Skip to content

chore(deps): Bump the client-prod-deps group across 1 directory with 10 updates#12936

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot-npm_and_yarn-client-client-prod-deps-3ba698702f
Open

chore(deps): Bump the client-prod-deps group across 1 directory with 10 updates#12936
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot-npm_and_yarn-client-client-prod-deps-3ba698702f

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Contributor

Bumps the client-prod-deps group with 10 updates in the /client directory:

Package From To
@sentry/vue 10.38.0 10.56.0
@zip.js/zip.js 2.8.8 2.8.26
axios 1.16.0 1.17.0
detectincognitojs 1.6.2 1.7.0
dompurify 3.4.0 3.4.8
file-type 21.3.2 22.0.1
pdfjs-dist 5.4.624 6.0.227
vue 3.5.30 3.5.35
vue-i18n 11.3.0 11.4.4
vue-router 4.6.4 5.1.0

Updates @sentry/vue from 10.38.0 to 10.56.0

Release notes

Sourced from @​sentry/vue's releases.

10.56.0

Important Changes

  • feat(deno): Redis diagnostics channel based integration for Deno (#21087)

    Adds Redis integration support for Deno, covering both redis and ioredis clients.

Other Changes

  • feat(cloudflare): Only capture workflow step error on final retry attempt (#21025)
  • feat(hono): Emit warning if @sentry/node was imported instead of @sentry/hono/node (#21240)
  • feat(node): Use ioredis tracing channels (#21187)
  • fix(browser): Correctly parse sampleRate when consistentTraceSampling is enabled (#21281)
  • fix(cloudflare): Fix instrumentDurableObjectWithSentry breaking Cloudflare Agents (#21101)
  • fix(cloudflare): Wait for span links to be set (#21167)
  • fix(core): Use WeakRef for Span-Scope circular references (#21242)
  • fix(node): Vendor InstrumentationNodeModuleFile to fix Bun --bytecode crash (#21262)
  • fix(profiling-node): Ensure node version support warning includes latest 26 (#21229)
  • chore: Ignore scheduled_tasks.lock (#21252)
  • chore: Promote lint warnings to errors (#21213)
  • chore(docs): Document how to support a new node version (#21228)
  • chore(size-limit): Weekly auto-bump (#21243)
  • chore(skills): Add linear-project-status skill (#21214)
  • chore(skills): Add linear-project-update skill (#21233)
  • chore(skills): Improve triage-issue skill (#21257)
  • chore(skills): Update linear-project-status skill with more details & context (#21234)
  • feat(deps): Bump axios from 1.15.0 to 1.16.0 in /dev-packages/e2e-tests/test-applications/nestjs-basic (#21263)
  • feat(server-utils): Initial scaffolding (#21200)
  • ref(cloudflare): Move D1 instrumentation (#21266)
  • ref(node): Refactor usage of hrTime utilities from @opentelemetry/core (#21191)
  • ref(node): Stop mutating OTel RPC metadata to set http.route (#21193)
  • ref(opentelemetry): Vendor minimal TraceState implementation (#21192)
  • test(browser): Add unit test for http client header collection behavior (#21273)
  • test(browser): Move browser integration tests to dataCollection (#21282)
  • test(cloudflare): Remove vitest in CF e2e tests (#21259)

Bundle size 📦

Path Size
@​sentry/browser 26.57 KB
@​sentry/browser - with treeshaking flags 25.05 KB
@​sentry/browser (incl. Tracing) 44.19 KB
@​sentry/browser (incl. Tracing + Span Streaming) 46.37 KB

... (truncated)

Changelog

Sourced from @​sentry/vue's changelog.

10.56.0

Important Changes

  • feat(deno): Redis diagnostics channel based integration for Deno (#21087)

    Adds Redis integration support for Deno, covering both redis and ioredis clients.

Other Changes

  • feat(cloudflare): Only capture workflow step error on final retry attempt (#21025)
  • feat(hono): Emit warning if @sentry/node was imported instead of @sentry/hono/node (#21240)
  • feat(node): Use ioredis tracing channels (#21187)
  • fix(browser): Correctly parse sampleRate when consistentTraceSampling is enabled (#21281)
  • fix(cloudflare): Fix instrumentDurableObjectWithSentry breaking Cloudflare Agents (#21101)
  • fix(cloudflare): Wait for span links to be set (#21167)
  • fix(core): Use WeakRef for Span-Scope circular references (#21242)
  • fix(node): Vendor InstrumentationNodeModuleFile to fix Bun --bytecode crash (#21262)
  • fix(profiling-node): Ensure node version support warning includes latest 26 (#21229)
  • chore: Ignore scheduled_tasks.lock (#21252)
  • chore: Promote lint warnings to errors (#21213)
  • chore(docs): Document how to support a new node version (#21228)
  • chore(size-limit): Weekly auto-bump (#21243)
  • chore(skills): Add linear-project-status skill (#21214)
  • chore(skills): Add linear-project-update skill (#21233)
  • chore(skills): Improve triage-issue skill (#21257)
  • chore(skills): Update linear-project-status skill with more details & context (#21234)
  • feat(deps): Bump axios from 1.15.0 to 1.16.0 in /dev-packages/e2e-tests/test-applications/nestjs-basic (#21263)
  • feat(server-utils): Initial scaffolding (#21200)
  • ref(cloudflare): Move D1 instrumentation (#21266)
  • ref(node): Refactor usage of hrTime utilities from @opentelemetry/core (#21191)
  • ref(node): Stop mutating OTel RPC metadata to set http.route (#21193)
  • ref(opentelemetry): Vendor minimal TraceState implementation (#21192)
  • test(browser): Add unit test for http client header collection behavior (#21273)
  • test(browser): Move browser integration tests to dataCollection (#21282)
  • test(cloudflare): Remove vitest in CF e2e tests (#21259)

10.55.0

Important Changes

  • feat(hono): Promote @sentry/hono to stable and deprecate honoIntegration (#21208)

    The @sentry/hono SDK is now stable. See the Sentry Hono SDK docs to get started.

... (truncated)

Commits
  • 29b276c release: 10.56.0
  • f94a87b Merge pull request #21291 from getsentry/prepare-release/10.56.0
  • 165c82a meta(changelog): Update changelog for 10.56.0
  • a7cb7e6 fix(cloudflare): Fix instrumentDurableObjectWithSentry breaking Cloudflare Ag...
  • d8015e2 feat(deps): Bump axios from 1.15.0 to 1.16.0 in /dev-packages/e2e-tests/test-...
  • 01104fb fix(browser): Correctly parse sampleRate when consistentTraceSampling is en...
  • 0613ef7 test(browser): Move browser integration tests to dataCollection (#21282)
  • 231e1f5 test(browser): Add unit test for http client header collection behavior (#21273)
  • ec5f82c feat(server-utils): initial scaffolding (#21200)
  • dfeeb11 fix(cloudflare): Wait for span links to be set (#21167)
  • Additional commits viewable in compare view

Updates @zip.js/zip.js from 2.8.8 to 2.8.26

Release notes

Sourced from @​zip.js/zip.js's releases.

v2.8.26

What's Changed

Full Changelog: gildas-lormeau/zip.js@v2.8.25...v2.8.26

v2.8.25

  • fixed HttpRangeReader bug when reading compressed sizes multiples of 65536 (see #646)
  • updated dev dependencies

v2.8.24

  • No changes, attempt to fix NPM publishing

v2.8.23

  • Fixed zip64 auto-detection with keepOrder set to false in ZipWriter

Zip files containing entries larger than 4 GB or larger than 4 GB are now handled correctly when entries are written in parallel with keepOrder set to false. The zip64 extra field in the central directory is now built from actual offset and disk number values at close time, rather than being predicted at entry creation time.

  • Updated dev dependencies

v2.8.22

Fixed support of option keepOrder when set to false in ZipWriter (the option is set to true by default)

v2.8.21

Implemented workaround (feature test) for DOMException serialization bug in Deno version 2.6.x (fix gildas-lormeau/zip.js#636)

v2.8.20

v2.8.19

Removed unwanted web-worker dependency inadvertently added in the package.json file of version 2.8.17

v2.8.18

  • Added createTempStream option to ZipWriter, used when adding entries in parallel, for custom temporary buffered write storage (e.g. filesystem, OPFS, network) instead of the default in-memory TransformStream (see this test for a usage example)
  • Improved buffering implementation in ZipWriter by removing the Blob/Response usage
  • Fixed minor regression introduced in version 2.8.16 when the web worker URI is not a data or blob URI (workers were not working with code using ES6 import) (see related test)

v2.8.17

Fixed support of Web Workers when running zip.js with Bun (see #638)

v2.8.16

v2.8.15

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​zip.js/zip.js since your current version.


Updates axios from 1.16.0 to 1.17.0

Release notes

Sourced from axios's releases.

v1.17.0 — June 1, 2026

This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.

🔒 Security Fixes

  • Config Hardening: Guarded socketPath, params, and paramsSerializer reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (#10901, #10922)
  • Release Publishing: Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (#10926)

🚀 New Features

  • HTTP Compression: Added Node HTTP adapter support for zstd response decompression, with transitional.advertiseZstdAcceptEncoding controlling whether zstd is advertised in Accept-Encoding. (#6792, #10920)

🐛 Bug Fixes

  • Authentication Handling: Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (#10929, #10896)
  • Proxy TLS: Preserved user httpsAgent TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (#10957)
  • React Native FormData: Cleared default Content-Type for React Native FormData so multipart boundaries can be generated correctly. (#10898)
  • Headers: Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (#10875)
  • Request Data Merging: Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (#10812)
  • Bundler Compatibility: Converted resolveConfig from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (#10891)
  • Types: Corrected AxiosHeaders.toJSON() return types and updated CommonJS isCancel typings to narrow to CanceledError<T>. (#10956, #10952)
  • Build Tooling: Avoided emitting a null Authorization header from the GitHub build helper when GITHUB_TOKEN is unset. (#10931)

🔧 Maintenance & Chores

  • HTTP/2 Internals: Extracted Http2Sessions into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (#10861)
  • Package Publishing: Reduced published package size by switching to a files allowlist and dropping unneeded unminified bundle source maps. (#10939)
  • CI and Release Automation: Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (#10907, #10911, #10916, #10927, #10935, #10983)
  • Developer Workflow: Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (#10925, #10914, #10958)
  • Documentation and Policy: Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (#10890, #10889, #10921, #10945, #10905, #10933, #10915, #10887, #10955)
  • Dependencies: Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, fs-extra, qs, docs dependencies, and GitHub Actions dependencies including actions/dependency-review-action and zizmorcore/zizmor-action. (#10871, #10879, #10918, #10919, #10934, #10947, #10954, #10960)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

... (truncated)

Changelog

Sourced from axios's changelog.

v1.17.0 — June 1, 2026

This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.

🔒 Security Fixes

  • Config Hardening: Guarded socketPath, params, and paramsSerializer reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (#10901, #10922)
  • Release Publishing: Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (#10926)

🚀 New Features

  • HTTP Compression: Added Node HTTP adapter support for zstd response decompression, with transitional.advertiseZstdAcceptEncoding controlling whether zstd is advertised in Accept-Encoding. (#6792, #10920)

🐛 Bug Fixes

  • Authentication Handling: Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (#10929, #10896)
  • Proxy TLS: Preserved user httpsAgent TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (#10957)
  • React Native FormData: Cleared default Content-Type for React Native FormData so multipart boundaries can be generated correctly. (#10898)
  • Headers: Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (#10875)
  • Request Data Merging: Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (#10812)
  • Bundler Compatibility: Converted resolveConfig from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (#10891)
  • Types: Corrected AxiosHeaders.toJSON() return types and updated CommonJS isCancel typings to narrow to CanceledError<T>. (#10956, #10952)
  • Build Tooling: Avoided emitting a null Authorization header from the GitHub build helper when GITHUB_TOKEN is unset. (#10931)

🔧 Maintenance & Chores

  • HTTP/2 Internals: Extracted Http2Sessions into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (#10861)
  • Package Publishing: Reduced published package size by switching to a files allowlist and dropping unneeded unminified bundle source maps. (#10939)
  • CI and Release Automation: Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (#10907, #10911, #10916, #10927, #10935, #10983)
  • Developer Workflow: Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (#10925, #10914, #10958)
  • Documentation and Policy: Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (#10890, #10889, #10921, #10945, #10905, #10933, #10915, #10887, #10955)
  • Dependencies: Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, fs-extra, qs, docs dependencies, and GitHub Actions dependencies including actions/dependency-review-action and zizmorcore/zizmor-action. (#10871, #10879, #10918, #10919, #10934, #10947, #10954, #10960)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

... (truncated)

Commits

Updates detectincognitojs from 1.6.2 to 1.7.0

Release notes

Sourced from detectincognitojs's releases.

v1.7.0

Fixes Chromium incognito detection w/ new OPFS timing attack method.

What's Changed

New Contributors

Full Changelog: Joe12387/detectIncognito@v1.6.2...v1.7.0

Commits
  • 415435e v1.7.0
  • baa07e8 Revise README for Chromium detection and features
  • 51508b3 Merge pull request #62 from ilkkapeltola/opfs-flush-chrome-detection
  • 5b39712 Replace removed Chrome quota test with OPFS flush timing
  • dd5dc73 general README.md update
  • 6acdaa0 Clarify detection issue for Chromium versions
  • 9306f5b v1.6.2
  • See full diff in compare view

Updates dompurify from 3.4.0 to 3.4.8

Release notes

Sourced from dompurify's releases.

DOMPurify 3.4.8

  • Cleaned up the repository root, renamed some and removed unneeded files
  • Fixed an issue with handling of Trusted Types policies, thanks @​fulstadev
  • Fixed the node iterator for better template scrubbing, thanks @​IamLeandrooooo
  • Included formerly missing LICENSE-MPL in published npm package, thanks @​asamuzaK
  • Bumped several dependencies where possible

DOMPurify 3.4.7

  • Hardened the handling of Shadow Roots when using IN_PLACE, thanks @​GameZoneHacker
  • Removed a problem leading to permanent hook pollution, thanks @​offset
  • Refactored the test suite and expanded test coverage significantly

DOMPurify 3.4.6

  • Fixed several issues with DOM Clobbering in IN_PLACE mode, thanks @​offset & @​Bankde
  • Hardened the checks for cross-realm IN_PLACE and Shadow DOM sanitization, thanks @​offset & @​Bankde
  • Added more test coverage for IN_PLACE and general DOM Clobbering attacks
  • Bumped several dependencies where possible

DOMPurify 3.4.5

  • Fixed a bypass caused by the new HTML element selectedcontent added in 3.4.4, thanks @​KabirAcharya

Note that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.

DOMPurify 3.4.4

  • Added the selectedcontent element to default allow-list, thanks @​lukewarlow
  • Added the command and commandfor attributes to default allowed-list, thanks @​lukewarlow
  • Added better template scrubbing for IN_PLACE operations, thanks @​DEMON1A
  • Added stronger checks for cross-realm windows, thanks @​DEMON1A & @​fg0x0
  • Updated demo website and made sure it uses the latest from main
  • Updated existing workflows, fuzzer, dependabot, etc., added more tests
  • Bumped several dependencies where possible

🚨 This release had been flagged as deprecated, please use DOMPurify 3.4.5 instead 🚨

DOMPurify 3.4.3

  • Fixed an issue with handling of nested Shadow DOM trees, thanks @​fishjojo1
  • Fixed the template regexes to be more robust against ReDoS attacks, thanks @​aleung27
  • Updated the node iteration code to catch more Shadow DOM related issues
  • Updated Playwright and added Node 26 to test matrix
  • Updated existing workflows, fuzzer, release signing, etc., added more tests
  • Bumped several dependencies where possible

DOMPurify 3.4.2

  • Fixed an issue with URI validation on attributes allowed via ADD_ATTR callback, thanks @​nelstrom
  • Fixed an issue with source maps referring to non-existing files, thanks @​cmdcolin
  • Updated existing workflows, fuzzer, release signing, etc., added more tests
  • Bumped several dependencies where possible

DOMPurify 3.4.1

  • Fixed an issue with on-handler stripping for HTML-spec-reserved custom element names (font-face, color-profile, missing-glyph, font-face-src, font-face-uri, font-face-format, font-face-name) under permissive CUSTOM_ELEMENT_HANDLING

... (truncated)

Commits
Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.


Updates file-type from 21.3.2 to 22.0.1

Release notes

Sourced from file-type's releases.

v22.0.1

  • Fix: Work around esbuild resolving Node-only imports ce4262f

sindresorhus/file-type@v22.0.0...v22.0.1

v22.0.0

Breaking

  • Requires Node.js 22

  • Dropped Node.js stream.Readable support from fileTypeFromStream() and fileTypeStream()

    // Before
import fs from 'node:fs';
fileTypeFromStream(fs.createReadStream('file.mp4'));
// After
import fs from 'node:fs';
import {Readable} from 'node:stream';
fileTypeFromStream(Readable.toWeb(fs.createReadStream('file.mp4')));

  • Sub-exports (e.g. file-type/core) have been removed. Import everything from file-type directly.

  • The ReadableStreamWithFileType type has been removed. Use AnyWebReadableByteStreamWithFileType instead.

  • Several MIME types have been corrected or normalized:

    Type Old MIME New MIME
    lz application/x-lzip application/lzip
    lnk application/x.ms.shortcut application/x-ms-shortcut
    Apple Alias application/x.apple.alias application/x-ft-apple.alias
    fbx application/x.autodesk.fbx application/x-ft-fbx
    Draco application/vnd.google.draco application/x-ft-draco

    MIME subtypes prefixed with x-ft- are custom types defined by this package (not IANA-registered).

Improvements

  • Added detection for Apple iWork files: .key (Keynote), .pages (Pages), .numbers (Numbers)

Fixes

  • Fixed LibreOffice OOXML files being incorrectly detected as ZIP when reading from streams

sindresorhus/file-type@v21.3.4...v22.0.0

... (truncated)

Commits

Updates pdfjs-dist from 5.4.624 to 6.0.227

Release notes

Sourced from pdfjs-dist's releases.

v6.0.227

PDF.js 6.0 is a major release that contains a number of API changes, features and bugfixes.

The complete list of changes in this release is shown below. If you're upgrading to PDF.js 6.0 we recommend checking the changes prefixed with [api-minor] and [api-major] since those might require updates to your code.

Changes since v5.7.284

@dependabot
chore(deps): Bump the client-prod-deps group across 1 directory with …
39a09a8 
…10 updates

Bumps the client-prod-deps group with 10 updates in the /client directory:

| Package | From | To |
| --- | --- | --- |
| [@sentry/vue](https://github.com/getsentry/sentry-javascript) | `10.38.0` | `10.56.0` |
| [@zip.js/zip.js](https://github.com/gildas-lormeau/zip.js) | `2.8.8` | `2.8.26` |
| [axios](https://github.com/axios/axios) | `1.16.0` | `1.17.0` |
| [detectincognitojs](https://github.com/Joe12387/detectIncognito) | `1.6.2` | `1.7.0` |
| [dompurify](https://github.com/cure53/DOMPurify) | `3.4.0` | `3.4.8` |
| [file-type](https://github.com/sindresorhus/file-type) | `21.3.2` | `22.0.1` |
| [pdfjs-dist](https://github.com/mozilla/pdf.js) | `5.4.624` | `6.0.227` |
| [vue](https://github.com/vuejs/core) | `3.5.30` | `3.5.35` |
| [vue-i18n](https://github.com/intlify/vue-i18n/tree/HEAD/packages/vue-i18n) | `11.3.0` | `11.4.4` |
| [vue-router](https://github.com/vuejs/router) | `4.6.4` | `5.1.0` |



Updates `@sentry/vue` from 10.38.0 to 10.56.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](getsentry/sentry-javascript@10.38.0...10.56.0)

Updates `@zip.js/zip.js` from 2.8.8 to 2.8.26
- [Release notes](https://github.com/gildas-lormeau/zip.js/releases)
- [Commits](gildas-lormeau/zip.js@v2.8.8...v2.8.26)

Updates `axios` from 1.16.0 to 1.17.0
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.16.0...v1.17.0)

Updates `detectincognitojs` from 1.6.2 to 1.7.0
- [Release notes](https://github.com/Joe12387/detectIncognito/releases)
- [Commits](Joe12387/detectIncognito@v1.6.2...v1.7.0)

Updates `dompurify` from 3.4.0 to 3.4.8
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](cure53/DOMPurify@3.4.0...3.4.8)

Updates `file-type` from 21.3.2 to 22.0.1
- [Release notes](https://github.com/sindresorhus/file-type/releases)
- [Commits](sindresorhus/file-type@v21.3.2...v22.0.1)

Updates `pdfjs-dist` from 5.4.624 to 6.0.227
- [Release notes](https://github.com/mozilla/pdf.js/releases)
- [Commits](mozilla/pdf.js@v5.4.624...v6.0.227)

Updates `vue` from 3.5.30 to 3.5.35
- [Release notes](https://github.com/vuejs/core/releases)
- [Changelog](https://github.com/vuejs/core/blob/main/CHANGELOG.md)
- [Commits](vuejs/core@v3.5.30...v3.5.35)

Updates `vue-i18n` from 11.3.0 to 11.4.4
- [Release notes](https://github.com/intlify/vue-i18n/releases)
- [Changelog](https://github.com/intlify/vue-i18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/intlify/vue-i18n/commits/v11.4.4/packages/vue-i18n)

Updates `vue-router` from 4.6.4 to 5.1.0
- [Release notes](https://github.com/vuejs/router/releases)
- [Commits](vuejs/router@v4.6.4...v5.1.0)

---
updated-dependencies:
- dependency-name: "@sentry/vue"
  dependency-version: 10.56.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: client-prod-deps
- dependency-name: "@zip.js/zip.js"
  dependency-version: 2.8.26
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: client-prod-deps
- dependency-name: axios
  dependency-version: 1.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: client-prod-deps
- dependency-name: detectincognitojs
  dependency-version: 1.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: client-prod-deps
- dependency-name: dompurify
  dependency-version: 3.4.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: client-prod-deps
- dependency-name: file-type
  dependency-version: 22.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: client-prod-deps
- dependency-name: pdfjs-dist
  dependency-version: 6.0.227
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: client-prod-deps
- dependency-name: vue
  dependency-version: 3.5.35
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: client-prod-deps
- dependency-name: vue-i18n
  dependency-version: 11.4.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: client-prod-deps
- dependency-name: vue-router
  dependency-version: 5.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: client-prod-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added I-Dependency Impact: related to an dependency I-Javascript Impact: Javascript-related stuff labels Jun 15, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 15, 2026 02:24
@dependabot dependabot Bot added I-Dependency Impact: related to an dependency I-Javascript Impact: Javascript-related stuff labels Jun 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

I-Dependency Impact: related to an dependency I-Javascript Impact: Javascript-related stuff

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants