chore(deps): bump the patch-updates group with 28 updates

[dependabot]

Bumps the patch-updates group with 28 updates:

Package	From	To
axios	1.16.0	1.16.1
qs	6.15.1	6.15.2
ts-jest	29.4.9	29.4.11
@nestjs/cli	11.0.10	11.0.21
@nestjs/common	11.1.19	11.1.23
@nestjs/core	11.1.19	11.1.23
@nestjs/microservices	11.1.19	11.1.23
@nestjs/platform-express	11.1.19	11.1.23
@nestjs/platform-socket.io	11.1.19	11.1.23
@nestjs/swagger	11.4.2	11.4.4
@nestjs/testing	11.1.19	11.1.23
@nestjs/websockets	11.1.19	11.1.23
@angular-devkit/core	19.2.15	19.2.24
@angular-devkit/schematics-cli	19.2.15	19.2.24
@angular-devkit/schematics	19.2.15	19.2.24
ansis	4.1.0	4.2.0
baseline-browser-mapping	2.10.27	2.10.32
caniuse-lite	1.0.30001792	1.0.30001793
electron-to-chromium	1.5.352	1.5.361
engine.io	6.6.7	6.6.8
es-module-lexer	1.7.0	2.1.0
node-releases	2.0.38	2.0.46
socket.io-adapter	2.5.6	2.5.7
swagger-ui-dist	5.32.4	5.32.5
terser-webpack-plugin	5.5.0	5.6.0
terser	5.47.1	5.48.0
webpack-sources	3.4.1	3.5.0
webpack	5.100.2	5.106.0

Updates axios from 1.16.0 to 1.16.1

Release notes

Sourced from axios's releases.

v1.16.1 — May 13, 2026

This release ships a defence-in-depth fix for prototype pollution in formDataToJSON, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.

🔒 Security Fixes

• Prototype Pollution Defence-in-Depth: Hardened formDataToJSON against already-polluted Object.prototype by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (#7413)
• Proxy Cleartext Leak: Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (#10858)
• CI Cache Removal: Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (#10882)

🐛 Bug Fixes

• Data URI Parsing: Updated the fromDataURI regex to match RFC 2397 more strictly, fixing edge cases in data: URL handling. (#10829)
• Unicode Headers: Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (#10850)
• XHR Upload Progress: Guarded against malformed ProgressEvent payloads emitted by some environments during XHR upload, preventing crashes when loaded / total are missing or invalid. (#10868)
• Webpack 4 Fetch Adapter: Fixed an "unexpected token" error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (#10864)
• Type Definitions: Made parseReviver context.source optional in the type definitions to align with the ES2023 specification. (#10837)
• URL Object Support Reverted: Reverted the change that allowed passing a URL object as config.url (originally #10866) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (#10874)

🔧 Maintenance & Chores

• Cycle Detection Refactor: Replaced the array-based cycle tracker in toJSONObject with a WeakSet, improving performance and memory behaviour on large nested structures. (#10832)
• composeSignals Cleanup: Refactored composeSignals to use a clearer early-return structure, simplifying the cancellation/abort composition path. (#10844)
• AI Readiness & Repo Docs: Added AGENTS.md and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (#10835, #10841)
• Docs Improvements: Clarified the GET request example, fixed the interceptor eject example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (#10836, #10853, #10856)
• Sponsorship Tooling: Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (#10843, #10859, #10869)
• Dependencies: Bumped @commitlint/cli from 20.5.0 to 20.5.2. (#10846)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

• @​hpinmetaverse (#10836)
• @​tommyhgunz14 (#7413)
• @​abhu85 (#10829)
• @​divyanshuraj1095 (#10853)
• @​sagodi97 (#10856)
• @​rkdfx (#10868)
• @​Liuwei1125 (#10866)

Full Changelog

Changelog

Sourced from axios's changelog.

v1.16.1 — May 13, 2026

This release ships a defence-in-depth fix for prototype pollution in formDataToJSON, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.

