Skip to content

chore(deps): bump the prod-deps group across 1 directory with 5 updates#102

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/prod-deps-32356e2ec6
Open

chore(deps): bump the prod-deps group across 1 directory with 5 updates#102
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/prod-deps-32356e2ec6

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 14, 2026

Bumps the prod-deps group with 5 updates in the / directory:

Package From To
@nuxt/eslint 1.13.0 1.15.1
axios 1.13.4 1.13.5
nuxt 4.3.0 4.3.1
vue 3.5.27 3.5.28
vue-router 5.0.1 5.0.2

Updates @nuxt/eslint from 1.13.0 to 1.15.1

Commits

Updates axios from 1.13.4 to 1.13.5

Release notes

Sourced from axios's releases.

v1.13.5

Release 1.13.5

Highlights

  • Security: Fixed a potential Denial of Service issue involving the __proto__ key in mergeConfig. (PR #7369)
  • Bug fix: Resolved an issue where AxiosError could be missing the status field on and after v1.13.3. (PR #7368)

Changes

Security

  • Fix Denial of Service via __proto__ key in mergeConfig. (PR #7369)

Fixes

  • Fix/5657. (PR #7313)
  • Ensure status is present in AxiosError on and after v1.13.3. (PR #7368)

Features / Improvements

  • Add input validation to isAbsoluteURL. (PR #7326)
  • Refactor: bump minor package versions. (PR #7356)

Documentation

  • Clarify object-check comment. (PR #7323)
  • Fix deprecated Buffer constructor usage and README formatting. (PR #7371)

CI / Maintenance

  • Chore: fix issues with YAML. (PR #7355)
  • CI: update workflow YAMLs. (PR #7372)
  • CI: fix run condition. (PR #7373)
  • Dev deps: bump karma-sourcemap-loader from 0.3.8 to 0.4.0. (PR #7360)
  • Chore(release): prepare release 1.13.5. (PR #7379)

New Contributors

Full Changelog: axios/axios@v1.13.4...v1.13.5

Commits
  • 29f7542 chore(release): prepare release 1.13.5 (#7379)
  • 431c3a3 ci: fix run condition (#7373)
  • 9ff3a78 ci: update ymls (#7372)
  • 265b712 docs: fix deprecated Buffer constructor and formatting issues in README (#7371)
  • 475e75a feat: add input validation to isAbsoluteURL (#7326)
  • 28c7215 fix: Denial of Service via proto Key in mergeConfig (#7369)
  • 04cf019 docs: clarify object check comment (#7323)
  • 696fa75 fix: status is missing in AxiosError on and after v1.13.3 (#7368)
  • 569f028 fix: added a option to choose between legacy and the new request/response int...
  • 44b7c9f chore(deps-dev): bump karma-sourcemap-loader (#7360)
  • Additional commits viewable in compare view

Updates nuxt from 4.3.0 to 4.3.1

Release notes

Sourced from nuxt's releases.

v4.3.1

4.3.1 is a regularly scheduled patch release.

👉 Changelog

compare changes

🩹 Fixes

  • nuxt: Correct reference format of server builder (#34177)
  • nuxt: Add status/statusText getters to NuxtError (#34188)
  • nuxt: Don't inject shared types for differing auto-imports (#34191)
  • schema: Add direnv and vendor to default ignore (#34190)
  • nuxt: Focus hash links after navigation (#34193)
  • nuxt: Exclude head runtime from unhead imports transform (#34195)
  • kit: Include prereleases in semver satisfy check (#34210)
  • nitro: Encode unicode paths in x-nitro-prerender header (#34202)
  • nuxt: Watch server/ for builder:watch hook (#34208)
  • nitro: Preserve error.message for fatal errors (#34226)
  • Only enable dynamic imports when ts plugin (#34205)
  • webpack: Use H3Error for 403 in dev server (#34233)
  • nuxt: Ensure NuxtError extends Error type (#34242)
  • vite: Use H3Error for 404 in dev server (#34225)
  • nuxt: Add backwards compat for #app barrel export in keyed functions (#34199)
  • nuxt: Track + re-add custom routes on hmr (#32044)
  • nuxt: Keep vnode when leaving deeper nested route (#33778)
  • vite: Prevent CSS flickering in dev mode after config changes (#33856)
  • nuxt: Do not start view transition if there is no route (#33723)
  • nuxt: Call deferHydration done on NuxtPage unmount (#34152)
  • nuxt: Handle invalid datetime in ` (#33992)
  • nuxt: Preserve middleware error status in 404 fallback (#34148)
  • nitro: Do not augment nuxt/schema (#34255)
  • nuxt: Cache manifest files to preserve buildId (#34002)
  • nuxt: Don't decode query string in SSR context URL (#34252)
  • nuxt: Allow specifying moduleDependencies by meta.name (#34263)
  • nuxt: Resolve #components import mapping conflict for packages outside rootDir (#34139)
  • vite,webpack: Use node.res to send 403/404 (#34266)
  • nitro,nuxt: Align path encoding with vue-router (#34265)
  • nitro: Augment nuxt/schema once more (552bbd8d1)

💅 Refactors

  • nuxt: Prefer genObjectKey to omit unnecessary quotes (#34245)
  • nuxt: Use ComponentProps helper to extract layout props (#34248)

📖 Documentation

  • Update roadmap dates (#34166)
  • Correct default value of nitroAutoImports (#34182)
  • Clarify shared type context limitations for custom imports (#34194)
  • Fix broken links (#34223)
  • Document payload extraction for ISR/SWR routes (#34222)
  • Update default aliases in configuration reference (#34237)

... (truncated)

Commits
  • 7f7baf6 v4.3.1
  • 28791b3 chore(deps): update dependency @​nuxt/telemetry to ^2.7.0 (main) (#34275)
  • 81a7f5e chore(deps): upgrade to nuxt/test-utils v4 (#34271)
  • 9b27e48 chore(deps): update all non-major dependencies (main) (#34184)
  • cb054d4 fix(nitro,nuxt): align path encoding with vue-router (#34265)
  • 8e4f35f fix(nuxt): resolve #components import mapping conflict for packages outside...
  • fff8992 fix(nuxt): cache manifest files to preserve buildId (#34002)
  • 557021d fix(nuxt): preserve middleware error status in 404 fallback (#34148)
  • 8347f85 fix(nuxt): handle invalid datetime in <NuxtTime>` (#33992)
  • 6ef337b fix(nuxt): call deferHydration done on NuxtPage unmount (#34152)
  • Additional commits viewable in compare view

Updates vue from 3.5.27 to 3.5.28

Release notes

Sourced from vue's releases.

v3.5.28

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

Changelog

Sourced from vue's changelog.

3.5.28 (2026-02-09)

Bug Fixes

  • transition: avoid unexpected cancelled parameter in transition done callback (#14391) (6798853)
  • compiler-sfc: add resolution trying for .mts/.cts files (#14402) (c09d41f), closes vuejs/router#2611
  • compiler-sfc: no params were generated when using withDefaults (#12823) (b0a1f05), closes #12822
  • reactivity: add __v_skip flag to EffectScope to prevent reactive conversion (#14359) (48b7552), closes #14357
  • runtime-core: avoid retaining el on cached text vnodes during static traversal (#14419) (4ace79a), closes #14134
  • runtime-core: prevent child component updates when style remains unchanged (#12825) (57866b5), closes #12826
  • runtime-core: properly handle async component update before resolve (#11619) (e71c26c), closes #11617
  • runtime-dom: handle null/undefined handler in withModifiers (#14362) (261de54), closes #14361
  • teleport: properly handling disabled teleport target anchor (#14417) (d7bcd85), closes #14412
  • transition-group: correct move translation under scale via element rect (#14360) (0243a79), closes #14356
  • useTemplateRef: don't update setup ref for useTemplateRef key (#12756) (fc40ca0), closes #12749
Commits
  • 1bdeb33 release: v3.5.28
  • e71c26c fix(runtime-core): properly handle async component update before resolve (#11...
  • 57866b5 fix(runtime-core): prevent child component updates when style remains unchang...
  • b0a1f05 fix(compiler-sfc): no params were generated when using withDefaults (#12823)
  • 48b7552 fix(reactivity): add __v_skip flag to EffectScope to prevent reactive convers...
  • 0243a79 fix(transition-group): correct move translation under scale via element rect ...
  • 261de54 fix(runtime-dom): handle null/undefined handler in withModifiers (#14362)
  • fc40ca0 fix(useTemplateRef): don't update setup ref for useTemplateRef key (#12756)
  • 6798853 fix: avoid unexpected cancelled parameter in transition done callback (#1...
  • 4ace79a fix(runtime-core): avoid retaining el on cached text vnodes during static tra...
  • Additional commits viewable in compare view

Updates vue-router from 5.0.1 to 5.0.2

Release notes

Sourced from vue-router's releases.

v5.0.2

   🐞 Bug Fixes

    View changes on GitHub
Commits
  • 758f70f release: vue-router@5.0.2
  • 90e4bb8 fix: loose version check vue-router
  • 085bbdc test: add missing STRIP_DEVTOOLS and FEATURE_PROD_DEVTOOLS to Vite co...
  • b322635 test: define globals
  • 022758a fix(volar): empty options
  • 0392906 docs: note about devtools
  • 7c0d8b4 docs: update version
  • 58c033c fix: remove devtools from iife build
  • 0a6c674 refactor: cleanup dead code
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the prod-deps group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@nuxt/eslint](https://github.com/nuxt/eslint/tree/HEAD/packages/module) | `1.13.0` | `1.15.1` |
| [axios](https://github.com/axios/axios) | `1.13.4` | `1.13.5` |
| [nuxt](https://github.com/nuxt/nuxt/tree/HEAD/packages/nuxt) | `4.3.0` | `4.3.1` |
| [vue](https://github.com/vuejs/core) | `3.5.27` | `3.5.28` |
| [vue-router](https://github.com/vuejs/router) | `5.0.1` | `5.0.2` |



Updates `@nuxt/eslint` from 1.13.0 to 1.15.1
- [Release notes](https://github.com/nuxt/eslint/releases)
- [Commits](https://github.com/nuxt/eslint/commits/v1.15.1/packages/module)

Updates `axios` from 1.13.4 to 1.13.5
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.13.4...v1.13.5)

Updates `nuxt` from 4.3.0 to 4.3.1
- [Release notes](https://github.com/nuxt/nuxt/releases)
- [Commits](https://github.com/nuxt/nuxt/commits/v4.3.1/packages/nuxt)

Updates `vue` from 3.5.27 to 3.5.28
- [Release notes](https://github.com/vuejs/core/releases)
- [Changelog](https://github.com/vuejs/core/blob/main/CHANGELOG.md)
- [Commits](vuejs/core@v3.5.27...v3.5.28)

Updates `vue-router` from 5.0.1 to 5.0.2
- [Release notes](https://github.com/vuejs/router/releases)
- [Commits](vuejs/router@v5.0.1...v5.0.2)

---
updated-dependencies:
- dependency-name: "@nuxt/eslint"
  dependency-version: 1.15.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps
- dependency-name: axios
  dependency-version: 1.13.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps
- dependency-name: nuxt
  dependency-version: 4.3.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps
- dependency-name: vue
  dependency-version: 3.5.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps
- dependency-name: vue-router
  dependency-version: 5.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 14, 2026
@github-actions
Copy link

PR Preview Action v1.8.1

QR code for preview link

🚀 View preview at
https://beta.not-th.re/pr-preview/pr-102/

Built to branch html-previews at 2026-02-14 20:35 UTC.
Preview will be ready when the GitHub Pages deployment is complete.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code package

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants