow-down from 2.0.3 to 3.0.1

Changelog

Sourced from express-slow-down's changelog.

v3.0.1

Fixed

• Only pass supported options to express-rate-limit to avoid triggering warning added for unexpected options in ERL v8.2.0

v3.0.0

Added

• Added support for grouping IPv6 addresses by subnet (defaults to /56) via upgrading express-rate-limit dependency to 8.x

v2.1.0

Fixed

• Changed distributed JS to no longer bundle in express-rate-limit, instead using the version installed via npm. This enables several new express-rate-limit features that have been released since v7.0.1.

Commits

• 6f81216 3.0.1
• 7bb950e v3.0.1 changelog
• 599ec11 Merge pull request #67 from express-rate-limit/fix-erl-options
• e3a6574 add reminder to strip new options before passing to ERL
• c1156a7 Merge pull request #68 from express-rate-limit/typo
• 3ce5fdf Fix typos
• 471171d Fix: don't pass extra options to express-rate-limit
• 0b73eee 3.0.0
• 3719920 Merge pull request #65 from express-rate-limit/update-erl
• 3b3dd64 semver major in changelog
• Additional commits viewable in compare view

Updates helmet from 8.0.0 to 8.1.0

Changelog

Sourced from helmet's changelog.

8.1.0 - 2025-03-17

Changed

• Content-Security-Policy gives a better error when a directive value, like self, should be quoted. See #482

Commits

• 57e1b39 8.1.0
• c8efbe3 Update changelog for 8.1.0 release
• 3396804 Add 8.0.0 release date to changelog
• 52dd8eb Content-Security-Policy: better error when value should be quoted
• 4af4777 Use built-in test runner (instead of Jest)
• ba10272 Organize imports
• e0f1387 Update devDependencies to latest versions
• 842393c Check types during npm test, run in parallel
• 77fbe3a Strict-Transport-Security: fix documentation for default max-age
• 632e629 Update license year for 2025
• See full diff in compare view

Updates http-errors from 2.0.0 to 2.0.1

Release notes

Sourced from http-errors's releases.

v2.0.1

What's Changed

• Add support for OSSF scorecard reporting by @​carpasse in jshttp/http-errors#107
• refactor: improve toClassName function readability and JSDoc completeness by @​Ayoub-Mabrouk in jshttp/http-errors#112
• chore: upgrade scorecard workflow pinned action versions by @​carpasse in jshttp/http-errors#113
• Add test for extending native errors w/o altering prototype by @​jonchurch in jshttp/http-errors#106
• remove --bail from test script by @​jonchurch in jshttp/http-errors#114
• [StepSecurity] Apply security best practices by @​step-security-bot in jshttp/http-errors#116
• build(deps): bump actions/checkout from 2.7.0 to 4.2.2 by @​dependabot[bot] in jshttp/http-errors#117
• build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.2 by @​dependabot[bot] in jshttp/http-errors#118
• build(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 by @​dependabot[bot] in jshttp/http-errors#119
• build(deps): bump actions/upload-artifact from 4.5.0 to 4.6.2 by @​dependabot[bot] in jshttp/http-errors#121
• build(deps): bump github/codeql-action from 3.27.9 to 3.28.18 by @​dependabot[bot] in jshttp/http-errors#123
• fix: use ubuntu-latest as ci runner by @​UlisesGascon in jshttp/http-errors#124
• remove --bail by @​jonchurch in jshttp/http-errors#125
• deps: update statuses and switch fixed versions to tilde (~) by @​Phillip9587 in jshttp/http-errors#126
• chore: add funding to package.json by @​Phillip9587 in jshttp/http-errors#130
• build(deps): bump github/codeql-action from 3.28.18 to 3.29.5 by @​dependabot[bot] in jshttp/http-errors#131
• ci: add nodejs v18 - v24 to test matrix by @​Phillip9587 in jshttp/http-errors#127
• build(deps-dev): bump eslint-plugin-import from 2.25.3 to 2.32.0 by @​dependabot[bot] in jshttp/http-errors#129
• build(deps): bump github/codeql-action from 3.29.7 to 3.29.11 by @​dependabot[bot] in jshttp/http-errors#133
• build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @​dependabot[bot] in jshttp/http-errors#132
• build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by @​dependabot[bot] in jshttp/http-errors#138
• build(deps): bump github/codeql-action from 3.29.11 to 4.31.2 by @​dependabot[bot] in jshttp/http-errors#137
• build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by @​dependabot[bot] in jshttp/http-errors#134
• Release: 2.0.1 by @​UlisesGascon in jshttp/http-errors#140

New Contributors

• @​Ayoub-Mabrouk made their first contribution in jshttp/http-errors#112
• @​jonchurch made their first contribution in jshttp/http-errors#106
• @​step-security-bot made their first contribution in jshttp/http-errors#116
• @​dependabot[bot] made their first contribution in jshttp/http-errors#117
• @​UlisesGascon made their first contribution in jshttp/http-errors#124
• @​Phillip9587 made their first contribution in jshttp/http-errors#126

Full Changelog: jshttp/http-errors@v2.0.0...v2.0.1

Changelog

Sourced from http-errors's changelog.

2.0.1 / 2025-11-20

• deps: use tilde notation for dependencies
• deps: update statuses to 2.0.2

Commits

• 61aee57 2.0.1 (#140)
• 6acba1f build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 (#134)
• d2dcbbf build(deps): bump github/codeql-action from 3.29.11 to 4.31.2 (#137)
• fa47a60 build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 (#138)
• 09b3881 build(deps): bump actions/checkout from 4.2.2 to 5.0.0 (#132)
• f1ad322 build(deps): bump github/codeql-action from 3.29.7 to 3.29.11 (#133)
• 109fe03 build(deps-dev): bump eslint-plugin-import from 2.25.3 to 2.32.0 (#129)
• 7a05446 ci: add nodejs v18 - v24 to test matrix (#127)
• 6dfaf49 build(deps): bump github/codeql-action from 3.28.18 to 3.29.5 (#131)
• 535aebf chore: add funding to package.json (#130)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for http-errors since your current version.

Updates i18next-browser-languagedetector from 8.0.2 to 8.2.0

Changelog

Sourced from i18next-browser-languagedetector's changelog.

8.2.0

• feat: add support for hash detector 304

8.1.0

• feat: add support for Partitioned cookies 303

8.0.5

• check for common xss attack patterns on detected language

8.0.4

• fix localstorage check to try to address 297 300

8.0.3

• change localstorage check to try to address 297

Commits

• ae044f8 8.2.0
• 7feb356 introduce hash detector #304
• e3d30a1 not execute encodeURIComponent twice
• 2a6913b fix cookie.remove
• 73e5d13 8.1.0
• 00cd9fd release
• c7b00c9 feat: add support for Partitioned cookies (#303)
• 6b71927 Bump @​babel/runtime from 7.23.2 to 7.27.0 (#302)
• 2d5939b 8.0.5
• 9985ec7 check for common xss attack patterns on detected language
• Additional commits viewable in compare view

Updates i18next-http-backend from 3.0.1 to 3.0.2

Changelog

Sourced from i18next-http-backend's changelog.

3.0.2

• optimize fetchApi selector

Commits

• a0c695a 3.0.2
• 9c04ef0 optimize fetchApi selector
• cd1649d Bump next from 14.2.15 to 14.2.21 in /example/next (#165)
• fd8e218 Bump next from 14.2.10 to 14.2.15 in /example/next (#162)
• 429e9d8 update some deps in the examples
• See full diff in compare view

Updates morgan from 1.10.0 to 1.10.1

Release notes

Sourced from morgan's releases.

1.10.1

What's Changed

• renaming simple to sample in readme by @​ryhinchey in expressjs/morgan#237
• adding installation instructions to readme by @​ryhinchey in expressjs/morgan#233
• chore: add support for OSSF scorecard reporting by @​inigomarquinez in expressjs/morgan#291
• ci: replace travis with github actions by @​inigomarquinez in expressjs/morgan#290
• docs: add example output for log formats by @​jonchurch in expressjs/morgan#299
• ci: use ubuntu-latest by @​bjohansebas in expressjs/morgan#301
• ci: apply OSSF Scorecard security best practices by @​UlisesGascon in expressjs/morgan#300
• remove --bail by @​jonchurch in expressjs/morgan#314
• ⬆️ bump on-headers by @​ctcpip in expressjs/morgan#319

New Contributors

• @​inigomarquinez made their first contribution in expressjs/morgan#291
• @​jonchurch made their first contribution in expressjs/morgan#299
• @​bjohansebas made their first contribution in expressjs/morgan#301
• @​UlisesGascon made their first contribution in expressjs/morgan#300
• @​ctcpip made their first contribution in expressjs/morgan#319

Full Changelog: expressjs/morgan@1.10.0...1.10.1

Changelog

Sourced from morgan's changelog.

1.10.1 / 2025-07-17

• deps: on-headers@~1.1.0
  • Fix CVE-2025-7339 (GHSA-76c9-3jph-rj3q)

Commits

• c1c7f10 🔖 1.10.1
• eb896c2 ⬆️ bump on-headers
• 1c3eec6 remove --bail (#314)
• b144728 ci: apply OSSF Scorecard security best practices (#300)
• 68c2d21 ci: use ubuntu-latest (#301)
• 8740a19 docs: add example output for log formats (#299)
• efd6bff ci: migra to GitHub actions (#290)
• 3b89789 ci: add support for OSSF scorecard reporting (#291)
• 19a6aa5 docs: add installation section
• b94f3ff docs: change simple to sample in example descriptions
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for morgan since your current version.

Updates react-i18next from 15.3.0 to 16.5.0

Changelog

Sourced from react-i18next's changelog.

16.5.0

• Add configuration option transDefaultProps to set default props for the Trans component (e.g. tOptions, shouldUnescape, values) 1895

16.4.1

• fix(Trans): prevent double-escaping of interpolated values in component props (e.g. title). Unescape HTML entities before passing prop values to React to avoid rendered output like " / &[#39](https://github.com/i18next/react-i18next/issues/39);. 1893

16.4.0

• <Trans count> prop: optional - infer count from children 1891

16.3.5

• fix runaway effect in useTranslation 1888 by 1889

16.3.4

• Fix: avoid the "ref is not a prop" warning when a user ref is placed on an element inside <Trans> 1887, by still trying to fix element.ref access issue with react 19 1846

16.3.3

• improve useTranslation to fix "Maximum update depth exceeded" but still support new react-compiler 1885 1863

16.3.2

• fix: avoid "Uncaught TypeError: Cannot redefine property: __original"

16.3.1

• revert fix: Incosistent behaviour of Trans and t. Trans set defaultValue when t call doesn't set the field. 1876 f22d478

16.3.0

• fix: add i18n wrapper for React Compiler and React.memo compatibility 1884

16.2.4

• try to fix "Trans component do not render anymore children as default value in test environment" 1883 by also respecting 1876

16.2.3

• fix hyphened component break issue 1882

16.2.2

• fix trans component break with less than sign 1880, closes 1734

16.2.1

... (truncated)

Commits

• 0ee8a63 16.5.0
• be99228 Add configuration option to set default props for the Trans component #1895
• 09b9d86 16.4.1
• ba059b4 prevent double-escaping of interpolated values #16.4.1
• 7917079 fallback for unescape function
• 2282982 16.4.0
• 31f0d2e \<Trans count> prop: optional - infer count from children #1891
• ba89d1d cosmetics
• 75455ce changelog
• 9ff66ad 16.3.5
• Additional commits viewable in compare view

Updates system-sleep from 1.3.7 to 1.3.8

Commits

• See full diff in compare view

Updates @babel/core from 7.26.0 to 7.28.5

Release notes

Sourced from @​babel/core's releases.

v7.28.5 (2025-10-23)

Thank you @​CO0Ki3, @​Olexandr88, and @​youthfulhps for your first PRs!

👓 Spec Compliance

• babel-parser
  • #17446 Allow Runtime Errors for Function Call Assignment Targets (@​liuxingbaoyu)
• babel-helper-validator-identifier
  • #17501 fix: update identifier to unicode 17 (@​fisker)

🐛 Bug Fix

• babel-plugin-proposal-destructuring-private
  • #17534 Allow mixing private destructuring and rest (@​CO0Ki3)
• babel-parser
  • #17521 Improve @babel/parser error typing (@​JLHwung)
  • #17491 fix: improve ts-only declaration parsing (@​JLHwung)
• babel-plugin-proposal-discard-binding, babel-plugin-transform-destructuring
  • #17519 fix: rest correctly returns plain array (@​liuxingbaoyu)
• babel-helper-create-class-features-plugin, babel-helper-member-expression-to-functions, babel-plugin-transform-block-scoping, babel-plugin-transform-optional-chaining, babel-traverse, babel-types
  • #17503 Fix JSXIdentifier handling in isReferencedIdentifier (@​JLHwung)
• babel-traverse
  • #17504 fix: ensure scope.push register in anonymous fn (@​JLHwung)

🏠 Internal

• babel-types
  • #17494 Type checking babel-types scripts (@​JLHwung)

🏃‍♀️ Performance

• babel-core
  • #17490 Faster finding of locations in buildCodeFrameError (@​liuxingbaoyu)

Committers: 8

• Babel Bot (@​babel-bot)
• Byeongho Yoo (@​youthfulhps)
• Huáng Jùnliàng (@​JLHwung)
• Hyeon Dokko (@​CO0Ki3)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​Olexandr88
• @​liuxingbaoyu
• fisker Cheung (@​fisker)

v7.28.4 (2025-09-05)

Thanks @​gwillen and @​mrginglymus for your first PRs!

🏠 Internal

• babel-core, babel-helper-check-duplicate-nodes, babel-traverse, babel-types
  • #17493 Update Jest to v30.1.1 (@​JLHwung)
• babel-plugin-transform-regenerator
  • #17455 chore: Clean up transform-regenerator (@​liuxingbaoyu)

... (truncated)

Changelog

Sourced from @​babel/core's changelog.

v7.28.5 (2025-10-23)

👓 Spec Compliance

• babel-parser
  • #17446 Allow Runtime Errors for Function Call Assignment Targets (@​liuxingbaoyu)
• babel-helper-validator-identifier
  • #17501 fix: update identifier to unicode 17 (@​fisker)

🐛 Bug Fix

• babel-plugin-proposal-destructuring-private
  • #17534 Allow mixing private destructuring and rest (@​CO0Ki3)
• babel-parser
  • #17521 Improve @babel/parser error typing (@​JLHwung)
  • #17491 fix: improve ts-only declaration parsing (@​JLHwung)
• babel-plugin-proposal-discard-binding, babel-plugin-transform-destructuring
  • #17519 fix: rest correctly returns plain array (@​liuxingbaoyu)
• babel-helper-create-class-features-plugin, babel-helper-member-expression-to-functions, babel-plugin-transform-block-scoping, babel-plugin-transform-optional-chaining, babel-traverse, babel-types
  • #17503 Fix JSXIdentifier handling in isReferencedIdentifier (@​JLHwung)
• babel-traverse
  • #17504 fix: ensure scope.push register in anonymous fn (@​JLHwung)

🏠 Internal

• babel-types
  • #17494 Type checking babel-types scripts (@​JLHwung)

🏃‍♀️ Performance

• babel-core
  • #17490 Faster finding of locations in buildCodeFrameE...

    Description has been truncated

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.