🔒 Security Fixes

• Prototype Pollution Defence-in-Depth: Hardened formDataToJSON against already-polluted Object.prototype by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (#7413)
• Proxy Cleartext Leak: Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (#10858)
• CI Cache Removal: Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (#10882)

🐛 Bug Fixes

• Data URI Parsing: Updated the fromDataURI regex to match RFC 2397 more strictly, fixing edge cases in data: URL handling. (#10829)
• Unicode Headers: Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (#10850)
• XHR Upload Progress: Guarded against malformed ProgressEvent payloads emitted by some environments during XHR upload, preventing crashes when loaded / total are missing or invalid. (#10868)
• Webpack 4 Fetch Adapter: Fixed an "unexpected token" error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (#10864)
• Type Definitions: Made parseReviver context.source optional in the type definitions to align with the ES2023 specification. (#10837)
• URL Object Support Reverted: Reverted the change that allowed passing a URL object as config.url (originally #10866) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (#10874)

🔧 Maintenance & Chores

• Cycle Detection Refactor: Replaced the array-based cycle tracker in toJSONObject with a WeakSet, improving performance and memory behaviour on large nested structures. (#10832)
• composeSignals Cleanup: Refactored composeSignals to use a clearer early-return structure, simplifying the cancellation/abort composition path. (#10844)
• AI Readiness & Repo Docs: Added AGENTS.md and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (#10835, #10841)
• Docs Improvements: Clarified the GET request example, fixed the interceptor eject example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (#10836, #10853, #10856)
• Sponsorship Tooling: Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (#10843, #10859, #10869)
• Dependencies: Bumped @commitlint/cli from 20.5.0 to 20.5.2. (#10846)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

• @​hpinmetaverse (#10836)
• @​tommyhgunz14 (#7413)
• @​abhu85 (#10829)
• @​divyanshuraj1095 (#10853)
• @​sagodi97 (#10856)
• @​rkdfx (#10868)
• @​Liuwei1125 (#10866)

Full Changelog

Commits

• 1337d6b chore(release): prepare release 1.16.1 (#10877)
• 858a790 fix: remove all caches (#10882)
• 34adfd9 revert: "fix: support URL object as config.url input (#10866)" (#10874)
• 847d89b fix: support URL object as config.url input (#10866)
• 4094886 fix(progress): guard malformed XHR upload events (#10868)
• 44f0c5b chore: change sponsorship link and add Twicsy advertisement (#10869)
• 64e1095 chore: update PR and issue template to use h2 (#10865)
• 3e6b4e1 fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...
• c4453ba fix: add the ability to add additional sponsors to the process sponsors scrip...
• caa00a9 fix: https data in cleartext to proxy (#10858)
• Additional commits viewable in compare view

Updates qs from 6.15.1 to 6.15.2

Changelog

Sourced from qs's changelog.

6.15.2

• [Fix] stringify: skip null/undefined entries in arrayFormat: 'comma' + encodeValuesOnly instead of crashing in encoder
• [Fix] stringify: use configured delimiter after charsetSentinel (#555)
• [Fix] stringify: apply formatter to encoded key under strictNullHandling (#554)
• [Fix] stringify: skip null/undefined filter-array entries instead of crashing in encoder (#551)
• [Fix] parse: handle nested bracket groups and add regression tests (#530)
• [readme] fix grammar (#550)
• [Dev Deps] update @ljharb/eslint-config
• [Tests] add regression tests for keys containing percent-encoded bracket text

Commits

• 9aca407 v6.15.2
• 5e33d33 [Dev Deps] update @ljharb/eslint-config
• 21f80b3 [Fix] stringify: skip null/undefined entries in arrayFormat: 'comma' + `e...
• a0a81ea [Fix] stringify: use configured delimiter after charsetSentinel
• e3062f7 [Fix] stringify: apply formatter to encoded key under strictNullHandling
• 0c180a4 [Fix] stringify: skip null/undefined filter-array entries instead of crashi...
• 3a8b94a [Tests] add regression tests for keys containing percent-encoded bracket text
• 96755ab [readme] fix grammar
• a419ce5 [Fix] parse: handle nested bracket groups and add regression tests
• See full diff in compare view

Updates ts-jest from 29.4.9 to 29.4.11

Release notes

Sourced from ts-jest's releases.

v29.4.11

Please refer to CHANGELOG.md for details.

v29.4.10

Please refer to CHANGELOG.md for details.

Changelog

Sourced from ts-jest's changelog.

29.4.11 (2026-05-21)

Bug Fixes

• preserve Bundler on the CJS path under TypeScript >= 6 (3941818), closes #4198

29.4.10 (2026-05-18)

Bug Fixes

• pass resolutionMode to ts.resolveModuleName for hybrid module support (b557a85)
• rebuild Program when consecutive compiles need different module kinds (a82a2b3), closes #4774
• respect tsconfig moduleResolution instead of forcing Node10 (1bffffc)
• transformer: transpile mjs files from node_modules for CJS mode (96d025d)
• transformer: use a consistent comparator in hoist-jest sortStatements (8a8fd2f)

Commits

• bff2d64 chore(release): 29.4.11
• 3941818 fix: preserve Bundler on the CJS path under TypeScript >= 6
• efb3c2f build(deps): bump webpack-dev-server from 5.2.2 to 5.2.4 in /website
• 4e46fad ci: refactor release workflow
• 96b3ac0 chore(release): 29.4.10
• e98ec64 build(deps): update github/codeql-action digest to 458d36d
• 21ac58f build(deps): update jest packages
• 0fdc96d build(deps): update dependency semver to ^7.8.0
• 4b95551 build(deps): update dependency jest-environment-jsdom to ^30.4.1 (#5311)
• 7b88447 build(deps): update eslint packages to ^8.59.3 (#5310)
• Additional commits viewable in compare view

Updates @nestjs/cli from 11.0.10 to 11.0.21

Release notes

Sourced from @​nestjs/cli's releases.

Release 11.0.21

• fix: revert #3315 due to #3390 (255a559c)

Release 11.0.20

• fix: revert #3313 due to #3391 and #3390 (705bb7da)
• chore(deps): update swc monorepo (8496c768)
• fix(assets-manager): return promise from close watchers (2181947d)
• fix(swc): fix inverted chokidar ignored filter in watch mode (a3890cba)
• fix: add type annotations to caught errors (c46ddd71)

Release 11.0.19

What's Changed

• fix(types): correct Asset type definition from string literal to string union by @​yogeshwaran-c in nestjs/nest-cli#3323
• fix(generate): use selected project name for specFileSuffix lookup by @​yogeshwaran-c in nestjs/nest-cli#3325
• fix(info): add missing space in os version display by @​yogeshwaran-c in nestjs/nest-cli#3321
• fix(compiler): run tsconfig paths plugin before user plugins in tsc compiler by @​yogeshwaran-c in nestjs/nest-cli#3326
• fix(start): skip signal forwarding in watch mode by @​maruthang in nestjs/nest-cli#3338
• feat(compiler): resolve path aliases in declaration files by @​maruthang in nestjs/nest-cli#3344
• fix(deps): update angular-cli monorepo to v19.2.24 by @​renovate[bot] in nestjs/nest-cli#3337

Full Changelog: nestjs/nest-cli@11.0.18...11.0.19

11.0.18

What's Changed

• fix(build): delete tsbuildinfo file with out dir (#3312) by @​maruthang in nestjs/nest-cli#3317
• fix(swc): prevent double initialization in watch mode by @​maruthang in nestjs/nest-cli#3316
• fix(swc): respect root dir option for strip leading paths by @​maruthang in nestjs/nest-cli#3318
• fix(cli): error on unexpected extra positional arguments by @​maruthang in nestjs/nest-cli#3314
• fix(start): wait for async shutdown hooks before exiting by @​maruthang in nestjs/nest-cli#3313
• fix(assets): use ready event for watcher closing by @​maruthang in nestjs/nest-cli#3315
• fix: expand @​swc/cli peer range to include ^0.8.0 by @​wwenrr in nestjs/nest-cli#3309
• chore(deps): update dependency @​nestjs/schematics to v11.0.10 by @​renovate[bot] in nestjs/nest-cli#3300
• refactor(compiler): potential undefined access in getWebpackConfigPath by @​zendy199x in nestjs/nest-cli#3296
• fix(deps): update angular-cli monorepo to v19.2.23 by @​renovate[bot] in nestjs/nest-cli#3299

New Contributors

• @​maruthang made their first contribution in nestjs/nest-cli#3317
• @​wwenrr made their first contribution in nestjs/nest-cli#3309
• @​zendy199x made their first contribution in nestjs/nest-cli#3296

Full Changelog: nestjs/nest-cli@11.0.17...11.0.18

Release 11.0.17

What's Changed

• fix(deps): update angular-cli monorepo to v19.2.23 by @​renovate[bot] in nestjs/nest-cli#3274
• fix(deps): update dependency webpack to v5.105.4 by @​renovate[bot] in nestjs/nest-cli#3273
• fix(deps): update dependency glob to v13.0.6 by @​renovate[bot] in nestjs/nest-cli#3271

... (truncated)

Commits

• 07cdd40 chore(): release v11.0.21
• 255a559 fix: revert #3315 due to #3390
• cc0e745 chore(): release v11.0.20
• 705bb7d fix: revert #3313 due to #3391 and #3390
• 76a8e0d Merge pull request #3266 from nestjs/renovate/swc-monorepo
• 8496c76 chore(deps): update swc monorepo
• cf6d610 Merge pull request #3346 from yogeshwaran-c/fix/swc-watcher-ignored-filter
• fcdc934 Merge pull request #3347 from yogeshwaran-c/fix/assets-manager-close-watchers...
• 299d724 Merge pull request #3350 from yogeshwaran-c/test/remaining-flags
• dd78c4a Merge pull request #3372 from nestjs/renovate/prettier-3.x
• Additional commits viewable in compare view

Updates @nestjs/common from 11.1.19 to 11.1.23

Release notes

Sourced from @​nestjs/common's releases.

v11.1.23 (2026-05-21)

Bug fixes

• core
  • nestjs/nest#16998 fix snapshot: true eagerly instantiates Terminus transient indicators since 11.1.20

Committers: 1

• Kamil Mysliwiec (@​kamilmysliwiec)

v11.1.22 (2026-05-21)

Bug fixes

• core
  • #16993 fix(core): inflight request injection bug #16989 (@​kamilmysliwiec)

Enhancements

• core
  • #16967 fix(core): identify decorator type in invalid-class-module error (@​HarrierOnChain)

Committers: 2

• Harrier (@​HarrierOnChain)
• Kamil Mysliwiec (@​kamilmysliwiec)

v11.1.21 (2026-05-14)

Bug fixes

• core
  • #16948 fix(core): settle skipped provider initialization (@​yudin-s)

Committers: 1

• Serge Yudin (@​yudin-s)

v11.1.20 (2026-05-13)

Bug fixes

• core, testing
  • #16939 fix(core): fix deeply nested transient providers resolution (@​kamilmysliwiec)
• core
  • #16861 fix(core): fix @​Sse losing events on complete (@​MatthiasBrehmer)
  • #16753 fix(core): defer sse writehead until after lifecycle completes (@​jkalberer)
  • #16782 fix(core): use strict null check for SSE message id (@​burhanharoon)
• microservices
  • #16850 fix(microservices): ServerRMQ crashes at boot when @​MessagePattern(undefined) is combined with wildcards: true (@​lavieennoir)
• common
  • #16845 fix(common): accept zero timestamp in parse date pipe (@​Mysh3ll)
• platform-socket.io
  • #16742 fix(socket.io): Deduplicate disconnect listener in bindMessageHandlers (@​fru1tworld)

Enhancements

• microservices

... (truncated)

Commits

• b8be8c1 chore(release): publish v11.1.23 release
• 801c46f chore(release): publish v11.1.22 release
• 983dd52 chore(release): publish v11.1.21 release
• a0b0139 chore: update readme
• 7caeb3f chore(release): publish v11.1.20 release
• f6a3c2f fix(docs): update some old links in docs
• 4b6420b Merge pull request #16902 from QusaiAlbonni/fix/filetype-validator-buffer-mes...
• 33515ed fix(common): improve missing buffer error message in file type validator
• 9226a6f fix: Add missing validateEach for UsePipes
• 1501bc0 fix(common): accept zero timestamp in parse date pipe
• See full diff in compare view

Updates @nestjs/core from 11.1.19 to 11.1.23

Release notes

Sourced from @​nestjs/core's releases.

v11.1.23 (2026-05-21)

Bug fixes

• core
  • nestjs/nest#16998 fix snapshot: true eagerly instantiates Terminus transient indicators since 11.1.20

Committers: 1

• Kamil Mysliwiec (@​kamilmysliwiec)

v11.1.22 (2026-05-21)

Bug fixes

• core
  • #16993 fix(core): inflight request injection bug #16989 (@​kamilmysliwiec)

Enhancements

• core
  • #16967 fix(core): identify decorator type in invalid-class-module error (@​HarrierOnChain)

Committers: 2

• Harrier (@​HarrierOnChain)
• Kamil Mysliwiec (@​kamilmysliwiec)

v11.1.21 (2026-05-14)

Bug fixes

• core
  • #16948 fix(core): settle skipped provider initialization (@​yudin-s)

Committers: 1

• Serge Yudin (@​yudin-s)

v11.1.20 (2026-05-13)

Bug fixes

• core, testing
  • #16939 fix(core): fix deeply nested transient providers resolution (@​kamilmysliwiec)
• core
  • #16861 fix(core): fix @​Sse losing events on complete (@​MatthiasBrehmer)
  • #16753 fix(core): defer sse writehead until after lifecycle completes (@​jkalberer)
  • #16782 fix(core): use strict null check for SSE message id (@​burhanharoon)
• microservices
  • #16850 fix(microservices): ServerRMQ crashes at boot when @​MessagePattern(undefined) is combined with wildcards: true (@​lavieennoir)
• common
  • #16845 fix(common): accept zero timestamp in parse date pipe (@​Mysh3ll)
• platform-socket.io
  • #16742 fix(socket.io): Deduplicate disconnect listener in bindMessageHandlers (@​fru1tworld)

Enhancements

• microservices

... (truncated)

Commits

• b8be8c1 chore(release): publish v11.1.23 release
• 5de10df fix: should skip transient providers for snapshots
• 801c46f chore(release): publish v11.1.22 release
• 260b8ec fix(core): inflight request injection bug #16989
• 16aceab fix(core): include received value type in invalid-module error
• 79919b1 fix(core): identify decorator type in invalid-class-module error
• 983dd52 chore(release): publish v11.1.21 release
• d48f21d fix(core): settle skipped provider initialization
• a0b0139 chore: update readme
• 7caeb3f chore(release): publish v11.1.20 release
• Additional commits viewable in compare view

Updates @nestjs/microservices from 11.1.19 to 11.1.23

Release notes

Sourced from @​nestjs/microservices's releases.

v11.1.23 (2026-05-21)

Bug fixes

• core
  • nestjs/nest#16998 fix snapshot: true eagerly instantiates Terminus transient indicators since 11.1.20

Committers: 1

• Kamil Mysliwiec (@​kamilmysliwiec)

v11.1.22 (2026-05-21)

Bug fixes

• core
  • #16993 fix(core): inflight request injection bug #16989 (@​kamilmysliwiec)

Enhancements

• core
  • #16967 fix(core): identify decorator type in invalid-class-module error (@​HarrierOnChain)

Committers: 2

• Harrier (@​HarrierOnChain)
• Kamil Mysliwiec (@​kamilmysliwiec)

v11.1.21 (2026-05-14)

Bug fixes

• core
  • #16948 fix(core): settle skipped provider initialization (@​yudin-s)

Committers: 1

• Serge Yudin (@​yudin-s)

v11.1.20 (2026-05-13)

Bug fixes

• core, testing
  • #16939 fix(core): fix deeply nested transient providers resolution (@​kamilmysliwiec)
• core
  • #16861 fix(core): fix @​Sse losing events on complete (@​MatthiasBrehmer)
  • #16753 fix(core): defer sse writehead until after lifecycle completes (@​jkalberer)
  • #16782 fix(core): use strict null check for SSE message id (@​burhanharoon)
• microservices
  • #16850 fix(microservices): ServerRMQ crashes at boot when @​MessagePattern(undefined) is combined with wildcards: true (@​lavieennoir)
• common
  • #16845 fix(common): accept zero timestamp in parse date pipe (@​Mysh3ll)
• platform-socket.io
  • #16742 fix(socket.io): Deduplicate disconnect listener in bindMessageHandlers (@​fru1tworld)

Enhancements

• microservices

... (truncated)

Commits

• b8be8c1 chore(release): publish v11.1.23 release
• 801c46f chore(release): publish v11.1.22 release
• 983dd52 chore(release): publish v11.1.21 release
• a0b0139 chore: update readme
• 7caeb3f chore(release): publish v11.1.20 release
• 49c69a6 Merge pull request #16676 from Forceres/feat/client-redis-binary-format
• f6a3c2f fix(docs): update some old links in docs
• 9591915 fix(microservices): skip non-string handler keys in rmq server
• 0935d09 feat(microservices): handle rmq blocked/unblocked connection events
• 48fcc26 feat(microservices): add return buffers option for binary data
• See full diff in compare view

Updates @nestjs/platform-express from 11.1.19 to 11.1.23

Release notes

Sourced from @​nestjs/platform-express's releases.

v11.1.23 (2026-05-21)

Bug fixes

• core
  • nestjs/nest#16998 fix snapshot: true eagerly instantiates Terminus transient indicators since 11.1.20

Committers: 1

• Kamil Mysliwiec (@​kamilmysliwiec)

v11.1.22 (2026-05-21)

Bug fixes

• core
  • #16993 fix(core): inflight request injection bug #16989 (@​kamilmysliwiec)

Enhancements

• core
  • #16967 fix(core): identify decorator type in invalid-class-module error (@​HarrierOnChain)

Committers: 2

• Harrier (@​HarrierOnChain)
• Kamil Mysliwiec (@​kamilmysliwiec)

v11.1.21 (2026-05-14)

Bug fixes

• core
  • #16948 fix(core): settle skipped provider initialization (@​yudin-s)

Committers: 1

• Serge Yudin (@​yudin-s)

v11.1.20 (2026-05-13)

Bug fixes

• core, testing
  • #16939 fix(core): fix deeply nested transient providers resolution (@​kamilmysliwiec)
• core
  • #16861 fix(core): fix @​Sse losing events on complete (@​MatthiasBrehmer)
  • #16753 fix(core): defer sse writehead until after lifecycle completes (@​jkalberer)
  • #16782 fix(core): use strict null check for SSE message id (@​burhanharoon)
• microservices
  • #16850 fix(microservices): ServerRMQ crashes at boot when @​MessagePattern(undefined) is combined with wildcards: true (@​lavieennoir)
• common
  • #16845 fix(common): accept zero timestamp in parse date pipe (@​Mysh3ll)
• platform-socket.io
  • #16742 fix(socket.io): Deduplicate disconnect listener in bindMessageHandlers (@​fru1tworld)

Enhancements

• microservices

... (truncated)

Commits

• b8be8c1 chore(release): publish v11.1.23 release
• 801c46f chore(release): publish v11.1.22 release
• 983dd52 chore(release): publish v11.1.21 release
• a0b0139 chore: update readme
• 7caeb3f chore(release): publish v11.1.20 release
• f6a3c2f fix(docs): update some old links in docs
• 5e33ecf feat: add MulterOptions and MulterField interfaces for express platform confi...
• See full diff in compare view

Updates @nestjs/platform-socket.io from 11.1.19 to 11.1.23

Release notes

Sourced from @​nestjs/platform-socket.io's releases.

v11.1.23 (2026-05-21)

Bug fixes

• core
  • nestjs/nest#16998 fix snapshot: true eagerly instantiates Terminus transient indicators since 11.1.20

Committers: 1

• Kamil Mysliwiec (@​kamilmysliwiec)

v11.1.22 (2026-05-21)

Bug fixes

• core
  • #16993 fix(core): inflight request injection bug #16989 (@​kamilmysliwiec)

Enhancements

• core
  • #16967 fix(core): identify decorator type in invalid-class-module error (@​HarrierOnChain)

Committers: 2

• Harrier (@​HarrierOnChain)
• Kamil Mysliwiec (@​kamilmysliwiec)

v11.1.21 (2026-05-14)

Bug fixes

• core
  • #16948 fix(core): settle skipped provider initialization (@​yudin-s)

Committers: 1

• Serge Yudin (@​yudin-s)

v11.1.20 (2026-05-13)

Bug fixes

• core, testing
  • #16939 fix(core): fix deeply nested transient providers resolution (@​kamilmysliwiec)
• core
  • #16861 fix(core): fix @​Sse losing events on complete (@​MatthiasBrehmer)
  • #16753 fix(core): defer sse writehead until after lifecycle completes (@​jkalberer)
  • #16782 fix(core): use strict null check for SSE message id (@​burhanharoon)
• microservices
  • #16850 fix(microservices): ServerRMQ crashes at boot when @​MessagePattern(undefined) is combined with wildcards: true (@​lavieennoir)
• common
  • #16845 fix(common): accept zero timestamp in parse date pipe (@​Mysh3ll)
• platform-socket.io
  • #16742 fix(socket.io): Deduplicate disconnect listener in bindMessageHandlers (@​fru1tworld)

Enhancements

• microservices

... (truncated)

Commits

• b8be8c1 chore(release): publish v11.1.23 release
• 801c46f chore(release): publish v11.1.22 release
• 983dd52 chore(release): publish v11.1.21 release
• Description has been truncated

[dependabot]

Labels

The following labels could not be found: pnpm. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud