Update dependency @nestjs/common to v10 [SECURITY]

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
@nestjs/common (source)	9.4.3 → 10.4.16
@nestjs/common (source)	^9.0.0 → ^10.4.16

---

nest allows a remote attacker to execute arbitrary code via the Content-Type header

CVE-2024-29409 / GHSA-cj7v-w2c7-cp7c

More information

Details

File Upload vulnerability in nestjs nest prior to v.11.0.16 allows a remote attacker to execute arbitrary code via the Content-Type header.

Severity

• CVSS Score: 5.5 / 10 (Medium)
• Vector String: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

References

• https://nvd.nist.gov/vuln/detail/CVE-2024-29409
• https://github.com/nestjs/nest/issues/13311#issuecomment-1993839495
• https://gist.github.com/aydinnyunus/801342361584d1491c67a820a714f53f
• https://github.com/nestjs/nest/blob/83a48b2c7396985144b7a6cd5d3bee1abb7c5d81/packages/common/pipes/file/file-type.validator.ts#L19
• https://github.com/nestjs/nest/issues/14876
• https://github.com/nestjs/nest/issues/14876#issuecomment-2796888038
• https://github.com/nestjs/nest/pull/14881
• https://github.com/nestjs/nest/releases/tag/v11.0.16
• https://github.com/nestjs/nest/releases/tag/v10.4.16
• https://github.com/advisories/GHSA-cj7v-w2c7-cp7c

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

---

Release Notes

nestjs/nest (@​nestjs/common)

v10.4.16

Compare Source

What's Changed

• fix(common): introduce magic file type validator to nestjs common by @​Chathula in #​14948

Full Changelog: nestjs/nest@v10.4.15...v10.4.16

v10.4.15

Compare Source

v10.4.15 (2024-12-09)

Dependencies

• platform-express
  • #​14282 fix(deps): update dependency express to v4.21.2 (@​renovate[bot])

v10.4.14

Compare Source

v10.4.13

Compare Source

v10.4.13 (2024-12-03)

Bug fixes

• common
  • #​14256 chore(common): Add type declaration for RawBody decorator with pipes (@​sapenlei)

Dependencies

• #​14257 fix(deps): update dependency @​fastify/static to v7.0.4 (@​renovate[bot])
• #​14258 fix(deps): update dependency @​nestjs/sequelize to v10.0.1 (@​renovate[bot])
• #​14249 chore(deps): bump @​apollo/gateway from 2.4.8 to 2.8.5 in /sample/32-graphql-federation-schema-first/users-application (@​dependabot[bot])
• #​14250 chore(deps): update jest monorepo (@​renovate[bot])
• #​14245 chore(deps): update dependency mqtt to v5.10.3 (@​renovate[bot])
• #​14247 fix(deps): update nest monorepo to v10.4.12 (@​renovate[bot])
• #​14251 chore(deps-dev): bump graphql-tools from 9.0.3 to 9.0.5 (@​dependabot[bot])
• #​14246 chore(deps): update nest monorepo (@​renovate[bot])

Committers: 3

• Kamil Mysliwiec (@​kamilmysliwiec)
• Micael Levi L. Cavalcante (@​micalevisk)
• sapenlei (@​sapenlei)

v10.4.12

Compare Source

v10.4.12 (2024-11-29)

Bug fixes

• common
  • #​14241 fix(common): enforce string type in validationpipe (@​LhonRafaat)

Dependencies

• Other
  • #​14243 chore(deps): update dependency @​types/node to v20.17.9 (@​renovate[bot])
  • #​14240 chore(deps): update dependency @​types/multer to v1.4.12 (@​renovate[bot])
  • #​14239 chore(deps): update dependency @​types/chai to v4.3.20 (@​renovate[bot])
  • #​14237 chore(deps): update confluentinc/cp-zookeeper docker tag to v7.7.2 (@​renovate[bot])
  • #​14236 chore(deps): update confluentinc/cp-kafka docker tag to v7.7.2 (@​renovate[bot])
  • #​12253 fix(deps): update apollo graphql packages (@​renovate[bot])
  • #​14235 chore(deps-dev): bump @​commitlint/config-angular from 19.5.0 to 19.6.0 (@​dependabot[bot])
  • #​14233 chore(deps): update nest monorepo (@​renovate[bot])
  • #​14232 fix(deps): update dependency path-to-regexp to v3.3.0 [security] (@​renovate[bot])
  • #​14229 chore(deps): update mongo docker tag to v8 (@​renovate[bot])
  • #​14228 chore(deps): update dependency @​types/node to v22.10.0 (@​renovate[bot])
  • #​14227 fix(deps): update nest-graphql monorepo to v12.2.1 (@​renovate[bot])
  • #​14224 fix(deps): update dependency sequelize to v6.37.5 (@​renovate[bot])
  • #​14230 chore(deps): update mysql docker tag to v9 (@​renovate[bot])
  • #​14231 fix(deps): update dependency @​nestjs/swagger to v8 (@​renovate[bot])
• common, core, microservices, platform-express, platform-fastify, platform-socket.io, platform-ws, testing, websockets
  • #​14226 fix(deps): update dependency tslib to v2.8.1 (@​renovate[bot])
• platform-socket.io
  • #​14225 fix(deps): update dependency socket.io to v4.8.1 (@​renovate[bot])

Committers: 1

• Lhon (@​LhonRafaat)

v10.4.11

Compare Source

v10.4.10

Compare Source

v10.4.10 (2024-11-27)

Bug fixes

• platform-socket.io, websockets
  • #​14204 fix(websockets): ensure non-shared servers call close method (@​sapenlei)

Dependencies

• #​14221 chore(deps): update mysql docker tag to v8.4.3 (@​renovate[bot])
• #​14220 chore(deps): update dependency webpack to v5.96.1 (@​renovate[bot])
• #​14219 chore(deps): update dependency nodemon to v3.1.7 (@​renovate[bot])
• #​14218 chore(deps): update confluentinc/cp-zookeeper docker tag to v7.7.1 (@​renovate[bot])
• #​14217 chore(deps): update confluentinc/cp-kafka docker tag to v7.7.1 (@​renovate[bot])
• #​14216 fix(deps): update dependency rimraf to v5.0.10 (@​renovate[bot])
• #​14215 fix(deps): update dependency dotenv to v16.4.5 (@​renovate[bot])
• #​14214 fix(deps): update dependency @​grpc/reflection to v1.0.4 (@​renovate[bot])
• #​12940 fix(deps): update dependency mongoose to v8.8.3 (@​renovate[bot])
• #​14207 chore(deps): update dependency @​types/dotenv to v8.2.3 (@​renovate[bot])
• #​14208 chore(deps): update dependency @​types/node to v20.17.8 (@​renovate[bot])
• #​14209 chore(deps): update dependency amqplib to v0.10.5 (@​renovate[bot])
• #​14212 chore(deps): update dependency webpack to v5.94.0 [security] (@​renovate[bot])
• #​14210 chore(deps): update dependency husky to v9.1.7 (@​renovate[bot])
• #​14211 chore(deps): update nest monorepo (@​renovate[bot])
• #​14206 chore(deps-dev): bump mongoose from 8.8.1 to 8.8.3 (@​dependabot[bot])

Committers: 1

• sapenlei (@​sapenlei)

v10.4.9

Compare Source

v10.4.9 (2024-11-25)

Bug fixes

• core, microservices
  • #​13923 fix(core): merge req context with tenant payload in the request instance (@​DylanVeldra)
• websockets
  • #​14185 fix(websockets): Prevent HTTP server early close in Socket.IO shutdown (@​sapenlei)
• common
  • #​14181 fix(common): fallback to empty string for enums when validating (swc builder) (@​kamilmysliwiec)
• core
  • #​13804 fix(core): dependencies not resolving for transient lazy providers (@​patrickacioli)
• microservices
  • #​14163 fix(microservices): grpc client streaming bugs (@​kamilmysliwiec)

Enhancements

• common, core
  • #​14175 fix(common,core): align the logic of optional provider (@​micalevisk)
• microservices
  • #​12954 feat: emit batch (@​gunb0s)

Dependencies

• Other
  • #​14192 chore(deps): update dependency webpack to v5.94.0 [security] (@​renovate[bot])
  • #​14188 chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 in /sample/30-event-emitter (@​dependabot[bot])
  • #​14187 chore(deps): bump cookie and @​nestjs/platform-express in /sample/34-using-esm-packages (@​dependabot[bot])
  • #​14189 chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 in /sample/19-auth-jwt (@​dependabot[bot])
  • #​14186 chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 in /sample/31-graphql-federation-code-first/posts-application (@​dependabot[bot])
  • #​14183 chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 in /sample/32-graphql-federation-schema-first/posts-application (@​dependabot[bot])
  • #​14176 chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 in /sample/32-graphql-federation-schema-first/users-application (@​dependabot[bot])
  • #​14179 chore(deps-dev): bump @​types/mocha from 10.0.9 to 10.0.10 (@​dependabot[bot])
  • #​14174 chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 in /sample/22-graphql-prisma (@​dependabot[bot])
  • #​14173 chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 in /sample/28-sse (@​dependabot[bot])
  • #​14165 chore(deps-dev): bump @​typescript-eslint/parser from 8.14.0 to 8.15.0 (@​dependabot[bot])
  • #​14171 chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 in /sample/11-swagger (@​dependabot[bot])
  • #​14172 chore(deps): bump cookie and @​nestjs/platform-express in /sample/35-use-esm-package-after-node22 (@​dependabot[bot])
  • #​14170 chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 in /sample/24-serve-static (@​dependabot[bot])
  • #​14169 chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 in /sample/15-mvc (@​dependabot[bot])
  • #​14164 chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 in /sample/01-cats-app (@​dependabot[bot])
  • #​14167 chore(deps-dev): bump @​typescript-eslint/eslint-plugin from 8.14.0 to 8.15.0 (@​dependabot[bot])
  • #​14161 chore(deps): bump cross-spawn from 7.0.3 to 7.0.5 in /sample/25-dynamic-modules (@​dependabot[bot])
  • #​14159 chore(deps): bump cross-spawn from 7.0.3 to 7.0.5 in /sample/33-graphql-mercurius (@​dependabot[bot])
  • #​13632 fix(deps): update dependency mysql2 to v3.9.8 [security] (@​renovate[bot])
  • #​14151 chore(deps): bump cross-spawn from 7.0.3 to 7.0.5 in /sample/27-scheduling (@​dependabot[bot])
  • #​14155 build(sample): replace cli-color with smaller and faster ansis (@​webdiscus)
  • #​14146 chore(deps): bump cookie and @​nestjs/platform-express in /sample/28-sse (@​dependabot[bot])
  • #​14149 chore(deps): bump cross-spawn from 7.0.3 to 7.0.5 in /sample/32-graphql-federation-schema-first/gateway (@​dependabot[bot])
  • #​12995 chore(deps): update dependency supertest to v6.3.4 (@​renovate[bot])
  • #​12815 chore(deps): update dependency @​types/node to v20.17.6 (@​renovate[bot])
  • #​14147 chore: upgrade deps (@​kamilmysliwiec)
  • #​14144 chore(deps): bump cookie, light-my-request and @​nestjs/platform-fastify in /sample/33-graphql-mercurius (@​dependabot[bot])
• platform-fastify
  • #​14191 chore(deps): bump light-my-request from 6.1.0 to 6.3.0 (@​dependabot[bot])

Committers: 7

• Kamil Mysliwiec (@​kamilmysliwiec)
• Micael Levi L. Cavalcante (@​micalevisk)
• Patrick Acioli (@​patrickacioli)
• @​DylanVeldra
• @​webdiscus
• cain (@​gunb0s)
• sapenlei (@​sapenlei)

v10.4.8

Compare Source

v10.4.8 (2024-11-15)

Bug fixes

• microservices
  • #​14059 fix(microservices): include discarded rmq client options (@​v-sum)
  • #​14132 fix(microservices): no messages emitted with mqtt when qos set (@​kamilmysliwiec)
• core
  • #​14133 fix(core): flaky durable provider, remove instance on error (@​kamilmysliwiec)

Enhancements

• core
  • #​14143 feat(core): expose listening stream from http adapter host (@​kamilmysliwiec)
  • #​14139 chore(core): defer application shutdown until init finishes (@​mksony)

Committers: 3

• Kamil Mysliwiec (@​kamilmysliwiec)
• Max (@​mksony)
• Vasile Sumanschi (@​v-sum)

v10.4.7

Compare Source

v10.4.6

Compare Source

v10.4.5

Compare Source

v10.4.5 (2024-10-16)

Dependencies

• platform-express
  • #​14060 build(express): upgrade to express 4.2.1 (@​ezintz)
• Other
  • #​13903 chore(deps): bump ws and @​nestjs/graphql in /sample/31-graphql-federation-code-first/posts-application (@​dependabot[bot])
  • #​13917 chore(deps): bump micromatch from 4.0.4 to 4.0.8 in /sample/32-graphql-federation-schema-first/posts-application (@​dependabot[bot])
  • #​14015 chore(deps): bump find-my-way from 8.1.0 to 8.2.2 in /sample/10-fastify (@​dependabot[bot])
  • #​14039 chore(deps): bump serve-static, express and @​nestjs/platform-express in /sample/23-graphql-code-first (@​dependabot[bot])
  • #​14040 chore(deps): bump send, @​nestjs/platform-express and express in /sample/24-serve-static (@​dependabot[bot])
  • #​14034 chore(deps): bump serve-static and @​nestjs/platform-express in /sample/28-sse (@​dependabot[bot])
  • #​14035 chore(deps): bump send and @​nestjs/platform-express in /sample/28-sse (@​dependabot[bot])
  • #​14030 chore(deps): bump send and @​nestjs/platform-express in /sample/25-dynamic-modules (@​dependabot[bot])
  • #​14031 chore(deps): bump serve-static and @​nestjs/platform-express in /sample/25-dynamic-modules (@​dependabot[bot])
  • #​14026 chore(deps): bump serve-static and @​nestjs/platform-express in /sample/26-queues (@​dependabot[bot])
  • #​14025 chore(deps): bump send and @​nestjs/platform-express in /sample/26-queues (@​dependabot[bot])
• platform-fastify
  • #​14064 build(fastify): upgrade light-my-request to 6.1.0 (@​PattyTrish)

Committers: 5

• Eduard Zintz (@​ezintz)
• Fernando Vargas (@​frndvrgs)
• Micael Levi L. Cavalcante (@​micalevisk)
• Patricia Ahern (@​PattyTrish)
• Rick Dutour Geerling (@​tuxmachine)

v10.4.4

Compare Source

v10.4.3

Compare Source

v10.4.2

Compare Source

v10.4.2 (2024-09-16)

Dependencies

• common, core, microservices, platform-express, platform-fastify, platform-socket.io, platform-ws, testing, websockets
  • #​13911 chore(deps): bump tslib from 2.6.3 to 2.7.0 (@​dependabot[bot])
• platform-fastify
  • #​13938 chore(deps): bump light-my-request from 5.13.0 to 6.0.0 (@​dependabot[bot])
• Other
  • #​13936 chore(deps-dev): bump lint-staged from 15.2.9 to 15.2.10 (@​dependabot[bot])
  • #​13946 chore(deps): bump webpack and @​nestjs/cli in /sample/02-gateways (@​dependabot[bot])
  • #​13947 chore(deps-dev): bump webpack from 5.91.0 to 5.94.0 (@​dependabot[bot])
  • #​13966 chore(deps): bump dset from 3.1.2 to 3.1.4 in /sample/32-graphql-federation-schema-first/gateway (@​dependabot[bot])
  • #​13967 chore(deps): bump dset from 3.1.3 to 3.1.4 (@​dependabot[bot])
  • #​13968 chore(deps-dev): bump @​commitlint/cli from 19.4.0 to 19.5.0 (@​dependabot[bot])
  • #​13969 chore(deps-dev): bump mongoose from 8.6.0 to 8.6.2 (@​dependabot[bot])
  • #​13973 chore(deps-dev): bump @​types/node from 22.5.1 to 22.5.5 (@​dependabot[bot])
  • #​13922 chore(deps): bump @​apollo/gateway from 2.2.3 to 2.9.0 in /sample/31-graphql-federation-code-first/users-application (@​dependabot[bot])
  • #​13921 chore(deps): bump @​apollo/query-planner from 2.4.8 to 2.9.0 in /sample/31-graphql-federation-code-first/posts-application (@​dependabot[bot])
  • #​13926 chore(deps-dev): bump mongoose from 8.5.3 to 8.6.0 (@​dependabot[bot])
  • #​13928 chore(deps-dev): bump @​types/node from 22.5.0 to 22.5.1 (@​dependabot[bot])
  • #​13929 chore(deps-dev): bump @​commitlint/config-angular from 19.3.0 to 19.4.1 (@​dependabot[bot])
  • #​13893 chore(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.18.0 to 8.2.0 (@​dependabot[bot])
  • #​13896 chore(deps-dev): bump husky from 9.1.4 to 9.1.5 (@​dependabot[bot])
  • #​13897 chore(deps-dev): bump core-js from 3.38.0 to 3.38.1 (@​dependabot[bot])
  • #​13901 chore(deps-dev): bump @​types/node from 22.3.0 to 22.5.0 (@​dependabot[bot])
  • #​13902 chore(deps-dev): bump artillery from 2.0.19 to 2.0.20 (@​dependabot[bot])
  • #​13884 chore(deps-dev): bump mongoose from 8.5.2 to 8.5.3 (@​dependabot[bot])
  • #​13885 chore(deps-dev): bump lint-staged from 15.2.8 to 15.2.9 (@​dependabot[bot])
  • #​13890 chore(deps-dev): bump @​types/node from 22.2.0 to 22.3.0 (@​dependabot[bot])

Committers: 3

• Kamil Mysliwiec (@​kamilmysliwiec)
• Micael Levi L. Cavalcante (@​micalevisk)
• @​haouvw

v10.4.1

Compare Source

v10.4.0

Compare Source

v10.3.10

Compare Source

v10.3.10 (2024-07-01)

Bug fixes

• core
  • #​13712 fix(core): when using forward references on exports array (@​micalevisk)

Enhancements

• platform-fastify
  • #​13734 feat(fastify-adapter): support for skipping middie registration (@​ancyrweb)

Dependencies

• Other
  • #​13706 chore(deps-dev): bump nodemon from 3.1.3 to 3.1.4 (@​dependabot[bot])
  • #​13716 chore(deps-dev): bump ts-morph from 22.0.0 to 23.0.0 (@​dependabot[bot])
  • #​13697 chore(deps): bump ws from 8.13.0 to 8.17.1 in /sample/16-gateways-ws (@​dependabot[bot])
  • #​13708 chore(deps-dev): bump nats from 2.26.0 to 2.27.0 (@​dependabot[bot])
  • #​13709 chore(deps-dev): bump typescript from 5.4.5 to 5.5.2 (@​dependabot[bot])
  • #​13715 chore(deps-dev): bump graphql from 16.8.2 to 16.9.0 (@​dependabot[bot])
  • #​13718 chore(deps-dev): bump engine.io-client from 6.5.4 to 6.6.0 (@​dependabot[bot])
  • #​13724 chore(deps-dev): bump @​types/node from 20.14.6 to 20.14.9 (@​dependabot[bot])
  • #​13672 chore(deps-dev): bump braces from 3.0.2 to 3.0.3 in /sample/26-queues (@​dependabot[bot])
  • #​13693 chore(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.13.0 to 7.13.1 (@​dependabot[bot])
  • #​13699 chore(deps-dev): bump engine.io-client from 6.5.3 to 6.5.4 (@​dependabot[bot])
  • #​13702 chore(deps-dev): bump @​types/node from 20.14.4 to 20.14.6 (@​dependabot[bot])
  • #​13703 chore(deps): bump fast-json-stringify from 5.16.0 to 5.16.1 (@​dependabot[bot])
  • #​13694 chore(deps-dev): bump mongoose from 8.4.1 to 8.4.3 (@​dependabot[bot])
  • #​13695 chore(deps-dev): bump @​typescript-eslint/parser from 7.13.0 to 7.13.1 (@​dependabot[bot])
  • #​13696 chore(deps-dev): bump @​types/node from 20.14.2 to 20.14.4 (@​dependabot[bot])
  • #​13678 chore(deps-dev): bump graphql from 16.8.1 to 16.8.2 (@​dependabot[bot])
  • #​13682 chore(deps-dev): bump mysql2 from 3.10.0 to 3.10.1 (@​dependabot[bot])
  • #​13674 chore(deps-dev): bump prettier from 3.3.1 to 3.3.2 (@​dependabot[bot])
  • #​13677 chore(deps-dev): bump lint-staged from 15.2.5 to 15.2.7 (@​dependabot[bot])
  • #​13671 chore(deps-dev): bump braces from 3.0.2 to 3.0.3 in /sample/27-scheduling (@​dependabot[bot])
  • #​13670 chore(deps-dev): bump braces from 3.0.2 to 3.0.3 in /sample/30-event-emitter (@​dependabot[bot])
  • #​13667 chore(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.12.0 to 7.13.0 (@​dependabot[bot])
  • #​13665 chore(deps-dev): bump artillery from 2.0.14 to 2.0.15 (@​dependabot[bot])
  • #​13660 chore(deps): bump @​grpc/grpc-js from 1.10.0 to 1.10.9 in /sample/04-grpc (@​dependabot[bot])
  • #​13662 chore(deps-dev): bump @​grpc/grpc-js from 1.10.8 to 1.10.9 (@​dependabot[bot])
  • #​13663 chore(deps-dev): bump @​fastify/multipart from 8.2.0 to 8.3.0 (@​dependabot[bot])
  • #​13666 chore(deps-dev): bump @​typescript-eslint/parser from 7.11.0 to 7.13.0 (@​dependabot[bot])
  • #​13669 chore(deps): bump uuid from 9.0.1 to 10.0.0 (@​dependabot[bot])
  • #​13640 chore(deps-dev): bump nodemon from 3.1.2 to 3.1.3 (@​dependabot[bot])
  • #​13641 chore(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.11.0 to 7.12.0 (@​dependabot[bot])
  • #​13642 chore(deps-dev): bump mongoose from 8.4.0 to 8.4.1 (@​dependabot[bot])
  • #​13651 chore(deps-dev): bump prettier from 3.2.5 to 3.3.1 (@​dependabot[bot])
  • #​13652 chore(deps-dev): bump @​types/node from 20.12.12 to 20.14.2 (@​dependabot[bot])
  • #​13653 chore(deps-dev): bump cache-manager from 5.5.3 to 5.6.1 (@​dependabot[bot])
• platform-ws
  • #​13690 chore(deps): bump ws from 8.17.0 to 8.17.1 (@​dependabot[bot])
• platform-fastify
  • #​13691 chore(deps): bump fastify from 4.27.0 to 4.28.0 (@​dependabot[bot])
• common, core, microservices, platform-express, platform-fastify, platform-socket.io, platform-ws, testing, websockets
  • #​13649 chore(deps): bump tslib from 2.6.2 to 2.6.3 (@​dependabot[bot])

Committers: 4

• () => { } (@​ragavendra)
• Anthony Cyrille (@​ancyrweb)
• Lincoln (@​L-Qun)
• Micael Levi L. Cavalcante (@​micalevisk)

v10.3.9

Compare Source

v10.3.9 (2024-06-03)

Bug fixes

• core
  • #​13453 fix(core): possible memory leak when using server side events (@​zhengjitf)
  • #​13405 fix(core): auto flush logs on synchronous internal errors (@​micalevisk)
• platform-fastify
  • #​13536 feat(fastify): Do not crash if enableVersioning is not used (@​Fcmam5)

Enhancements

• platform-ws
  • #​13531 fix(ws): close existing connections (@​bettercalljason)
• common, core
  • #​13428 feat(common): support empty @Inject() on constructor-based injection (@​micalevisk)
• core
  • #​13614 fix(core): prevent exclude method from overwriting previous calls (@​dragontaek-lee)

Docs

• common
  • #​13471 doc: fix typos & clarify comments (@​le-harivansh)

Dependencies

• Other
  • #​13619 chore(deps-dev): bump @​typescript-eslint/parser from 7.9.0 to 7.11.0 (@​dependabot[bot])
  • #​13631 chore(deps): bump mysql2 from 3.9.7 to 3.9.8 in /sample/05-sql-typeorm (@​dependabot[bot])
  • #​13624 chore(deps-dev): bump mqtt from 5.6.0 to 5.7.0 (@​dependabot[bot])
  • #​13617 chore(deps-dev): bump lint-staged from 15.2.2 to 15.2.5 (@​dependabot[bot])
  • #​13611 chore(deps-dev): bump cache-manager from 5.5.2 to 5.5.3 (@​dependabot[bot])
  • #​13610 chore(deps): bump fast-json-stringify from 5.15.1 to 5.16.0 (@​dependabot[bot])
  • #​13620 chore(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.10.0 to 7.11.0 (@​dependabot[bot])
  • #​13625 chore(deps-dev): bump artillery from 2.0.12 to 2.0.14 (@​dependabot[bot])
  • #​13629 chore(deps-dev): bump nodemon from 3.1.0 to 3.1.2 (@​dependabot[bot])
  • #​13633 chore(deps-dev): bump mysql2 from 3.9.7 to 3.10.0 (@​dependabot[bot])
  • #​13588 chore(deps): bump express and @​nestjs/platform-express in /sample/04-grpc (@​dependabot[bot])
  • #​13591 chore(deps): bump express and @​nestjs/platform-express in /sample/02-gateways (@​dependabot[bot])
  • #​13592 chore(deps): bump express and @​nestjs/platform-express in /sample/01-cats-app (@​dependabot[bot])
  • #​13594 chore(deps-dev): bump core-js from 3.37.0 to 3.37.1 (@​dependabot[bot])
  • #​13595 chore(deps-dev): bump redis from 4.6.13 to 4.6.14 (@​dependabot[bot])
  • #​13596 chore(deps-dev): bump sinon from 17.0.1 to 18.0.0 (@​dependabot[bot])
  • #​13597 chore(deps-dev): bump @​grpc/grpc-js from 1.10.7 to 1.10.8 (@​dependabot[bot])
  • #​13602 chore(deps-dev): bump mongoose from 8.3.4 to 8.4.0 (@​dependabot[bot])
  • #​13605 chore(deps-dev): bump nats from 2.25.0 to 2.26.0 (@​dependabot[bot])
  • #​13606 chore(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.9.0 to 7.10.0 (@​dependabot[bot])
  • #​13590 chore(deps): bump express and @​nestjs/platform-express in /sample/05-sql-typeorm (@​dependabot[bot])
  • #​13589 chore(deps): bump express and @​nestjs/platform-express in /sample/03-microservices (@​dependabot[bot])
  • #​13587 chore(deps): bump express and @​nestjs/platform-express in /sample/08-webpack (@​dependabot[bot])
  • #​13586 chore(deps): bump express and @​nestjs/platform-express in /sample/06-mongoose (@​dependabot[bot])
  • #​13585 chore(deps): bump express and @​nestjs/platform-express in /sample/09-babel-example (@​dependabot[bot])
  • #​13584 chore(deps): bump express and @​nestjs/platform-express in /sample/07-sequelize (@​dependabot[bot])
  • #​13583 chore(deps): bump express and @​nestjs/platform-express in /sample/11-swagger (@​dependabot[bot])
  • #​13576 chore(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.8.0 to 7.9.0 (@​dependabot[bot])
  • #​13567 chore(deps): bump express and @​nestjs/platform-express in /sample/15-mvc (@​dependabot[bot])
  • #​13570 chore(deps): bump express and @​nestjs/platform-express in /sample/19-auth-jwt (@​dependabot[bot])
  • #​13563 chore(deps): bump express and @​nestjs/platform-express in /sample/20-cache (@​dependabot[bot])
  • #​13564 chore(deps): bump express and @​nestjs/platform-express in /sample/21-serializer (@​dependabot[bot])
  • #​13565 chore(deps): bump express and @​nestjs/platform-express in /sample/22-graphql-prisma (@​dependabot[bot])
  • #​13568 chore(deps): bump express and @​nestjs/platform-express in /sample/13-mongo-typeorm (@​dependabot[bot])
  • [#​13569](https://r

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update. You will not get PRs for any future 10.x releases. But if you manually upgrade to 10.x then Renovate will re-enable minor and patch updates automatically.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.