chore(deps): Bump the npm_and_yarn group across 12 directories with 6 updates #935

dependabot · 2026-01-16T20:04:54Z

Bumps the npm_and_yarn group with 2 updates in the /apps/learn-card-app directory: jspdf and vite.
Bumps the npm_and_yarn group with 1 update in the /apps/scouts directory: vite.
Bumps the npm_and_yarn group with 1 update in the /examples/chapi-example directory: astro.
Bumps the npm_and_yarn group with 1 update in the /examples/embed-example directory: astro.
Bumps the npm_and_yarn group with 1 update in the /examples/snap-chapi-example directory: astro.
Bumps the npm_and_yarn group with 1 update in the /examples/snap-example-dapp directory: astro.
Bumps the npm_and_yarn group with 1 update in the /packages/learn-card-base directory: axios.
Bumps the npm_and_yarn group with 1 update in the /packages/learn-card-helpers directory: @trpc/server.
Bumps the npm_and_yarn group with 1 update in the /packages/react-learn-card directory: happy-dom.
Bumps the npm_and_yarn group with 1 update in the /services/learn-card-network/brain-service directory: @trpc/server.
Bumps the npm_and_yarn group with 2 updates in the /services/learn-card-network/lca-api directory: axios and @trpc/server.
Bumps the npm_and_yarn group with 1 update in the /services/learn-card-network/learn-cloud-service directory: @trpc/server.

Updates jspdf from 3.0.4 to 4.0.0

Release notes

Sourced from jspdf's releases.

v4.0.0

This release fixes a critical path traversal/local file inclusion security vulnerability in the jsPDF Node.js build. File system access is now restricted by default and can be enabled by either using node's --permission flag or the new jsPDF.allowFsRead property.

There are no other breaking changes.

Commits

e6cf03d 4.0.0
a688c8f restrict file system access in node build (#3931)
See full diff in compare view

Updates vite from 4.3.8 to 5.4.21

Release notes

Sourced from vite's releases.

v5.4.21

Please refer to CHANGELOG.md for details.

v5.4.20

Please refer to CHANGELOG.md for details.

v5.4.19

Please refer to CHANGELOG.md for details.

v5.4.18

Please refer to CHANGELOG.md for details.

v4.5.14

Please refer to CHANGELOG.md for details.

v4.5.13

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

5.4.21 (2025-10-20)

fix(dev): trim trailing slash before server.fs.deny check (#20968) (#20970) (cad1d31), closes #20968 #20970

chore: update CHANGELOG (ca88ed7)

5.4.20 (2025-09-08)

fix: apply fs.strict check to HTML files (#20736) (482000f), closes #20736

fix: port sirv@3.0.2 changes to sirv@2.0.4 (#20737) (4f1c35b), closes #20737

5.4.19 (2025-04-30)

fix: backport #19965, check static serve file inside sirv (#19966) (766947e), closes #19965 #19966

5.4.18 (2025-04-10)

fix: backport #19830, reject requests with # in request-target (#19831) (823675b), closes #19830 #19831

5.4.17 (2025-04-03)

fix: backport #19782, fs check with svg and relative paths (#19784) (84b2b46), closes #19782 #19784

5.4.16 (2025-03-31)

fix: backport #19761, fs check in transform middleware (#19762) (b627c50), closes #19761 #19762

5.4.15 (2025-03-24)

fix: backport #19702, fs raw query with query separators (#19703) (807d7f0), closes #19702 #19703

5.4.14 (2025-01-21)

fix: preview.allowedHosts with specific values was not respected (#19246) (9df6e6b), closes #19246

fix: allow CORS from loopback addresses by default (#19249) (7d1699c), closes #19249

... (truncated)

Commits

adce3c2 release: v5.4.21
cad1d31 fix(dev): trim trailing slash before server.fs.deny check (#20968) (#20970)
ca88ed7 chore: update CHANGELOG
997700f release: v5.4.20
482000f fix: apply fs.strict check to HTML files (#20736)
80a333a release: v5.4.19
766947e fix: backport #19965, check static serve file inside sirv (#19966)
731b77d release: v5.4.18
823675b fix: backport #19830, reject requests with # in request-target (#19831)
0a2518a release: v5.4.17
Additional commits viewable in compare view

Updates vite from 4.3.8 to 5.4.21

Release notes

Sourced from vite's releases.

v5.4.21

Please refer to CHANGELOG.md for details.

v5.4.20

Please refer to CHANGELOG.md for details.

v5.4.19

Please refer to CHANGELOG.md for details.

v5.4.18

Please refer to CHANGELOG.md for details.

v4.5.14

Please refer to CHANGELOG.md for details.

v4.5.13

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

5.4.21 (2025-10-20)

fix(dev): trim trailing slash before server.fs.deny check (#20968) (#20970) (cad1d31), closes #20968 #20970

chore: update CHANGELOG (ca88ed7)

5.4.20 (2025-09-08)

fix: apply fs.strict check to HTML files (#20736) (482000f), closes #20736

fix: port sirv@3.0.2 changes to sirv@2.0.4 (#20737) (4f1c35b), closes #20737

5.4.19 (2025-04-30)

fix: backport #19965, check static serve file inside sirv (#19966) (766947e), closes #19965 #19966

5.4.18 (2025-04-10)

fix: backport #19830, reject requests with # in request-target (#19831) (823675b), closes #19830 #19831

5.4.17 (2025-04-03)

fix: backport #19782, fs check with svg and relative paths (#19784) (84b2b46), closes #19782 #19784

5.4.16 (2025-03-31)

fix: backport #19761, fs check in transform middleware (#19762) (b627c50), closes #19761 #19762

5.4.15 (2025-03-24)

fix: backport #19702, fs raw query with query separators (#19703) (807d7f0), closes #19702 #19703

5.4.14 (2025-01-21)

fix: preview.allowedHosts with specific values was not respected (#19246) (9df6e6b), closes #19246

fix: allow CORS from loopback addresses by default (#19249) (7d1699c), closes #19249

... (truncated)

Commits

adce3c2 release: v5.4.21
cad1d31 fix(dev): trim trailing slash before server.fs.deny check (#20968) (#20970)
ca88ed7 chore: update CHANGELOG
997700f release: v5.4.20
482000f fix: apply fs.strict check to HTML files (#20736)
80a333a release: v5.4.19
766947e fix: backport #19965, check static serve file inside sirv (#19966)
731b77d release: v5.4.18
823675b fix: backport #19830, reject requests with # in request-target (#19831)
0a2518a release: v5.4.17
Additional commits viewable in compare view

Updates astro from 1.2.7 to 5.15.9

Release notes

Sourced from astro's releases.

astro@5.15.9

Patch Changes
#14786 758a891 Thanks @mef! - Add handling of invalid encrypted props and slots in server islands.

#14783 504958f Thanks @florian-lefebvre! - Improves the experimental Fonts API build log to show the number of downloaded files. This can help spotting excessive downloading because of misconfiguration
#14791 9e9c528 Thanks @Princesseuh! - Changes the remote protocol checks for images to require explicit authorization in order to use data URIs.

In order to allow data URIs for remote images, you will need to update your astro.config.mjs file to include the following configuration:
// astro.config.mjs
import { defineConfig } from 'astro/config';
export default defineConfig({
images: {
remotePatterns: [
{
protocol: 'data',
},
],
},
});
#14787 0f75f6b Thanks @matthewp! - Fixes wildcard hostname pattern matching to correctly reject hostnames without dots

Previously, hostnames like localhost or other single-part names would incorrectly match patterns like *.example.com. The wildcard matching logic has been corrected to ensure that only valid subdomains matching the pattern are accepted.

#14776 3537876 Thanks @ktym4a! - Fixes the behavior of passthroughImageService so it does not generate webp.

Updated dependencies [9e9c528, 0f75f6b]:

@astrojs/internal-helpers@0.7.5

@astrojs/markdown-remark@6.3.9
astro@5.15.8

Patch Changes

#14772 00c579a Thanks @matthewp! - Improves the security of Server Islands slots by encrypting them before transmission to the browser, matching the security model used for props. This improves the integrity of slot content and prevents injection attacks, even when component templates don't explicitly support slots.

Slots continue to work as expected for normal usage—this change has no breaking changes for legitimate requests.

#14771 6f80081 Thanks @matthewp! - Fix middleware pathname matching by normalizing URL-encoded paths

Middleware now receives normalized pathname values, ensuring that encoded paths like /%61dmin are properly decoded to /admin before middleware checks. This prevents potential security issues where middleware checks might be bypassed through URL encoding.

astro@5.15.7

Patch Changes

... (truncated)

Changelog

Sourced from astro's changelog.

1.9.2

Patch Changes

#5776 6a31433ed Thanks @ba55ie! - Fix Lit slotted content

1.9.1

Patch Changes

adad7e966 Thanks @matthewp! - Fix for hoisted scripts in project with spaces in the file path

1.9.0

Minor Changes

#5666 bf210f784 Thanks @bholmesdev! - Correctly handle spaces and capitalization in src/content/ file names. This introduces github-slugger for slug generation to ensure slugs are usable by getStaticPaths. Changes:

Resolve spaces and capitalization: collection/Entry With Spaces.md becomes collection/entry-with-spaces.

Truncate /index paths to base URL: collection/index.md becomes collection

Patch Changes

#5720 fe316be86 Thanks @umarov! - Do not add base path to a hoisted script body

#5706 c2844a79c Thanks @bluwy! - Add preact and sitemap integration to config load external list

#5700 3aa3e00a6 Thanks @bholmesdev! - Fix import.meta.env.DEV always being set to true when using Content Collections

1.8.0

Minor Changes

#5647 d72da5290 Thanks @bholmesdev! - Add astro sync CLI command for type generation

Patch Changes

#5668 9674cf56c Thanks @bholmesdev! - Remove stray console.log from content collections error message

#5652 0b5098758 Thanks @bluwy! - Use acorn to postprocess Astro globs

#5648 853081d1c Thanks @bholmesdev! - Prevent relative image paths in src/content/

#5678 f8f576829 Thanks @bluwy! - Fix code generation quotes handling

#5635 376f67011 Thanks @SegaraRai! - Add server.headers typing

Updated dependencies [853081d1c, 2c65b433b]:

@astrojs/markdown-remark@1.2.0

1.7.2

... (truncated)

Commits

7a07f02 [ci] release (#14788)
8cf3f05 [ci] format
758a891 fix(astro): handle invalid encrypted props in server island (#14786)
3537876 fix: passthroughImageService generate webp (#14776)
048e4dc [ci] format
9e9c528 fix: require explicit authorization to use data urls (#14791)
0f75f6b Fix wildcard hostname matching to reject hostnames without dots (#14787)
504958f feat(fonts): log number of downloaded files (#14783)
24e28d2 fix(deps): update astro dependencies (#14779)
60af4d0 [ci] release (#14773)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for astro since your current version.

Updates astro from 1.2.7 to 5.15.9

Release notes

Sourced from astro's releases.

astro@5.15.9

Patch Changes
#14786 758a891 Thanks @mef! - Add handling of invalid encrypted props and slots in server islands.

#14783 504958f Thanks @florian-lefebvre! - Improves the experimental Fonts API build log to show the number of downloaded files. This can help spotting excessive downloading because of misconfiguration
#14791 9e9c528 Thanks @Princesseuh! - Changes the remote protocol checks for images to require explicit authorization in order to use data URIs.

In order to allow data URIs for remote images, you will need to update your astro.config.mjs file to include the following configuration:
// astro.config.mjs
import { defineConfig } from 'astro/config';
export default defineConfig({
images: {
remotePatterns: [
{
protocol: 'data',
},
],
},
});
#14787 0f75f6b Thanks @matthewp! - Fixes wildcard hostname pattern matching to correctly reject hostnames without dots

Previously, hostnames like localhost or other single-part names would incorrectly match patterns like *.example.com. The wildcard matching logic has been corrected to ensure that only valid subdomains matching the pattern are accepted.

#14776 3537876 Thanks @ktym4a! - Fixes the behavior of passthroughImageService so it does not generate webp.

Updated dependencies [9e9c528, 0f75f6b]:

@astrojs/internal-helpers@0.7.5

@astrojs/markdown-remark@6.3.9
astro@5.15.8

Patch Changes

#14772 00c579a Thanks @matthewp! - Improves the security of Server Islands slots by encrypting them before transmission to the browser, matching the security model used for props. This improves the integrity of slot content and prevents injection attacks, even when component templates don't explicitly support slots.

Slots continue to work as expected for normal usage—this change has no breaking changes for legitimate requests.

#14771 6f80081 Thanks @matthewp! - Fix middleware pathname matching by normalizing URL-encoded paths

Middleware now receives normalized pathname values, ensuring that encoded paths like /%61dmin are properly decoded to /admin before middleware checks. This prevents potential security issues where middleware checks might be bypassed through URL encoding.

astro@5.15.7

Patch Changes

... (truncated)

Changelog

Sourced from astro's changelog.

1.9.2

Patch Changes

#5776 6a31433ed Thanks @ba55ie! - Fix Lit slotted content

1.9.1

Patch Changes

adad7e966 Thanks @matthewp! - Fix for hoisted scripts in project with spaces in the file path

1.9.0

Minor Changes

#5666 bf210f784 Thanks @bholmesdev! - Correctly handle spaces and capitalization in src/content/ file names. This introduces github-slugger for slug generation to ensure slugs are usable by getStaticPaths. Changes:

Resolve spaces and capitalization: collection/Entry With Spaces.md becomes collection/entry-with-spaces.

Truncate /index paths to base URL: collection/index.md becomes collection

Patch Changes

#5720 fe316be86 Thanks @umarov! - Do not add base path to a hoisted script body

#5706 c2844a79c Thanks @bluwy! - Add preact and sitemap integration to config load external list

#5700 3aa3e00a6 Thanks @bholmesdev! - Fix import.meta.env.DEV always being set to true when using Content Collections

1.8.0

Minor Changes

#5647 d72da5290 Thanks @bholmesdev! - Add astro sync CLI command for type generation

Patch Changes

#5668 9674cf56c Thanks @bholmesdev! - Remove stray console.log from content collections error message

#5652 0b5098758 Thanks @bluwy! - Use acorn to postprocess Astro globs

#5648 853081d1c Thanks @bholmesdev! - Prevent relative image paths in src/content/

#5678 f8f576829 Thanks @bluwy! - Fix code generation quotes handling

#5635 376f67011 Thanks @SegaraRai! - Add server.headers typing

Updated dependencies [853081d1c, 2c65b433b]:

@astrojs/markdown-remark@1.2.0

1.7.2

... (truncated)

Commits

7a07f02 [ci] release (#14788)
8cf3f05 [ci] format
758a891 fix(astro): handle invalid encrypted props in server island (#14786)
3537876 fix: passthroughImageService generate webp (#14776)
048e4dc [ci] format
9e9c528 fix: require explicit authorization to use data urls (#14791)
0f75f6b Fix wildcard hostname matching to reject hostnames without dots (#14787)
504958f feat(fonts): log number of downloaded files (#14783)
24e28d2 fix(deps): update astro dependencies (#14779)
60af4d0 [ci] release (#14773)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for astro since your current version.

Updates astro from 1.2.7 to 5.15.9

Release notes

Sourced from astro's releases.

astro@5.15.9

Patch Changes
#14786 758a891 Thanks @mef! - Add handling of invalid encrypted props and slots in server islands.

#14783 504958f Thanks @florian-lefebvre! - Improves the experimental Fonts API build log to show the number of downloaded files. This can help spotting excessive downloading because of misconfiguration
#14791 9e9c528 Thanks @Princesseuh! - Changes the remote protocol checks for images to require explicit authorization in order to use data URIs.

In order to allow data URIs for remote images, you will need to update your astro.config.mjs file to include the following configuration:
// astro.config.mjs
import { defineConfig } from 'astro/config';
export default defineConfig({
images: {
remotePatterns: [
{
protocol: 'data',
},
],
},
});
#14787 0f75f6b Thanks @matthewp! - Fixes wildcard hostname pattern matching to correctly reject hostnames without dots

Previously, hostnames like localhost or other single-part names would incorrectly match patterns like *.example.com. The wildcard matching logic has been corrected to ensure that only valid subdomains matching the pattern are accepted.

#14776 3537876 Thanks @ktym4a! - Fixes the behavior of passthroughImageService so it does not generate webp.

Updated dependencies [9e9c528, 0f75f6b]:

@astrojs/internal-helpers@0.7.5

@astrojs/markdown-remark@6.3.9
astro@5.15.8

Patch Changes

#14772 00c579a Thanks @matthewp! - Improves the security of Server Islands slots by encrypting them before transmission to the browser, matching the security model used for props. This improves the integrity of slot content and prevents injection attacks, even when component templates don't explicitly support slots.

Slots continue to work as expected for normal usage—this change has no breaking changes for legitimate requests.

#14771 6f80081 Thanks @matthewp! - Fix middleware pathname matching by normalizing URL-encoded paths

Middleware now receives normalized pathname values, ensuring that encoded paths like /%61dmin are properly decoded to /admin before middleware checks. This prevents potential security issues where middleware checks might be bypassed through URL encoding.

astro@5.15.7

Patch Changes

... (truncated)

Changelog

Sourced from astro's changelog.

1.9.2

Patch Changes

#5776 6a31433ed Thanks @ba55ie! - Fix Lit slotted content

1.9.1

Patch Changes

adad7e966 Thanks @matthewp! - Fix for hoisted scripts in project with spaces in the file path

1.9.0

Minor Changes

#5666 bf210f784 Thanks @bholmesdev! - Correctly handle spaces and capitalization in src/content/ file names. This introduces github-slugger for slug generation to ensure slugs are usable by getStaticPaths. Changes:

Resolve spaces and capitalization: collection/Entry With Spaces.md becomes collection/entry-with-spaces.

Truncate /index paths to base URL: collection/index.md becomes collection

Patch Changes

#5720 fe316be86 Thanks @umarov! - Do not add base path to a hoisted script body

#5706 c2844a79c Thanks @bluwy! - Add preact and sitemap integration to config load external list

#5700 3aa3e00a6 Thanks @bholmesdev! - Fix import.meta.env.DEV always being set to true when using Content Collections

1.8.0

Minor Changes

#5647 d72da5290 Thanks @bholmesdev! - Add astro sync CLI command for type generation

Patch Changes

#5668 9674cf56c Thanks @bholmesdev! - Remove stray console.log from content collections error message

#5652 0b5098758 Thanks @bluwy! - Use acorn to postprocess Astro globs

#5648 853081d1c Thanks @bholmesdev! - Prevent relative image paths in src/content/

#5678 f8f576829 Thanks @bluwy! - Fix code generation quotes handling

#5635 376f67011 Thanks @SegaraRai! - Add server.headers typing

Updated dependencies [853081d1c, 2c65b433b]:

@astrojs/markdown-remark@1.2.0

1.7.2

... (truncated)

Commits

7a07f02 [ci] release (#14788)
8cf3f05 [ci] format
758a891 fix(astro): handle invalid encrypted props in server island (#14786)
3537876 fix: passthroughImageService generate webp (#14776)
048e4dc [ci] format
9e9c528 fix: require explicit authorization to use data urls (#14791)
0f75f6b Fix wildcard hostname matching to reject hostnames without dots (#14787)
504958f feat(fonts): log number of downloaded files (#14783)
24e28d2 fix(deps): update astro dependencies (#14779)
60af4d0 [ci] release (#14773)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for astro since your current version.

Updates astro from 1.2.7 to 5.15.9

Release notes

Sourced from astro's releases.

astro@5.15.9

Patch Changes
#14786 758a891 Thanks @mef! - Add handling of invalid encrypted props and slots in server islands.

#14783 504958f Thanks @florian-lefebvre! - Improves the experimental Fonts API build log to show the number of downloaded files. This can help spotting excessive downloading because of misconfiguration
#14791 9e9c528 Thanks @Princesseuh! - Changes the remote protocol checks for images to require explicit authorization in order to use data URIs.

In order to allow data URIs for remote images, you will need to update your astro.config.mjs file to include the following configuration:
// astro.config.mjs
import { defineConfig } from 'astro/config';
export default defineConfig({
images: {
remotePatterns: [
{
protocol: 'data',
},
],
},
});
#14787 0f75f6b Thanks @matthewp! - Fixes wildcard hostname pattern matching to correctly reject hostnames without dots

Previously, hostnames like localhost or other single-part names would incorrectly match patterns like *.example.com. The wildcard matching logic has been corrected to ensure that only valid subdomains matching the pattern are accepted.

#14776 3537876 Thanks @ktym4a! - Fixes the behavior of passthroughImageService so it does not generate webp.

Updated dependencies [9e9c528, 0f75f6b]:

@astrojs/internal-helpers@0.7.5

@astrojs/markdown-remark@6.3.9
astro@5.15.8

Patch Changes

#14772 00c579a Thanks @matthewp! - Improves the security of Server Islands slots by encrypting them before transmission to the browser, matching the security model used for props. This improves the integrity of slot content and prevents injection attacks, even when component templates don't explicitly support slots.

Slots continue to work as expected for normal usage—this change has no breaking changes for legitimate requests.

#14771 6f80081 Thanks @matthewp! - Fix middleware pathname matching by normalizing URL-encoded paths

Middleware now receives normalized pathname values, ensuring that encoded paths like /%61dmin are properly decoded to /admin before middleware checks. This prevents potential security issues where middleware checks might be bypassed through URL encoding.

astro@5.15.7

Patch Changes

… updates Bumps the npm_and_yarn group with 2 updates in the /apps/learn-card-app directory: [jspdf](https://github.com/parallax/jsPDF) and [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite). Bumps the npm_and_yarn group with 1 update in the /apps/scouts directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite). Bumps the npm_and_yarn group with 1 update in the /examples/chapi-example directory: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro). Bumps the npm_and_yarn group with 1 update in the /examples/embed-example directory: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro). Bumps the npm_and_yarn group with 1 update in the /examples/snap-chapi-example directory: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro). Bumps the npm_and_yarn group with 1 update in the /examples/snap-example-dapp directory: [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro). Bumps the npm_and_yarn group with 1 update in the /packages/learn-card-base directory: [axios](https://github.com/axios/axios). Bumps the npm_and_yarn group with 1 update in the /packages/learn-card-helpers directory: [@trpc/server](https://github.com/trpc/trpc/tree/HEAD/packages/server). Bumps the npm_and_yarn group with 1 update in the /packages/react-learn-card directory: [happy-dom](https://github.com/capricorn86/happy-dom). Bumps the npm_and_yarn group with 1 update in the /services/learn-card-network/brain-service directory: [@trpc/server](https://github.com/trpc/trpc/tree/HEAD/packages/server). Bumps the npm_and_yarn group with 2 updates in the /services/learn-card-network/lca-api directory: [axios](https://github.com/axios/axios) and [@trpc/server](https://github.com/trpc/trpc/tree/HEAD/packages/server). Bumps the npm_and_yarn group with 1 update in the /services/learn-card-network/learn-cloud-service directory: [@trpc/server](https://github.com/trpc/trpc/tree/HEAD/packages/server). Updates `jspdf` from 3.0.4 to 4.0.0 - [Release notes](https://github.com/parallax/jsPDF/releases) - [Changelog](https://github.com/parallax/jsPDF/blob/master/RELEASE.md) - [Commits](parallax/jsPDF@v3.0.4...v4.0.0) Updates `vite` from 4.3.8 to 5.4.21 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.4.21/packages/vite) Updates `vite` from 4.3.8 to 5.4.21 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.4.21/packages/vite) Updates `astro` from 1.2.7 to 5.15.9 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG-v1.md) - [Commits](https://github.com/withastro/astro/commits/astro@5.15.9/packages/astro) Updates `astro` from 1.2.7 to 5.15.9 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG-v1.md) - [Commits](https://github.com/withastro/astro/commits/astro@5.15.9/packages/astro) Updates `astro` from 1.2.7 to 5.15.9 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG-v1.md) - [Commits](https://github.com/withastro/astro/commits/astro@5.15.9/packages/astro) Updates `astro` from 1.2.7 to 5.15.9 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG-v1.md) - [Commits](https://github.com/withastro/astro/commits/astro@5.15.9/packages/astro) Updates `axios` from 0.27.2 to 0.30.2 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v0.27.2...v0.30.2) Updates `@trpc/server` from 11.7.1 to 11.8.0 - [Release notes](https://github.com/trpc/trpc/releases) - [Commits](https://github.com/trpc/trpc/commits/v11.8.0/packages/server) Updates `happy-dom` from 14.12.3 to 20.0.2 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](capricorn86/happy-dom@v14.12.3...v20.0.2) Updates `@trpc/server` from 11.7.1 to 11.8.0 - [Release notes](https://github.com/trpc/trpc/releases) - [Commits](https://github.com/trpc/trpc/commits/v11.8.0/packages/server) Updates `axios` from 0.27.2 to 0.30.2 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v0.27.2...v0.30.2) Updates `@trpc/server` from 11.7.1 to 11.8.0 - [Release notes](https://github.com/trpc/trpc/releases) - [Commits](https://github.com/trpc/trpc/commits/v11.8.0/packages/server) Updates `@trpc/server` from 11.7.1 to 11.8.0 - [Release notes](https://github.com/trpc/trpc/releases) - [Commits](https://github.com/trpc/trpc/commits/v11.8.0/packages/server) --- updated-dependencies: - dependency-name: jspdf dependency-version: 4.0.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 5.4.21 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 5.4.21 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: astro dependency-version: 5.15.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: astro dependency-version: 5.15.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: astro dependency-version: 5.15.9 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: astro dependency-version: 5.15.9 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: axios dependency-version: 0.30.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@trpc/server" dependency-version: 11.8.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: happy-dom dependency-version: 20.0.2 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@trpc/server" dependency-version: 11.8.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: axios dependency-version: 0.30.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@trpc/server" dependency-version: 11.8.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@trpc/server" dependency-version: 11.8.0 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>

netlify · 2026-01-16T20:05:02Z

✅ Deploy Preview for learncarddocs canceled.

Name	Link
🔨 Latest commit	`0aeb222`
🔍 Latest deploy log	https://app.netlify.com/projects/learncarddocs/deploys/696a99eb028d0f000824ab38

netlify · 2026-01-16T20:05:02Z

❌ Deploy Preview for staging-learncardapp failed. Why did it fail? →

Name	Link
🔨 Latest commit	`0aeb222`
🔍 Latest deploy log	https://app.netlify.com/projects/staging-learncardapp/deploys/696a99eb66049f0008af37f0

changeset-bot · 2026-01-16T20:05:03Z

⚠️ No Changeset found

Latest commit: 0aeb222

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

github-actions · 2026-01-16T20:05:10Z

👋 Hey there! It looks like you modified code, but didn't update the documentation in /docs.

If this PR introduces new features, changes APIs, or modifies behavior that users or developers need to know about, please consider updating the docs.

🏄 Windsurf Tip

You can ask Windsurf to help:

"Analyze the changes in this PR and update the gitbook docs in /docs accordingly."

Windsurf will review your changes and suggest appropriate documentation updates based on what was modified.

📚 Documentation Guide

Change Type	Doc Location
New feature/API	`docs/tutorials/` or `docs/how-to-guides/`
SDK/API changes	`docs/sdks/`
New concepts	`docs/core-concepts/`
App UI/UX flows	`docs/apps/` (LearnCard App, ScoutPass)
Internal patterns	`CLAUDE.md`

This is an automated reminder. If no docs are needed, feel free to ignore this message.

gitstream-cm · 2026-01-16T20:06:14Z

This PR is missing a Jira ticket reference in the title or description.
Please add a Jira ticket reference to the title or description of this PR.

gitstream-cm · 2026-01-16T20:06:23Z

🥷 Code experts: TaylorBeeston

TaylorBeeston has most 👩‍💻 activity in the files.
TaylorBeeston has most 🧠 knowledge in the files.

See details

apps/learn-card-app/package.json

Activity based on git-commit:

	TaylorBeeston
JAN
DEC	10 additions & 3 deletions
NOV	165 additions & 2 deletions
OCT
SEP
AUG

Knowledge based on git-blame:
TaylorBeeston: 89%

apps/scouts/package.json

Activity based on git-commit:

	TaylorBeeston
JAN
DEC	1 additions & 1 deletions
NOV	163 additions & 4 deletions
OCT
SEP
AUG

Knowledge based on git-blame:
TaylorBeeston: 98%

examples/chapi-example/package.json

Activity based on git-commit:

	TaylorBeeston
JAN
DEC	2 additions & 1 deletions
NOV
OCT
SEP
AUG

Knowledge based on git-blame:
TaylorBeeston: 97%

examples/embed-example/package.json

Activity based on git-commit:

	TaylorBeeston
JAN
DEC	19 additions & 18 deletions
NOV
OCT
SEP
AUG

Knowledge based on git-blame:
TaylorBeeston: 90%

examples/snap-chapi-example/package.json

Activity based on git-commit:

	TaylorBeeston
JAN
DEC
NOV
OCT
SEP
AUG

Knowledge based on git-blame:
TaylorBeeston: 97%

examples/snap-example-dapp/package.json

Activity based on git-commit:

	TaylorBeeston
JAN
DEC
NOV
OCT
SEP
AUG

Knowledge based on git-blame:
TaylorBeeston: 98%

packages/learn-card-base/package.json

Activity based on git-commit:

	TaylorBeeston
JAN
DEC	10 additions & 0 deletions
NOV	69 additions & 4 deletions
OCT
SEP
AUG

Knowledge based on git-blame:
TaylorBeeston: 99%

packages/learn-card-helpers/package.json

Activity based on git-commit:

	TaylorBeeston
JAN
DEC	2 additions & 2 deletions
NOV	52 additions & 48 deletions
OCT
SEP
AUG

Knowledge based on git-blame:
TaylorBeeston: 96%

packages/react-learn-card/package.json

Activity based on git-commit:

	TaylorBeeston
JAN
DEC	8 additions & 0 deletions
NOV	1 additions & 2 deletions
OCT
SEP
AUG

Knowledge based on git-blame:
TaylorBeeston: 98%

services/learn-card-network/brain-service/package.json

Activity based on git-commit:

	TaylorBeeston
JAN
DEC	9 additions & 1 deletions
NOV	3 additions & 3 deletions
OCT
SEP
AUG

Knowledge based on git-blame:
TaylorBeeston: 89%

services/learn-card-network/lca-api/package.json

Activity based on git-commit:

	TaylorBeeston
JAN
DEC	83 additions & 1 deletions
NOV
OCT
SEP
AUG

Knowledge based on git-blame:
TaylorBeeston: 95%

services/learn-card-network/learn-cloud-service/package.json

Activity based on git-commit:

	TaylorBeeston
JAN
DEC	9 additions & 1 deletions
NOV
OCT
SEP
AUG

Knowledge based on git-blame:
TaylorBeeston: 94%

✨ Comment /gs review for LinearB AI review. Learn how to automate it here.

gitstream-cm · 2026-01-16T20:06:26Z

This PR is missing a Jira ticket reference in the title or description.
Please add a Jira ticket reference to the title or description of this PR.

dependabot · 2026-01-16T21:30:47Z