build(deps-dev): bump the nodejs-other group across 2 directories with 6 updates

[dependabot]

Bumps the nodejs-other group with 6 updates in the /nodejs directory:

Package	From	To
globals	17.4.0	17.5.0
typescript-eslint	8.58.0	8.58.1
sinon	21.0.3	21.1.2
webpack	5.105.4	5.106.1
@aws-sdk/client-sts	3.1024.0	3.1029.0
@types/node	25.5.2	25.6.0

Bumps the nodejs-other group with 1 update in the /nodejs/sample-apps/aws-sdk directory: @types/node.

Updates globals from 17.4.0 to 17.5.0

Release notes

Sourced from globals's releases.

v17.5.0

• Update globals (2026-04-12) (#342) 5d84602

---

sindresorhus/globals@v17.4.0...v17.5.0

Commits

• b8170c8 17.5.0
• 5d84602 Update globals (2026-04-12) (#342)
• 1b727e5 Fix build script for ES globals (#341)
• See full diff in compare view

Updates typescript-eslint from 8.58.0 to 8.58.1

Release notes

Sourced from typescript-eslint's releases.

v8.58.1

8.58.1 (2026-04-08)

🩹 Fixes

• eslint-plugin: [no-unused-vars] fix false negative for type predicate parameter (#12004)

❤️ Thank You

• MinJae @​Ju-MINJAE

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.58.1 (2026-04-08)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

• 5311ed3 chore(release): publish 8.58.1
• See full diff in compare view

Updates sinon from 21.0.3 to 21.1.2

Changelog

Sourced from sinon's changelog.

21.1.2

• 53817f7d Upgrade to ESLint 10 and new shared config (#2696) (Carl-Erik Kopseng)

  • Upgrade to ESLint 10 and new shared config
  • Update deps

• d7a682e0 fix: move npm-run-all to devDeps (#2694) (Avi Vahl)

  used only during dev, and caused a considerable dep count jump downstream

• 5b8720ec use latest shared eslint-config (Carl-Erik Kopseng)

Released by Carl-Erik Kopseng on 2026-04-11.

21.1.1

• 3c8b023b Update deps (Carl-Erik Kopseng)
• 2eabf5da fix(#2692): Remove ESM-only supports-color as it breaks CJS exports (#2693) (Carl-Erik Kopseng)

  • fix(#2692): Remove ESM-only supports-color as it breaks CJS exports

Released by Carl-Erik Kopseng on 2026-04-10.

21.1.0

• 0a5526c5 updated deps (Carl-Erik Kopseng)
• 5262204f fix: build artifacts before running bundled tests (Carl-Erik Kopseng)
• 819bb64b Migration to ECMAScript modules (ESM) (#2683) (Carl-Erik Kopseng)

  This allowed us to finally consume ESM-only dependencies and has broken us free from some CJS shackes. Now produce the same API surface for CJS consumers, as well, by generating ./lib

  • Modern ignores 😁
  • test: add distribution harness
  • test: verify packed cjs and esm entrypoints
  • test: lock distribution api manifest
  • test: smoke test built pkg artifacts
  • docs: require contract tests for package migration
  • test: guard esm migration regressions
  • docs: require contract gate for esm migration
  • build: generate cjs lib from esm source entries
  • refactor: port root api surface to esm
  • build: clean port of root api to esm
  • docs: include implementation plans
  • fix: align lint and smoke tests with esm migration
  • refactor: complete esm port of all core components
  • refactor: finalize esm migration with sandbox and naming fixes
  • fix: finish esm migration stabilization

... (truncated)

Commits

• c9ee063 21.1.2
• 53817f7 Upgrade to ESLint 10 and new shared config (#2696)
• d7a682e fix: move npm-run-all to devDeps (#2694)
• 5b8720e use latest shared eslint-config
• 40f9d6b 21.1.1
• 3c8b023 Update deps
• 2eabf5d fix(#2692): Remove ESM-only supports-color as it breaks CJS exports (#2693)
• 30cf67e 21.1.0
• 0a5526c updated deps
• 5262204 fix: build artifacts before running bundled tests
• Additional commits viewable in compare view

Updates webpack from 5.105.4 to 5.106.1

Release notes

Sourced from webpack's releases.

v5.106.1

Patch Changes

• Fix two ES5-environment regressions in the anonymous default export .name fix-up: the generated code referenced an undeclared __WEBPACK_DEFAULT_EXPORT__ binding causing ReferenceError, and used Reflect.defineProperty which is not available in pre-ES2015 runtimes. The fix-up now references the real assignment target and uses Object.defineProperty / Object.getOwnPropertyDescriptor. (by @​xiaoxiaojx in #20796)

• Prevent !important from being renamed as a local identifier in CSS modules. (by @​xiaoxiaojx in #20798)

• Use compiler context instead of module context for CSS modules local ident hashing to avoid hash collisions when files with the same name exist in different directories. (by @​xiaoxiaojx in #20799)

v5.106.0

Minor Changes

• Add exportType: "style" for CSS modules to inject styles into DOM via HTMLStyleElement, similar to style-loader functionality. (by @​xiaoxiaojx in #20579)

• Add context option support for VirtualUrlPlugin (by @​xiaoxiaojx in #20449)

  • The context for the virtual module. A string path. Defaults to 'auto', which will try to resolve the context from the module id.
  • Support custom context path for resolving relative imports in virtual modules
  • Add examples demonstrating context usage and filename customization

• Generate different CssModule instances for different exportType values. (by @​xiaoxiaojx in #20590)

• Added the localIdentHashFunction option to configure the hash function to be used for hashing. (by @​alexander-akait in #20694) Additionally, the localIdentName option can now be a function.

• Added support for destructuring assignment require in cjs, allowing for tree shaking. (by @​ahabhgk in #20548)

• Added the validate option to enable/disable validation in webpack/plugins/loaders, also implemented API to make it inside plugins. (by @​xiaoxiaojx in #20275)

• Added source support for async WASM modules. (by @​magic-akari in #20364)

Patch Changes

• Add a static getSourceBasicTypes method to the Module class to prevent errors across multiple versions. (by @​xiaoxiaojx in #20614)

• Included fragment groups in the conflicting order warning for CSS. (by @​aryanraj45 in #20660)

• Avoid rendering unused top-level __webpack_exports__ declaration when output ECMA module library. (by @​hai-x in #20669)

• Fixed resolving in CSS modules. (by @​alexander-akait in #20771)

• Allow external modules place in async chunks when output ECMA module. (by @​hai-x in #20662)

• Implement deprecate flag in schema for better TypeScript support to show which options are already deprecated by the configuration (by @​bjohansebas in #20432)

• Set .name to "default" for anonymous default export functions and classes per ES spec (by @​xiaoxiaojx in #20773)

• Hash entry chunks after runtime chunks to prevent stale content hash references in watch mode (by @​xiaoxiaojx in #20724)

• Fix multiple bugs and optimizations in CSS modules: correct third code point position in walkCssTokens number detection, fix multiline CSS comment regex, fix swapped :import/:export error message, fix comma callback incorrectly popping balanced stack, fix cache comparison missing array length check, fix match.index mutation side effect, move publicPathAutoRegex to module scope, precompute merged callbacks in consumeUntil, simplify redundant ternary in CssGenerator, fix typo GRID_TEMPLATE_ARES, remove duplicate grid-column-start, and merge duplicate getCompilationHooks calls. (by @​xiaoxiaojx in #20648)

... (truncated)

Changelog

Sourced from webpack's changelog.

5.106.1

Patch Changes

• Fix two ES5-environment regressions in the anonymous default export .name fix-up: the generated code referenced an undeclared __WEBPACK_DEFAULT_EXPORT__ binding causing ReferenceError, and used Reflect.defineProperty which is not available in pre-ES2015 runtimes. The fix-up now references the real assignment target and uses Object.defineProperty / Object.getOwnPropertyDescriptor. (by @​xiaoxiaojx in #20796)

• Prevent !important from being renamed as a local identifier in CSS modules. (by @​xiaoxiaojx in #20798)

• Use compiler context instead of module context for CSS modules local ident hashing to avoid hash collisions when files with the same name exist in different directories. (by @​xiaoxiaojx in #20799)

5.106.0

Minor Changes

• Add exportType: "style" for CSS modules to inject styles into DOM via HTMLStyleElement, similar to style-loader functionality. (by @​xiaoxiaojx in #20579)

• Add context option support for VirtualUrlPlugin (by @​xiaoxiaojx in #20449)

  • The context for the virtual module. A string path. Defaults to 'auto', which will try to resolve the context from the module id.
  • Support custom context path for resolving relative imports in virtual modules
  • Add examples demonstrating context usage and filename customization

• Generate different CssModule instances for different exportType values. (by @​xiaoxiaojx in #20590)

• Added the localIdentHashFunction option to configure the hash function to be used for hashing. (by @​alexander-akait in #20694) Additionally, the localIdentName option can now be a function.

• Added support for destructuring assignment require in cjs, allowing for tree shaking. (by @​ahabhgk in #20548)

• Added the validate option to enable/disable validation in webpack/plugins/loaders, also implemented API to make it inside plugins. (by @​xiaoxiaojx in #20275)

• Added source support for async WASM modules. (by @​magic-akari in #20364)

Patch Changes

• Add a static getSourceBasicTypes method to the Module class to prevent errors across multiple versions. (by @​xiaoxiaojx in #20614)

• Included fragment groups in the conflicting order warning for CSS. (by @​aryanraj45 in #20660)

• Avoid rendering unused top-level __webpack_exports__ declaration when output ECMA module library. (by @​hai-x in #20669)

• Fixed resolving in CSS modules. (by @​alexander-akait in #20771)

• Allow external modules place in async chunks when output ECMA module. (by @​hai-x in #20662)

• Implement deprecate flag in schema for better TypeScript support to show which options are already deprecated by the configuration (by @​bjohansebas in #20432)

• Set .name to "default" for anonymous default export functions and classes per ES spec (by @​xiaoxiaojx in #20773)

• Hash entry chunks after runtime chunks to prevent stale content hash references in watch mode (by @​xiaoxiaojx in #20724)

... (truncated)

Commits

• a934b9b chore(release): new release (#20808)
• ecb436b fix: use compiler context for CSS modules hash to avoid collisions (#20799)
• c0e8cf4 fix: prevent !important from being renamed in CSS modules (#20798)
• f8d274b fix: anonymous default export name fix-up in ES5 environment (#20796)
• e370b76 chore(deps-dev): bump the dependencies group with 5 updates (#20790)
• 8774a01 chore(release): new release (#20593)
• cc66616 fix: add @deprecated to methods
• 7cdc173 feat: support source phase import for WebAssembly modules (#20364)
• 0b60f1c chore(members): update to match @​webpack/core-wg (#20784)
• 955a68c test: generate snapshots per stats test case (#20785)
• Additional commits viewable in compare view

Updates @aws-sdk/client-sts from 3.1024.0 to 3.1029.0

Release notes

Sourced from @​aws-sdk/client-sts's releases.

v3.1029.0

3.1029.0(2026-04-10)

New Features

• client-observabilityadmin: CloudWatch Observability Admin adds support for multi-region telemetry evaluation and telemetry enablement rules. (861e172a)
• client-rtbfabric: Adds optional health check configuration for Responder Gateways with ASG Managed Endpoints. When provided, RTB Fabric continuously probes customers' instance IPs and routes traffic only to healthy ones, reducing errors during deployments, scaling events, and instance failures. (3e890437)
• client-ecs: Minor updates to exceptions for completeness (788ab4a6)
• client-devops-agent: Devops Agent now supports associate Splunk, Datadog and custom MCP server to an Agent Space. (44503175)
• client-mediaconvert: Adds support for MV-HEVC video output and clear lead for AV1 DRM output. (812d3dad)
• client-imagebuilder: Image pipelines can now automatically apply tags to images they create. Set the imageTags property when creating or updating your pipelines to get started. (5eb366f5)
• client-sagemaker: Support new SageMaker StartClusterHealthCheck API for on-demand DHC on Hyperpod EKS cluster. Support updated CreateCluster, UpdateCluster, DescribeCluster, BatchAddClusterNodes APIs for flexible instance group on HyperPod cluster (dfcde032)
• client-connect: Conversational Analytics for Email (fd2820f8)

---

For list of updated packages, view updated-packages.md in assets-3.1029.0.zip

v3.1028.0

3.1028.0(2026-04-09)

Chores

• codegen: bump codegen version to 0.48.0 (#7924) (037593a7)

New Features

• client-bcm-dashboards: Scheduled email reports of Billing and Cost Management Dashboards (5e7231a1)
• client-mediaconnect: Adds support for MediaLive Channel-type Router Inputs. (858c746d)
• client-bedrock-agentcore: Introducing support for SearchRegistryRecords API on AgentCoreRegistry (6ac1ecc5)
• client-sagemaker: Release support for g7e instance types for SageMaker HyperPod (c92e9e66)
• client-bedrock-agentcore-control: Initial release for CRUDL in AgentCore Registry Service (ec576322)
• client-redshift-data: The BatchExecuteStatement API now supports named SQL parameters, enabling secure batch queries with parameterized values. This enhancement helps prevent SQL injection vulnerabilities and improves query reusability. (de8f2afb)

---

For list of updated packages, view updated-packages.md in assets-3.1028.0.zip

v3.1027.0

3.1027.0(2026-04-08)

New Features

• clients: update client endpoints as of 2026-04-08 (88eb6682)
• client-outposts: Add AWS Outposts APIs to view renewal pricing options and submit renewal requests for Outpost contracts (ba6c2a7e)
• client-ecr: Add UnableToListUpstreamImageReferrersException in ListImageReferrers (459df0bc)
• client-backup: Adding EKS specific backup vault notification types for AWS Backup. (c5badfde)
• client-marketplace-discovery: AWS Marketplace Discovery API provides an interface that enables programmatic access to the AWS Marketplace catalog, including searching and browsing listings, retrieving product details and fulfillment options, and accessing public and private offer pricing and terms. (1523d996)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-sts's changelog.

3.1029.0 (2026-04-10)

Note: Version bump only for package @​aws-sdk/client-sts

3.1028.0 (2026-04-09)

Note: Version bump only for package @​aws-sdk/client-sts

3.1027.0 (2026-04-08)

Note: Version bump only for package @​aws-sdk/client-sts

3.1026.0 (2026-04-07)

Note: Version bump only for package @​aws-sdk/client-sts

3.1025.0 (2026-04-06)

Note: Version bump only for package @​aws-sdk/client-sts

Commits

• 5d5aaed Publish v3.1029.0
• edca62d Publish v3.1028.0
• 690d8d4 Publish v3.1027.0
• 67ea2f7 Publish v3.1026.0
• b19357a chore(codegen): update for sparse types and retry 2.1 updates (#7916)
• 8cfa946 Publish v3.1025.0
• See full diff in compare view

Updates @types/node from 25.5.2 to 25.6.0

Commits

• See full diff in compare view

Updates @types/node from 25.5.2 to 25.6.0

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions