Skip to content

chore(deps): bump the npm_and_yarn group across 22 directories with 6 updates#19

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn-f3ce2823df
Open

chore(deps): bump the npm_and_yarn group across 22 directories with 6 updates#19
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn-f3ce2823df

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Feb 26, 2026

Copy link
Copy Markdown

Bumps the npm_and_yarn group with 1 update in the / directory: qs.
Bumps the npm_and_yarn group with 1 update in the /CopilotKit directory: @langchain/community.
Bumps the npm_and_yarn group with 1 update in the /CopilotKit/examples/next-openai directory: @langchain/community.
Bumps the npm_and_yarn group with 1 update in the /CopilotKit/examples/next-pages-router directory: @langchain/community.
Bumps the npm_and_yarn group with 1 update in the /CopilotKit/packages/runtime directory: @langchain/community.
Bumps the npm_and_yarn group with 1 update in the /CopilotKit/packages/sdk-js directory: @langchain/community.
Bumps the npm_and_yarn group with 1 update in the /docs directory: minimatch.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-ai-researcher/ui directory: ajv and minimatch.
Bumps the npm_and_yarn group with 1 update in the /examples/coagents-qa-native/agent-js directory: fast-xml-parser.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-qa-native/ui directory: ajv and minimatch.
Bumps the npm_and_yarn group with 1 update in the /examples/coagents-qa-text/agent-js directory: fast-xml-parser.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-qa-text/ui directory: ajv and minimatch.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-qa/ui directory: ajv and minimatch.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-research-canvas/agent-js directory: fast-xml-parser and axios.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-research-canvas/ui directory: ajv and minimatch.
Bumps the npm_and_yarn group with 1 update in the /examples/coagents-routing/agent-js directory: fast-xml-parser.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-routing/ui directory: ajv and minimatch.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-shared-state/ui directory: ajv and minimatch.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-starter/ui directory: ajv and minimatch.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-travel/ui directory: ajv and minimatch.
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-wait-user-input/ui directory: ajv and minimatch.
Bumps the npm_and_yarn group with 1 update in the /infra directory: minimatch.

Updates qs from 6.13.1 to 6.15.0

Changelog

Sourced from qs's changelog.

6.15.0

  • [New] parse: add strictMerge option to wrap object/primitive conflicts in an array (#425, #122)
  • [Fix] duplicates option should not apply to bracket notation keys (#514)

6.14.2

  • [Fix] parse: mark overflow objects for indexed notation exceeding arrayLimit (#546)
  • [Fix] arrayLimit means max count, not max index, in combine/merge/parseArrayValue
  • [Fix] parse: throw on arrayLimit exceeded with indexed notation when throwOnLimitExceeded is true (#529)
  • [Fix] parse: enforce arrayLimit on comma-parsed values
  • [Fix] parse: fix error message to reflect arrayLimit as max index; remove extraneous comments (#545)
  • [Robustness] avoid .push, use void
  • [readme] document that addQueryPrefix does not add ? to empty output (#418)
  • [readme] clarify parseArrays and arrayLimit documentation (#543)
  • [readme] replace runkit CI badge with shields.io check-runs badge
  • [meta] fix changelog typo (arrayLengtharrayLimit)
  • [actions] fix rebase workflow permissions

6.14.1

  • [Fix] ensure arrayLimit applies to [] notation as well
  • [Fix] parse: when a custom decoder returns null for a key, ignore that key
  • [Refactor] parse: extract key segment splitting helper
  • [meta] add threat model
  • [actions] add workflow permissions
  • [Tests] stringify: increase coverage
  • [Dev Deps] update eslint, @ljharb/eslint-config, npmignore, es-value-fixtures, for-each, object-inspect

6.14.0

  • [New] parse: add throwOnParameterLimitExceeded option (#517)
  • [Refactor] parse: use utils.combine more
  • [patch] parse: add explicit throwOnLimitExceeded default
  • [actions] use shared action; re-add finishers
  • [meta] Fix changelog formatting bug
  • [Deps] update side-channel
  • [Dev Deps] update es-value-fixtures, has-bigints, has-proto, has-symbols
  • [Tests] increase coverage

6.13.3

[Fix] fix regressions from robustness refactor [actions] update reusable workflows

6.13.2

  • [Robustness] avoid .push, use void
  • [readme] clarify parseArrays and arrayLimit documentation (#543)
  • [readme] document that addQueryPrefix does not add ? to empty output (#418)
  • [readme] replace runkit CI badge with shields.io check-runs badge
  • [actions] fix rebase workflow permissions
Commits
  • d9b4c66 v6.15.0
  • cb41a54 [New] parse: add strictMerge option to wrap object/primitive conflicts in...
  • 88e1563 [Fix] duplicates option should not apply to bracket notation keys
  • 9d441d2 Merge backport release tags v6.0.6–v6.13.3 into main
  • 85cc8ca v6.12.5
  • ffc12aa v6.11.4
  • 0506b11 [actions] update reusable workflows
  • 6a37faf [actions] update reusable workflows
  • 8e8df5a [Fix] fix regressions from robustness refactor
  • d60bab3 v6.10.7
  • Additional commits viewable in compare view

Updates @langchain/community from 0.0.53 to 1.1.18

Release notes

Sourced from @​langchain/community's releases.

@​langchain/community@​1.1.18

Patch Changes

  • #10108 e7576ee Thanks @​hntrl! - fix: replace retired Anthropic model IDs with active replacements

    • Update default model in ChatAnthropic from claude-3-5-sonnet-latest to claude-sonnet-4-5-20250929
    • Regenerate model profiles with latest data from models.dev API
    • Replace retired claude-3-5-haiku-20241022, claude-3-7-sonnet-20250219, claude-3-5-sonnet-20240620, and claude-3-5-sonnet-20241022 in tests, docstrings, and examples
  • #10116 2812d2b Thanks @​hntrl! - Validate redirects in RecursiveUrlLoader to prevent SSRF bypasses.

  • Updated dependencies []:

    • @​langchain/classic@​1.0.19

@​langchain/community@​1.1.16

Patch Changes

@​langchain/community@​1.1.14

Patch Changes

  • #9990 d5e3db0 Thanks @​hntrl! - feat(core): Add SSRF protection module (@langchain/core/utils/ssrf) with utilities for validating URLs against private IPs, cloud metadata endpoints, and localhost.

    fix(community): Harden RecursiveUrlLoader against SSRF attacks by integrating validateSafeUrl and replacing string-based URL comparison with origin-based isSameOrigin from the shared SSRF module.

  • Updated dependencies [d5e3db0, 6939dab, ad581c7]:

    • @​langchain/core@​1.1.21
    • @​langchain/openai@​1.2.7
    • @​langchain/classic@​1.0.17

@​langchain/community@​1.1.12

Patch Changes

@​langchain/community@​1.1.11

Patch Changes

@​langchain/community@​1.1.10

... (truncated)

Commits
  • a591053 chore: version packages (#10110)
  • 2812d2b fix(community): validate redirects in RecursiveUrlLoader (#10116)
  • 0050c91 fix(langchain): reset shared currentSystemMessage on middleware handler retry...
  • 66df7fa fix(anthropic): convert tool_calls to tool_use blocks when AIMessage content ...
  • eed16fa chore(deps): bump actions/stale from 10.1.1 to 10.2.0 in the gh-actions-minor...
  • 02b0d49 chore(deps): bump langsmith from 0.5.4 to 0.5.6 (#10130)
  • 630890a feat(openrouter): default OpenRouter attribution headers (#10109)
  • e7576ee fix(anthropic): replace retired model IDs in tests and mock data (#10108)
  • c0409e6 chore: version packages (#10095)
  • fb2226e Revert "chore(deps): bump ansi-styles from 5.2.0 to 6.2.3" (#10104)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​langchain/community since your current version.


Updates @langchain/community from 0.0.53 to 1.1.18

Release notes

Sourced from @​langchain/community's releases.

@​langchain/community@​1.1.18

Patch Changes

  • #10108 e7576ee Thanks @​hntrl! - fix: replace retired Anthropic model IDs with active replacements

    • Update default model in ChatAnthropic from claude-3-5-sonnet-latest to claude-sonnet-4-5-20250929
    • Regenerate model profiles with latest data from models.dev API
    • Replace retired claude-3-5-haiku-20241022, claude-3-7-sonnet-20250219, claude-3-5-sonnet-20240620, and claude-3-5-sonnet-20241022 in tests, docstrings, and examples
  • #10116 2812d2b Thanks @​hntrl! - Validate redirects in RecursiveUrlLoader to prevent SSRF bypasses.

  • Updated dependencies []:

    • @​langchain/classic@​1.0.19

@​langchain/community@​1.1.16

Patch Changes

@​langchain/community@​1.1.14

Patch Changes

  • #9990 d5e3db0 Thanks @​hntrl! - feat(core): Add SSRF protection module (@langchain/core/utils/ssrf) with utilities for validating URLs against private IPs, cloud metadata endpoints, and localhost.

    fix(community): Harden RecursiveUrlLoader against SSRF attacks by integrating validateSafeUrl and replacing string-based URL comparison with origin-based isSameOrigin from the shared SSRF module.

  • Updated dependencies [d5e3db0, 6939dab, ad581c7]:

    • @​langchain/core@​1.1.21
    • @​langchain/openai@​1.2.7
    • @​langchain/classic@​1.0.17

@​langchain/community@​1.1.12

Patch Changes

@​langchain/community@​1.1.11

Patch Changes

@​langchain/community@​1.1.10

... (truncated)

Commits
  • a591053 chore: version packages (#10110)
  • 2812d2b fix(community): validate redirects in RecursiveUrlLoader (#10116)
  • 0050c91 fix(langchain): reset shared currentSystemMessage on middleware handler retry...
  • 66df7fa fix(anthropic): convert tool_calls to tool_use blocks when AIMessage content ...
  • eed16fa chore(deps): bump actions/stale from 10.1.1 to 10.2.0 in the gh-actions-minor...
  • 02b0d49 chore(deps): bump langsmith from 0.5.4 to 0.5.6 (#10130)
  • 630890a feat(openrouter): default OpenRouter attribution headers (#10109)
  • e7576ee fix(anthropic): replace retired model IDs in tests and mock data (#10108)
  • c0409e6 chore: version packages (#10095)
  • fb2226e Revert "chore(deps): bump ansi-styles from 5.2.0 to 6.2.3" (#10104)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​langchain/community since your current version.


Updates @langchain/community from 0.0.53 to 1.1.18

Release notes

Sourced from @​langchain/community's releases.

@​langchain/community@​1.1.18

Patch Changes

  • #10108 e7576ee Thanks @​hntrl! - fix: replace retired Anthropic model IDs with active replacements

    • Update default model in ChatAnthropic from claude-3-5-sonnet-latest to claude-sonnet-4-5-20250929
    • Regenerate model profiles with latest data from models.dev API
    • Replace retired claude-3-5-haiku-20241022, claude-3-7-sonnet-20250219, claude-3-5-sonnet-20240620, and claude-3-5-sonnet-20241022 in tests, docstrings, and examples
  • #10116 2812d2b Thanks @​hntrl! - Validate redirects in RecursiveUrlLoader to prevent SSRF bypasses.

  • Updated dependencies []:

    • @​langchain/classic@​1.0.19

@​langchain/community@​1.1.16

Patch Changes

@​langchain/community@​1.1.14

Patch Changes

  • #9990 d5e3db0 Thanks @​hntrl! - feat(core): Add SSRF protection module (@langchain/core/utils/ssrf) with utilities for validating URLs against private IPs, cloud metadata endpoints, and localhost.

    fix(community): Harden RecursiveUrlLoader against SSRF attacks by integrating validateSafeUrl and replacing string-based URL comparison with origin-based isSameOrigin from the shared SSRF module.

  • Updated dependencies [d5e3db0, 6939dab, ad581c7]:

    • @​langchain/core@​1.1.21
    • @​langchain/openai@​1.2.7
    • @​langchain/classic@​1.0.17

@​langchain/community@​1.1.12

Patch Changes

@​langchain/community@​1.1.11

Patch Changes

@​langchain/community@​1.1.10

... (truncated)

Commits
  • a591053 chore: version packages (#10110)
  • 2812d2b fix(community): validate redirects in RecursiveUrlLoader (#10116)
  • 0050c91 fix(langchain): reset shared currentSystemMessage on middleware handler retry...
  • 66df7fa fix(anthropic): convert tool_calls to tool_use blocks when AIMessage content ...
  • eed16fa chore(deps): bump actions/stale from 10.1.1 to 10.2.0 in the gh-actions-minor...
  • 02b0d49 chore(deps): bump langsmith from 0.5.4 to 0.5.6 (#10130)
  • 630890a feat(openrouter): default OpenRouter attribution headers (#10109)
  • e7576ee fix(anthropic): replace retired model IDs in tests and mock data (#10108)
  • c0409e6 chore: version packages (#10095)
  • fb2226e Revert "chore(deps): bump ansi-styles from 5.2.0 to 6.2.3" (#10104)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​langchain/community since your current version.


Updates @langchain/community from 0.0.53 to 1.1.18

Release notes

Sourced from @​langchain/community's releases.

@​langchain/community@​1.1.18

Patch Changes

  • #10108 e7576ee Thanks @​hntrl! - fix: replace retired Anthropic model IDs with active replacements

    • Update default model in ChatAnthropic from claude-3-5-sonnet-latest to claude-sonnet-4-5-20250929
    • Regenerate model profiles with latest data from models.dev API
    • Replace retired claude-3-5-haiku-20241022, claude-3-7-sonnet-20250219, claude-3-5-sonnet-20240620, and claude-3-5-sonnet-20241022 in tests, docstrings, and examples
  • #10116 2812d2b Thanks @​hntrl! - Validate redirects in RecursiveUrlLoader to prevent SSRF bypasses.

  • Updated dependencies []:

    • @​langchain/classic@​1.0.19

@​langchain/community@​1.1.16

Patch Changes

@​langchain/community@​1.1.14

Patch Changes

  • #9990 d5e3db0 Thanks @​hntrl! - feat(core): Add SSRF protection module (@langchain/core/utils/ssrf) with utilities for validating URLs against private IPs, cloud metadata endpoints, and localhost.

    fix(community): Harden RecursiveUrlLoader against SSRF attacks by integrating validateSafeUrl and replacing string-based URL comparison with origin-based isSameOrigin from the shared SSRF module.

  • Updated dependencies [d5e3db0, 6939dab, ad581c7]:

    • @​langchain/core@​1.1.21
    • @​langchain/openai@​1.2.7
    • @​langchain/classic@​1.0.17

@​langchain/community@​1.1.12

Patch Changes

@​langchain/community@​1.1.11

Patch Changes

@​langchain/community@​1.1.10

... (truncated)

Commits
  • a591053 chore: version packages (#10110)
  • 2812d2b fix(community): validate redirects in RecursiveUrlLoader (#10116)
  • 0050c91 fix(langchain): reset shared currentSystemMessage on middleware handler retry...
  • 66df7fa fix(anthropic): convert tool_calls to tool_use blocks when AIMessage content ...
  • eed16fa chore(deps): bump actions/stale from 10.1.1 to 10.2.0 in the gh-actions-minor...
  • 02b0d49 chore(deps): bump langsmith from 0.5.4 to 0.5.6 (#10130)
  • 630890a feat(openrouter): default OpenRouter attribution headers (#10109)
  • e7576ee fix(anthropic): replace retired model IDs in tests and mock data (#10108)
  • c0409e6 chore: version packages (#10095)
  • fb2226e Revert "chore(deps): bump ansi-styles from 5.2.0 to 6.2.3" (#10104)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​langchain/community since your current version.


Updates @langchain/community from 0.0.53 to 1.1.18

Release notes

Sourced from @​langchain/community's releases.

@​langchain/community@​1.1.18

Patch Changes

  • #10108 e7576ee Thanks @​hntrl! - fix: replace retired Anthropic model IDs with active replacements

    • Update default model in ChatAnthropic from claude-3-5-sonnet-latest to claude-sonnet-4-5-20250929
    • Regenerate model profiles with latest data from models.dev API
    • Replace retired claude-3-5-haiku-20241022, claude-3-7-sonnet-20250219, claude-3-5-sonnet-20240620, and claude-3-5-sonnet-20241022 in tests, docstrings, and examples
  • #10116 2812d2b Thanks @​hntrl! - Validate redirects in RecursiveUrlLoader to prevent SSRF bypasses.

  • Updated dependencies []:

    • @​langchain/classic@​1.0.19

@​langchain/community@​1.1.16

Patch Changes

@​langchain/community@​1.1.14

Patch Changes

  • #9990 d5e3db0 Thanks @​hntrl! - feat(core): Add SSRF protection module (@langchain/core/utils/ssrf) with utilities for validating URLs against private IPs, cloud metadata endpoints, and localhost.

    fix(community): Harden RecursiveUrlLoader against SSRF attacks by integrating validateSafeUrl and replacing string-based URL comparison with origin-based isSameOrigin from the shared SSRF module.

  • Updated dependencies [d5e3db0, 6939dab, ad581c7]:

    • @​langchain/core@​1.1.21
    • @​langchain/openai@​1.2.7
    • @​langchain/classic@​1.0.17

@​langchain/community@​1.1.12

Patch Changes

@​langchain/community@​1.1.11

Patch Changes

@​langchain/community@​1.1.10

... (truncated)

Commits
  • a591053 chore: version packages (#10110)
  • 2812d2b fix(community): validate redirects in RecursiveUrlLoader (#10116)
  • 0050c91 fix(langchain): reset shared currentSystemMessage on middleware handler retry...
  • 66df7fa fix(anthropic): convert tool_calls to tool_use blocks when AIMessage content ...
  • eed16fa chore(deps): bump actions/stale from 10.1.1 to 10.2.0 in the gh-actions-minor...
  • 02b0d49 chore(deps): bump langsmith from 0.5.4 to 0.5.6 (#10130)
  • 630890a feat(openrouter): default OpenRouter attribution headers (#10109)
  • e7576ee fix(anthropic): replace retired model IDs in tests and mock data (#10108)
  • c0409e6 chore: version packages (#10095)
  • fb2226e Revert "chore(deps): bump ansi-styles from 5.2.0 to 6.2.3" (#10104)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​langchain/community since your current version.


Updates minimatch from 9.0.5 to 9.0.8

Commits

Updates ajv from 6.12.6 to 6.14.0

Commits

Updates minimatch from 3.1.2 to 3.1.5

Commits

Updates fast-xml-parser from 4.5.0 to 4.5.3

Release notes

Sourced from fast-xml-parser's releases.

Summary update on all the previous releases from v4.2.4

  • Multiple minor fixes provided in the validator and parser
  • v6 is added for experimental use.
  • ignoreAttributes support function, and array of string or regex
  • Add support for parsing HTML numeric entities
  • v5 of the application is ESM module now. However, JS is also supported

Note: Release section in not updated frequently. Please check CHANGELOG or Tags for latest release information.

Commits

Updates ajv from 6.12.6 to 6.14.0

Commits

Updates minimatch from 3.1.2 to 3.1.5

Commits

Updates fast-xml-parser from 4.5.0 to 4.5.3

Release notes

Sourced from fast-xml-parser's releases.

Summary update on all the previous releases from v4.2.4

  • Multiple minor fixes provided in the validator and parser
  • v6 is added for experimental use.
  • ignoreAttributes support function, and array of string or regex
  • Add support for parsi...

    Description has been truncated

… updates

Bumps the npm_and_yarn group with 1 update in the / directory: [qs](https://github.com/ljharb/qs).
Bumps the npm_and_yarn group with 1 update in the /CopilotKit directory: [@langchain/community](https://github.com/langchain-ai/langchainjs).
Bumps the npm_and_yarn group with 1 update in the /CopilotKit/examples/next-openai directory: [@langchain/community](https://github.com/langchain-ai/langchainjs).
Bumps the npm_and_yarn group with 1 update in the /CopilotKit/examples/next-pages-router directory: [@langchain/community](https://github.com/langchain-ai/langchainjs).
Bumps the npm_and_yarn group with 1 update in the /CopilotKit/packages/runtime directory: [@langchain/community](https://github.com/langchain-ai/langchainjs).
Bumps the npm_and_yarn group with 1 update in the /CopilotKit/packages/sdk-js directory: [@langchain/community](https://github.com/langchain-ai/langchainjs).
Bumps the npm_and_yarn group with 1 update in the /docs directory: [minimatch](https://github.com/isaacs/minimatch).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-ai-researcher/ui directory: [ajv](https://github.com/ajv-validator/ajv) and [minimatch](https://github.com/isaacs/minimatch).
Bumps the npm_and_yarn group with 1 update in the /examples/coagents-qa-native/agent-js directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-qa-native/ui directory: [ajv](https://github.com/ajv-validator/ajv) and [minimatch](https://github.com/isaacs/minimatch).
Bumps the npm_and_yarn group with 1 update in the /examples/coagents-qa-text/agent-js directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-qa-text/ui directory: [ajv](https://github.com/ajv-validator/ajv) and [minimatch](https://github.com/isaacs/minimatch).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-qa/ui directory: [ajv](https://github.com/ajv-validator/ajv) and [minimatch](https://github.com/isaacs/minimatch).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-research-canvas/agent-js directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) and [axios](https://github.com/axios/axios).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-research-canvas/ui directory: [ajv](https://github.com/ajv-validator/ajv) and [minimatch](https://github.com/isaacs/minimatch).
Bumps the npm_and_yarn group with 1 update in the /examples/coagents-routing/agent-js directory: [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-routing/ui directory: [ajv](https://github.com/ajv-validator/ajv) and [minimatch](https://github.com/isaacs/minimatch).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-shared-state/ui directory: [ajv](https://github.com/ajv-validator/ajv) and [minimatch](https://github.com/isaacs/minimatch).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-starter/ui directory: [ajv](https://github.com/ajv-validator/ajv) and [minimatch](https://github.com/isaacs/minimatch).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-travel/ui directory: [ajv](https://github.com/ajv-validator/ajv) and [minimatch](https://github.com/isaacs/minimatch).
Bumps the npm_and_yarn group with 2 updates in the /examples/coagents-wait-user-input/ui directory: [ajv](https://github.com/ajv-validator/ajv) and [minimatch](https://github.com/isaacs/minimatch).
Bumps the npm_and_yarn group with 1 update in the /infra directory: [minimatch](https://github.com/isaacs/minimatch).


Updates `qs` from 6.13.1 to 6.15.0
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.13.1...v6.15.0)

Updates `@langchain/community` from 0.0.53 to 1.1.18
- [Release notes](https://github.com/langchain-ai/langchainjs/releases)
- [Commits](https://github.com/langchain-ai/langchainjs/compare/0.0.53...@langchain/community@1.1.18)

Updates `@langchain/community` from 0.0.53 to 1.1.18
- [Release notes](https://github.com/langchain-ai/langchainjs/releases)
- [Commits](https://github.com/langchain-ai/langchainjs/compare/0.0.53...@langchain/community@1.1.18)

Updates `@langchain/community` from 0.0.53 to 1.1.18
- [Release notes](https://github.com/langchain-ai/langchainjs/releases)
- [Commits](https://github.com/langchain-ai/langchainjs/compare/0.0.53...@langchain/community@1.1.18)

Updates `@langchain/community` from 0.0.53 to 1.1.18
- [Release notes](https://github.com/langchain-ai/langchainjs/releases)
- [Commits](https://github.com/langchain-ai/langchainjs/compare/0.0.53...@langchain/community@1.1.18)

Updates `@langchain/community` from 0.0.53 to 1.1.18
- [Release notes](https://github.com/langchain-ai/langchainjs/releases)
- [Commits](https://github.com/langchain-ai/langchainjs/compare/0.0.53...@langchain/community@1.1.18)

Updates `minimatch` from 9.0.5 to 9.0.8
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v9.0.5...v9.0.8)

Updates `ajv` from 6.12.6 to 6.14.0
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](ajv-validator/ajv@v6.12.6...v6.14.0)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v9.0.5...v9.0.8)

Updates `fast-xml-parser` from 4.5.0 to 4.5.3
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/NaturalIntelligence/fast-xml-parser/commits)

Updates `ajv` from 6.12.6 to 6.14.0
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](ajv-validator/ajv@v6.12.6...v6.14.0)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v9.0.5...v9.0.8)

Updates `fast-xml-parser` from 4.5.0 to 4.5.3
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/NaturalIntelligence/fast-xml-parser/commits)

Updates `ajv` from 6.12.6 to 6.14.0
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](ajv-validator/ajv@v6.12.6...v6.14.0)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v9.0.5...v9.0.8)

Updates `ajv` from 6.12.6 to 6.14.0
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](ajv-validator/ajv@v6.12.6...v6.14.0)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v9.0.5...v9.0.8)

Updates `fast-xml-parser` from 4.5.0 to 4.5.3
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/NaturalIntelligence/fast-xml-parser/commits)

Updates `axios` from 1.7.9 to 1.13.5
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.7.9...v1.13.5)

Updates `ajv` from 6.12.6 to 6.14.0
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](ajv-validator/ajv@v6.12.6...v6.14.0)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v9.0.5...v9.0.8)

Updates `fast-xml-parser` from 4.5.0 to 4.5.3
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/NaturalIntelligence/fast-xml-parser/commits)

Updates `ajv` from 6.12.6 to 6.14.0
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](ajv-validator/ajv@v6.12.6...v6.14.0)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v9.0.5...v9.0.8)

Updates `ajv` from 6.12.6 to 6.14.0
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](ajv-validator/ajv@v6.12.6...v6.14.0)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v9.0.5...v9.0.8)

Updates `ajv` from 6.12.6 to 6.14.0
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](ajv-validator/ajv@v6.12.6...v6.14.0)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v9.0.5...v9.0.8)

Updates `ajv` from 6.12.6 to 6.14.0
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](ajv-validator/ajv@v6.12.6...v6.14.0)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v9.0.5...v9.0.8)

Updates `ajv` from 6.12.6 to 6.14.0
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](ajv-validator/ajv@v6.12.6...v6.14.0)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v9.0.5...v9.0.8)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v9.0.5...v9.0.8)

---
updated-dependencies:
- dependency-name: qs
  dependency-version: 6.15.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@langchain/community"
  dependency-version: 1.1.18
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@langchain/community"
  dependency-version: 1.1.18
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@langchain/community"
  dependency-version: 1.1.18
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@langchain/community"
  dependency-version: 1.1.18
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@langchain/community"
  dependency-version: 1.1.18
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 9.0.8
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ajv
  dependency-version: 6.14.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: fast-xml-parser
  dependency-version: 4.5.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ajv
  dependency-version: 6.14.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: fast-xml-parser
  dependency-version: 4.5.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ajv
  dependency-version: 6.14.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ajv
  dependency-version: 6.14.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: fast-xml-parser
  dependency-version: 4.5.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.13.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ajv
  dependency-version: 6.14.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: fast-xml-parser
  dependency-version: 4.5.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ajv
  dependency-version: 6.14.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ajv
  dependency-version: 6.14.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ajv
  dependency-version: 6.14.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ajv
  dependency-version: 6.14.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ajv
  dependency-version: 6.14.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 26, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants