Bump the npm_and_yarn group across 1 directory with 7 updates by dependabot[bot] · Pull Request #25 · AnyVM-Tech/AnyGPT

dependabot · 2026-02-14T07:04:35Z

Bumps the npm_and_yarn group with 6 updates in the / directory:

Package	From	To
pnpm	`9.15.9`	`10.28.2`
@remix-run/express	`2.15.3`	`2.16.3`
@remix-run/node	`2.15.3`	`2.17.2`
react-router	`6.29.0`	`6.30.2`
vite-plugin-static-copy	`1.0.6`	`2.3.2`
vite	`5.4.14`	`5.4.21`

Updates pnpm from 9.15.9 to 10.28.2

Release notes

Sourced from pnpm's releases.

pnpm 10.28.2

Patch Changes

Security fix: prevent path traversal in directories.bin field.

When pnpm installs a file: or git: dependency, it now validates that symlinks point within the package directory. Symlinks to paths outside the package root are skipped to prevent local data from being leaked into node_modules.

This fixes a security issue where a malicious package could create symlinks to sensitive files (e.g., /etc/passwd, ~/.ssh/id_rsa) and have their contents copied when the package is installed.

Note: This only affects file: and git: dependencies. Registry packages (npm) have symlinks stripped during publish and are not affected.

Fixed optional dependencies to request full metadata from the registry to get the libc field, which is required for proper platform compatibility checks #9950.

Platinum Sponsors

Gold Sponsors

... (truncated)

Changelog

Sourced from pnpm's changelog.

10.28.2

Patch Changes

Security fix: prevent path traversal in directories.bin field.

When pnpm installs a file: or git: dependency, it now validates that symlinks point within the package directory. Symlinks to paths outside the package root are skipped to prevent local data from being leaked into node_modules.

This fixes a security issue where a malicious package could create symlinks to sensitive files (e.g., /etc/passwd, ~/.ssh/id_rsa) and have their contents copied when the package is installed.

Note: This only affects file: and git: dependencies. Registry packages (npm) have symlinks stripped during publish and are not affected.

Fixed optional dependencies to request full metadata from the registry to get the libc field, which is required for proper platform compatibility checks #9950.

10.28.1

Patch Changes

Fixed installation of config dependencies from private registries.

Added support for object type in configDependencies when the tarball URL returned from package metadata differs from the computed URL #10431.

Fix path traversal vulnerability in binary fetcher ZIP extraction

Validate ZIP entry paths before extraction to prevent writing files outside target directory

Validate BinaryResolution.prefix (basename) to prevent directory escape via crafted prefix

Both attack vectors now throw ERR_PNPM_PATH_TRAVERSAL error

Support plain http:// and https:// URLs ending with .git as git repository dependencies.

Previously, URLs like https://gitea.example.org/user/repo.git#commit were not recognized as git repositories because they lacked the git+ prefix (e.g., git+https://). This caused issues when installing dependencies from self-hosted git servers like Gitea or Forgejo that don't provide tarball downloads.

Changes:

The git resolver now runs before the tarball resolver, ensuring git URLs are handled by the correct resolver

The git resolver now recognizes plain http:// and https:// URLs ending in .git as git repositories

Removed the isRepository check from the tarball resolver since it's no longer needed with the new resolver order

Fixes #10468

pnpm run -r and pnpm run --filter now fail with a non-zero exit code when no packages have the specified script. Previously, this only failed when all packages were selected. Use --if-present to suppress this error #6844.

Fixed a path traversal vulnerability in tarball extraction on Windows. The path normalization was only checking for ./ but not .\. Since backslashes are directory separators on Windows, malicious packages could use paths like foo\..\..\.npmrc to write files outside the package directory.

When running "pnpm exec" from a subdirectory of a project, don't change the current working directory to the root of the project #5759.

Fixed a path traversal vulnerability in pnpm's bin linking. Bin names starting with @ bypassed validation, and after scope normalization, path traversal sequences like ../../ remained intact.

Revert Try to avoid making network calls with preferOffline #10334.

Fix --save-peer to write valid semver ranges to peerDependencies for protocol-based installs (e.g. jsr:) by deriving from resolved versions when available and falling back to * if none is available #10417.

Do not exclude the root workspace project, when it is explicitly selected via a filter #10465.

10.28.0

Minor Changes

... (truncated)

Commits

89a2c4e chore(release): 10.28.2
a484cea fix(npm-resolver): request full metadata for optional dependencies (#10455)
c908370 test: fix
0b5a56a chore(release): 10.28.1
916b26b fix: prevent implicit root exclusion when user filters are provided (#10465)
9cbba28 fix(exec): preserve user execution cwd (#10445)
91a241e chore(release): 10.28.0
a9784fb revert: "chore: upgrade qs to 6.14.1 (#10389)"
787ed46 chore: upgrade qs to 6.14.1 (#10389)
6bdba72 chore(release): 10.27.0
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for pnpm since your current version.

Updates @remix-run/express from 2.15.3 to 2.16.3

Changelog

Sourced from @remix-run/express's changelog.

2.16.3

Patch Changes

Better validation of x-forwarded-host header to preent potential security issues. (#10553)

Updated dependencies:

@remix-run/node@2.16.3

2.16.2

Patch Changes

Updated dependencies:

@remix-run/node@2.16.2

2.16.1

Patch Changes

Updated dependencies:

@remix-run/node@2.16.1

2.16.0

Patch Changes

Updated dependencies:

@remix-run/node@2.16.0

Commits

c9c1da1 chore: Update version for release (#10556)
0d7fd9b chore: Update version for release (pre) (#10554)
960815c host parse (#10553)
b206d9b chore: Update version for release (#10541)
3764a7c chore: Update version for release (pre) (#10537)
b5b3ea6 chore: Update version for release (#10536)
1cb472f chore: Update version for release (pre) (#10530)
f7731a2 chore: Update version for release (pre) (#10526)
c87de4d chore: Update version for release (pre) (#10520)
2fbec6a chore: Update version for release (#10508)
Additional commits viewable in compare view

Updates @remix-run/node from 2.15.3 to 2.17.2

Commits

3920349 Version 2.17.2
64d88de Validate session id in file session storage (#10806)
91ef6fe Version 2.17.1
3000859 chore: Update version for release (#10698)
3004a98 chore: Update version for release (pre) (#10692)
fc5cb1f chore: Update version for release (pre) (#10691)
3869e0e chore: Update version for release (#10643)
00107c5 chore: Update version for release (pre) (#10642)
45df312 chore: Update version for release (#10628)
f90aa1f chore: Update version for release (pre) (#10627)
Additional commits viewable in compare view

Updates react-router from 6.29.0 to 6.30.2

Release notes

Sourced from react-router's releases.

v6.30.2

See the changelog for release notes: https://github.com/remix-run/react-router/blob/v6/CHANGELOG.md#v6302

v6.30.1

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6301

v6.30.0

See the changelog for release notes: https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v6300

Changelog

Sourced from react-router's changelog.

v6.30.2

Date: 2025-11-13

Security Notice

This release addresses 1 security vulnerability:

Unexpected external redirect via untrusted paths

Patch Changes

Normalize double-slashes in resolvePath (#14537)

Full Changelog: v6.30.1...v6.30.2

v6.30.1

Date: 2025-05-20

Patch Changes

Partially revert optimization added in 6.29.0 to reduce calls to matchRoutes because it surfaced other issues (#13623)

Stop logging invalid warning when v7_relativeSplatPath is set to false (#13502)

Full Changelog: v6.30.0...v6.30.1

v6.30.0

Date: 2025-02-27

Minor Changes

Add fetcherKey as a parameter to patchRoutesOnNavigation (#13109)

Patch Changes

Fix regression introduced in 6.29.0 via #12169 that caused issues navigating to hash routes inside splat routes for applications using Lazy Route Discovery (patchRoutesOnNavigation) (#13108)

Full Changelog: v6.29.0...v6.30.0

Commits

26b5d45 chore: Update version for release (#14541)
919f8a8 chore: Update version for release (pre-v6) (#14540)
69bf705 Normalize double slashes in resolvePath (#14537)
3f2400e chore: Update version for release (#13647)
25a264d chore: Update version for release (pre-v6) (#13638)
b5705a0 Remove matchRoutes optimization from render pass (#13623)
785f6f6 Prevent invalid warning for v7_relativeSplatPath (#13502)
e4ba522 chore: Update version for release (#13128)
f0bc784 chore: Update version for release (pre-v6) (#13111)
d9ed824 Fix up changelogs
See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for react-router since your current version.

Updates vite-plugin-static-copy from 1.0.6 to 2.3.2

Release notes

Sourced from vite-plugin-static-copy's releases.

vite-plugin-static-copy@2.3.2

Patch Changes

4627afb Thanks @sapphi-red! - Files not included in src was possible to acess with a crafted request. See GHSA-pp7p-q8fx-2968 for more details.

vite-plugin-static-copy@2.3.1

Patch Changes

#152 6aee6a3 Thanks @sapphi-red! - improve performance of internal isSubdirectoryOrEqual function

vite-plugin-static-copy@2.3.0

Minor Changes

281f5b2 Thanks @sapphi-red! - improve performance by coping files concurrently when possible

Patch Changes

#149 a9f35c9 Thanks @sapphi-red! - ensure .[cm]?[tj]sx? static assets are JS mime to align with Vite. vitejs/vite#19453

vite-plugin-static-copy@2.2.0

Minor Changes

#141 88e513d Thanks @sapphi-red! - add Vite 6 to peer dep

vite-plugin-static-copy@2.1.0

Minor Changes

#133 b9c09bd Thanks @rschristian! - Allows user to optionally configure when the plugin is ran by passing in a Rollup hook name

vite-plugin-static-copy@2.0.0

Major Changes

#127 21304df Thanks @tassioFront! - feat: throw an error when does not find file

Changelog

Sourced from vite-plugin-static-copy's changelog.

2.3.2

Patch Changes

4627afb Thanks @sapphi-red! - Files not included in src was possible to acess with a crafted request. See GHSA-pp7p-q8fx-2968 for more details.

2.3.1

Patch Changes

#152 6aee6a3 Thanks @sapphi-red! - improve performance of internal isSubdirectoryOrEqual function

2.3.0

Minor Changes

281f5b2 Thanks @sapphi-red! - improve performance by coping files concurrently when possible

Patch Changes

#149 a9f35c9 Thanks @sapphi-red! - ensure .[cm]?[tj]sx? static assets are JS mime to align with Vite. vitejs/vite#19453

2.2.0

Minor Changes

#141 88e513d Thanks @sapphi-red! - add Vite 6 to peer dep

2.1.0

Minor Changes

#133 b9c09bd Thanks @rschristian! - Allows user to optionally configure when the plugin is ran by passing in a Rollup hook name

2.0.0

Major Changes

#127 21304df Thanks @tassioFront! - feat: throw an error when does not find file

Commits

326a79f chore: update versions (#197)
0f39cad ci: run release against v* branches
4627afb fix: only serve files under src (#195)
08cafec chore: update versions (#154)
6aee6a3 perf: improve isSubdirectoryOrEqual performance (#152)
5f707b6 chore: update versions (#147)
26cbffe chore: update pnpm to v10
a9f35c9 fix: ensure .[cm]?[tj]sx? static assets are JS mime (#149)
94b04d5 chore: update packages (#148)
281f5b2 chore: add changeset for #146
Additional commits viewable in compare view

Updates vite from 5.4.14 to 5.4.21

Release notes

Sourced from vite's releases.

v5.4.21

Please refer to CHANGELOG.md for details.

v5.4.20

Please refer to CHANGELOG.md for details.

v5.4.19

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

5.4.21 (2025-10-20)

fix(dev): trim trailing slash before server.fs.deny check (#20968) (#20970) (cad1d31), closes #20968 #20970

chore: update CHANGELOG (ca88ed7)

5.4.20 (2025-09-08)

fix: apply fs.strict check to HTML files (#20736) (482000f), closes #20736

fix: port sirv@3.0.2 changes to sirv@2.0.4 (#20737) (4f1c35b), closes #20737

5.4.19 (2025-04-30)

fix: backport #19965, check static serve file inside sirv (#19966) (766947e), closes #19965 #19966

5.4.18 (2025-04-10)

fix: backport #19830, reject requests with # in request-target (#19831) (823675b), closes #19830 #19831

5.4.17 (2025-04-03)

fix: backport #19782, fs check with svg and relative paths (#19784) (84b2b46), closes #19782 #19784

5.4.16 (2025-03-31)

fix: backport #19761, fs check in transform middleware (#19762) (b627c50), closes #19761 #19762

5.4.15 (2025-03-24)

fix: backport #19702, fs raw query with query separators (#19703) (807d7f0), closes #19702 #19703

Commits

adce3c2 release: v5.4.21
cad1d31 fix(dev): trim trailing slash before server.fs.deny check (#20968) (#20970)
ca88ed7 chore: update CHANGELOG
997700f release: v5.4.20
482000f fix: apply fs.strict check to HTML files (#20736)
80a333a release: v5.4.19
766947e fix: backport #19965, check static serve file inside sirv (#19966)
731b77d release: v5.4.18
823675b fix: backport #19830, reject requests with # in request-target (#19831)
0a2518a release: v5.4.17
Additional commits viewable in compare view

Updates undici from 6.21.1 to 6.23.0

Release notes

Sourced from undici's releases.

v6.23.0

⚠️ Security Release

This fixes GHSA-g9mf-h72j-4rw9 and CVE-2026-22036.

Full Changelog: nodejs/undici@v6.22.0...v6.23.0

v6.22.0

What's Changed

fix: fix wrong stream canceled up after cloning (v6) by @snyamathi in nodejs/undici#4414

[Backport v6.x] fix: fix EnvHttpProxyAgent for the Node.js bundle by @github-actions[bot] in nodejs/undici#4432

feat(ProxyAgent): match Curl behavior in HTTP->HTTP Proxy connections (#4180) by @metcoder95 in nodejs/undici#4433

feat(ProxyAgent) improve Curl-y behavior in HTTP->HTTP Proxy connections (#4180) (#4340) by @metcoder95 in nodejs/undici#4445

Backport 4472 to v6.x by @Uzlopak in nodejs/undici#4480

Full Changelog: nodejs/undici@v6.21.3...v6.22.0

v6.21.3

What's Changed

[Backport v6.x] append crlf to formdata body by @github-actions in nodejs/undici#4210

Full Changelog: nodejs/undici@v6.21.2...v6.21.3

v6.21.2

What's Changed

fix(types): add missing DNS interceptor by @slagiewka in nodejs/undici#4024

[v6.x] fix wpts on windows by @mcollina in nodejs/undici#4093

Removed clients with unrecoverable errors from the Pool nodejs/undici#4088

New Contributors

@slagiewka made their first contribution in nodejs/undici#4024

Full Changelog: nodejs/undici@v6.21.1...v6.21.2

Commits

fbc31e2 Bumped v6.23.0
3477c94 chore: release flow using provenance
d3aafea fix: limit Content-Encoding chain to 5 to prevent resource exhaustion
f9c9185 Bumped v6.22.0
f670f2a feat: make UndiciErrors reliable to instanceof (#4472) (#4480)
422e397 feat(ProxyAgent) improve Curl-y behavior in HTTP->HTTP Proxy connections (#41...
4a06ffe feat(ProxyAgent): match Curl behavior in HTTP->HTTP Proxy connections (#4180)...
4cb3974 fix: fix EnvHttpProxyAgent for the Node.js bundle (#4064) (#4432)
44c23e5 fix: fix wrong stream canceled up after cloning (v6) (#4414)
da0e823 Bumped v6.21.4
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for undici since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

* Initial plan * Fix critical API issues - server now starts and passes tests Co-authored-by: skullcrushercmd <93234024+skullcrushercmd@users.noreply.github.com> * Fix models endpoint path issue - all critical functionality now working Co-authored-by: skullcrushercmd <93234024+skullcrushercmd@users.noreply.github.com> * Fix critical API issues preventing server startup and functionality Co-authored-by: skullcrushercmd <93234024+skullcrushercmd@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: skullcrushercmd <93234024+skullcrushercmd@users.noreply.github.com>

Copilot/vscode1756610388575

added websocket support and hardened testing

Bumps [pnpm](https://github.com/pnpm/pnpm/tree/HEAD/pnpm) from 10.5.2 to 10.28.2. - [Release notes](https://github.com/pnpm/pnpm/releases) - [Changelog](https://github.com/pnpm/pnpm/blob/v10.28.2/pnpm/CHANGELOG.md) - [Commits](https://github.com/pnpm/pnpm/commits/v10.28.2/pnpm) --- updated-dependencies: - dependency-name: pnpm dependency-version: 10.28.2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [axios](https://github.com/axios/axios) from 1.8.1 to 1.13.5. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.8.1...v1.13.5) --- updated-dependencies: - dependency-name: axios dependency-version: 1.13.5 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

Added npm package ecosystem updates for api and ui directories.

….28.2 Bump pnpm from 10.5.2 to 10.28.2

….13.5 Bump axios from 1.8.1 to 1.13.5

Bumps the npm_and_yarn group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [pnpm](https://github.com/pnpm/pnpm/tree/HEAD/pnpm) | `9.15.9` | `10.28.2` | | [@remix-run/express](https://github.com/remix-run/remix/tree/HEAD/packages/remix-express) | `2.15.3` | `2.16.3` | | [@remix-run/node](https://github.com/remix-run/remix/tree/HEAD/packages/remix-node) | `2.15.3` | `2.17.2` | | [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `6.29.0` | `6.30.2` | | [vite-plugin-static-copy](https://github.com/sapphi-red/vite-plugin-static-copy) | `1.0.6` | `2.3.2` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.4.14` | `5.4.21` | Updates `pnpm` from 9.15.9 to 10.28.2 - [Release notes](https://github.com/pnpm/pnpm/releases) - [Changelog](https://github.com/pnpm/pnpm/blob/v10.28.2/pnpm/CHANGELOG.md) - [Commits](https://github.com/pnpm/pnpm/commits/v10.28.2/pnpm) Updates `@remix-run/express` from 2.15.3 to 2.16.3 - [Release notes](https://github.com/remix-run/remix/releases) - [Changelog](https://github.com/remix-run/remix/blob/@remix-run/express@2.16.3/packages/remix-express/CHANGELOG.md) - [Commits](https://github.com/remix-run/remix/commits/@remix-run/express@2.16.3/packages/remix-express) Updates `@remix-run/node` from 2.15.3 to 2.17.2 - [Release notes](https://github.com/remix-run/remix/releases) - [Commits](https://github.com/remix-run/remix/commits/remix@2.17.2/packages/remix-node) Updates `react-router` from 6.29.0 to 6.30.2 - [Release notes](https://github.com/remix-run/react-router/releases) - [Changelog](https://github.com/remix-run/react-router/blob/main/CHANGELOG.md) - [Commits](https://github.com/remix-run/react-router/commits/react-router@6.30.2/packages/react-router) Updates `vite-plugin-static-copy` from 1.0.6 to 2.3.2 - [Release notes](https://github.com/sapphi-red/vite-plugin-static-copy/releases) - [Changelog](https://github.com/sapphi-red/vite-plugin-static-copy/blob/vite-plugin-static-copy@2.3.2/CHANGELOG.md) - [Commits](https://github.com/sapphi-red/vite-plugin-static-copy/compare/vite-plugin-static-copy@1.0.6...vite-plugin-static-copy@2.3.2) Updates `vite` from 5.4.14 to 5.4.21 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.4.21/packages/vite) Updates `undici` from 6.21.1 to 6.23.0 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v6.21.1...v6.23.0) --- updated-dependencies: - dependency-name: pnpm dependency-version: 10.28.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@remix-run/express" dependency-version: 2.16.3 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@remix-run/node" dependency-version: 2.17.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: react-router dependency-version: 6.30.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: vite-plugin-static-copy dependency-version: 2.3.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 5.4.21 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: undici dependency-version: 6.23.0 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-02-18T23:32:24Z

Looks like these dependencies are no longer updatable, so this is no longer needed.

Pulls in AnyScan PRs #14 through #30: - #14 bbe4cf2 fix: triage and fix the 11 baseline test failures - #15 d43d05f feat(followon): stream port-scan results into host-scan tasks - #16 0918271 feat: GraphQL endpoint and introspection discovery rules - #17 f2eb2d7 feat: dependency-manifests path profile - #18 feat: container-orchestration path profile - #19 feat: build-artifacts path profile - #20 feat: cicd-configs path profile - #21 feat: mobile-artifacts path profile - #22 feat: cloud-storage-listing path profile - #23 feat: MLOps tech fingerprints - #24 feat: modern JS framework tech fingerprints - #25 feat: verbose stack-trace disclosure detector - #26 feat: modern credential-token detectors (GH PAT v2 / JWT alg:none / Cloudflare / Datadog) - #27 feat: HTTP header-policy detectors (CORS/HSTS/CSP) - #28 e97012f9 fix(worker): reserve egress bandwidth for agentd via tc/qdisc + safety rate cap - #29 d4986a7 feat(operator): shared shell + /app/overview page (pilot) - #30 ef60f6f1 feat(worker): fetch inventory policy from control plane at agentd startup Co-authored-by: skullcmd <skullcmd@anyvm.tech>

skullcrushercmd and others added 30 commits October 18, 2024 21:29

almost done, move to desktop

67281d9

latest but still not working

cd30beb

working!!

47f300d

guh

25d8ae8

testing out firebase

0bcc4ae

fixed logging, should be a release

e32dd21

rate limits added

12fd604

redis + filesystem implemented, redis not tested

8a1cb24

switch to github

4c10d9c

tryna get coder auth to work

66746a2

added routes

836cba3

not fully tested but added user friendly startup

7155e99

redis and filesys sync

5426e52

production ready

41c33eb

Merge pull request #2 from skullcrushercmd/copilot/vscode1756610388575

ff93653

Copilot/vscode1756610388575

added websocket support and easier testing utils

d311a08

Merge pull request #3 from AnyVM-Tech/copilot/vscode1756610388575

7129b31

added websocket support and hardened testing

Fix Gemini image data URLs

24f5b01

Updates build configuration and dependencies

02ff2e9

Enhances core data management and server infrastructure

e027ae2

Adds shared modules for rate limiting and key validation

ac2d489

Refactors providers with enhanced handling and passthrough

b2d21d8

Standardizes API routes and adds new endpoints

6c3fe1e

Enables Realtime API and WebSocket broadcasting

f50604d

Updates developer scripts for key management

d71f5c6

Updates model definitions

58ad068

Update gitignore and stop tracking log files

6e00521

skullcrushercmd and others added 4 commits February 14, 2026 01:55

Configure Dependabot for npm updates

9a2edcf

Added npm package ecosystem updates for api and ui directories.

Merge pull request #4 from AnyVM-Tech/dependabot/npm_and_yarn/pnpm-10…

a37a4a8

….28.2 Bump pnpm from 10.5.2 to 10.28.2

Merge pull request #5 from AnyVM-Tech/dependabot/npm_and_yarn/axios-1…

4043638

….13.5 Bump axios from 1.8.1 to 1.13.5

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 14, 2026

skullcrushercmd force-pushed the main branch from 5da64db to 19058c6 Compare February 18, 2026 23:10

dependabot Bot closed this Feb 18, 2026

dependabot Bot deleted the dependabot/npm_and_yarn/npm_and_yarn-d9f5b0ece4 branch February 18, 2026 23:32

skullcrushercmd mentioned this pull request Apr 27, 2026

chore: bump apps/anyscan submodule pointer to ef60f6f #73

Merged

3 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 1 directory with 7 updates#25

Bump the npm_and_yarn group across 1 directory with 7 updates#25
dependabot[bot] wants to merge 34 commits intomainfrom
dependabot/npm_and_yarn/npm_and_yarn-d9f5b0ece4

dependabot Bot commented on behalf of github Feb 14, 2026 •

edited

Loading

Uh oh!

dependabot Bot commented on behalf of github Feb 18, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

dependabot Bot commented on behalf of github Feb 14, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

pnpm 10.28.2

Patch Changes

Platinum Sponsors

Gold Sponsors

10.28.2

Patch Changes

10.28.1

Patch Changes

10.28.0

Minor Changes

2.16.3

Patch Changes

2.16.2

Patch Changes

2.16.1

Patch Changes

2.16.0

Patch Changes

v6.30.2

v6.30.1

v6.30.0

v6.30.2

Security Notice

Patch Changes

v6.30.1

Patch Changes

v6.30.0

Minor Changes

Patch Changes

vite-plugin-static-copy@2.3.2

Patch Changes

vite-plugin-static-copy@2.3.1

Patch Changes

vite-plugin-static-copy@2.3.0

Minor Changes

Patch Changes

vite-plugin-static-copy@2.2.0

Minor Changes

vite-plugin-static-copy@2.1.0

Minor Changes

vite-plugin-static-copy@2.0.0

Major Changes

2.3.2

Patch Changes

2.3.1

Patch Changes

2.3.0

Minor Changes

Patch Changes

2.2.0

Minor Changes

2.1.0

Minor Changes

2.0.0

Major Changes

v5.4.21

v5.4.20

v5.4.19

5.4.21 (2025-10-20)

5.4.20 (2025-09-08)

5.4.19 (2025-04-30)

5.4.18 (2025-04-10)

5.4.17 (2025-04-03)

5.4.16 (2025-03-31)

5.4.15 (2025-03-24)

v6.23.0

⚠️ Security Release

v6.22.0

What's Changed

v6.21.3

What's Changed

v6.21.2

What's Changed

New Contributors

Uh oh!

dependabot Bot commented on behalf of github Feb 18, 2026

Uh oh!

dependabot Bot commented on behalf of github Feb 14, 2026 •

edited

Loading