Update all non-major dependencies

[renovate]

Note: This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@samvera/clover-iiif	3.0.0 → 3.3.2			dependencies	minor
a11y_audit (source)	~> 0.2.3 → ~> 0.3.0			dev	minor
bandit (source)	1.8.0 → 1.10.1			prod	minor
ecto_sql (source)	3.13.2 → 3.13.4			prod	patch
elixir (source)	1.18.4 → 1.19.5				minor
erlang	27.3.4.3 → 27.3.4.6				patch
ex_cldr_dates_times (source)	2.24.0 → 2.25.3			prod	minor
ex_doc (source)	~> 0.38 → ~> 0.39			dev	minor
gettext (source)	1.0.1 → 1.0.2			prod	patch
iconify_ex (source)	~> 0.6.1 → ~> 0.7.0			prod	minor
live_debugger (source)	~> 0.4.0 → ~> 0.5.0			dev	minor
node (source)	24.11.0 → 24.13.0				minor
node	7.2.0 → 7.2.1			orb	patch
oban (source)	2.20.1 → 2.20.2			prod	patch
oban_web (source)	2.11.4 → 2.11.6			prod	patch
phoenix (source)	1.8.1 → 1.8.3			prod	patch
phoenix_ecto (source)	4.6.5 → 4.7.0			prod	minor
phoenix_live_reload (source)	1.6.1 → 1.6.2			dev	patch
phoenix_live_view (source)	1.1.13 → 1.1.20			prod	patch
playwright (source)	1.55.1 → 1.57.0			devDependencies	minor
playwright-core (source)	1.55.1 → 1.57.0			devDependencies	minor
plug_cowboy (source)	2.7.4 → 2.7.5			prod	patch
postgrex (source)	0.21.1 → 0.22.0			prod	minor
pry	"~> 0.15.0" → "~> 0.16.0"				minor
react (source)	19.2.0 → 19.2.3			dependencies	patch
react-dom (source)	19.2.0 → 19.2.3			dependencies	patch
req (source)	0.5.15 → 0.5.17			prod	patch
swoosh (source)	1.19.8 → 1.20.0			prod	minor
tailwind (source)	0.4.0 → 0.4.1			prod	patch

---

Release Notes

samvera-labs/clover-iiif (@​samvera/clover-iiif)

v3.3.2

Compare Source

v3.3.0

Compare Source

What's Changed

• feat(i18n): add French (fr) locale by @​mathisBa in #​315
• fix: rotate icons now display correctly for non-English locales by @​joesong168 in #​318
• feat: respect viewingDirection for RTL paged manifests by @​joesong168 in #​319

New Contributors

• @​mathisBa made their first contribution in #​315

Full Changelog: samvera-labs/clover-iiif@v3.2.0...v3.3.0

v3.2.0

Compare Source

What's Changed

• Isolate Viewer provider to allow for multiple instances.
• Make VTTs follow redirects and follow CORS. by @​markpbaggett in #​317

Full Changelog: samvera-labs/clover-iiif@v3.1.1...v3.2.0

v3.1.2

Compare Source

v3.1.1

Compare Source

What's Changed

• Refines i18n implementation to be more efficient. See i18n docs.

Full Changelog: samvera-labs/clover-iiif@v3.0.3...v3.1.1

v3.1.0

Compare Source

v3.0.3

Compare Source

What's Changed

• Add i18n keys for Image component; define en values. by @​mathewjordan in #​310

Full Changelog: samvera-labs/clover-iiif@v3.0.2...v3.0.3

v3.0.2

Compare Source

What's Changed

• Add Norwegian language support with new locale files by @​tarjelavik in #​304
• Add Finnish translation by @​ronja-koistinen in #​308

New Contributors

• @​tarjelavik made their first contribution in #​304
• @​ronja-koistinen made their first contribution in #​308

Full Changelog: samvera-labs/clover-iiif@v3.0.0...v3.0.2

v3.0.1

Compare Source

angelikatyborska/a11y-audit-elixir (a11y_audit)

v0.3.1

Compare Source

• Upgrade axe-core to 4.11.1.

v0.3.0

Compare Source

• Upgrade axe-core to 4.11.0.

mtrudel/bandit (bandit)

v1.10.1

Compare Source

Changes

• Change default preference order for compression methods to be 'zstd (if present), gzip, deflate' (#​562)

Fixes

• Allow :zstd_options key to be set in config (#​558, thanks @​Fudoshiki!)
• Fix error where deflate responses weren't always completely sent (#​559, thanks @​josevalim!)

v1.10.0

Compare Source

Enhancements

• Expose response_encodings to allow specifying an explicit preference order to compression encodings (#​555)

v1.9.0

Compare Source

Enhancements

• Skip body draining when Connection: close is set (#​546, thanks @​pepicrft!)
• Make deflate options for WebSockets configurable (#​540, thanks @​proxima!)
• Mitigate HTTP/2 rapid reset attacks (#​533, thanks @​NelsonVides!)
• Implement improved respect for SETTINGS_MAX_CONCURRENT_STREAMS (#​524, thanks @​NelsonVides!)
• Support zstd HTTP compression (#​514, thanks @​mattmatters!)

elixir-ecto/ecto_sql (ecto_sql)

v3.13.4

Compare Source

Bug fixes

• [mysql] Do not crash mix ecto.load with large dumped databases

v3.13.3

Compare Source

Enhancements

• [sql] Tag generated functions as :generated
• [sql] Add :wrap_in_transaction option to explain

Bug fixes

• [mysql] Fix structure_load/2 for MySQL 9.4+

elixir-lang/elixir (elixir)

v1.19.5

Compare Source

1. Enhancements

Elixir

• [Protocol] Optimize protocol consolidation to no longer load structs

2. Bug fixes

Elixir

• [Kernel] Fix unnecessary recompilation when dbg_callback is modified at runtime
• [Kernel] Fix parser crash on missing parentheses on expression following operator not in
• [Kernel] Support fetching abstract code for modules compiled with Elixir v1.14 and earlier
• [Protocol] Ensure protocol consolidation no longer stores outdated struct types. As a consequence, protocols types only track struct names at the moment
• [Stream] Revert optimization which caused nested streams in Stream.flat_map/2 to crash

IEx

• [IEx] Fix usage of #iex:break as part of multi-line prompts

Logger

• [Logger.Backends] Do not crash on invalid metadata

v1.19.4

Compare Source

1. Enhancements

Mix

• [mix xref] Add --min-cycle-label to help projects adapt to the more precise mix xref graph reports in Elixir v1.19. In previous versions, Elixir would break a large compilation cycle into several smaller ones, and therefore developers would check for --min-cycle-size on CI. However, the issue is not the size of the cycle (it has no implication in the amount of compiled files), but how many compile-time dependencies (aka compile labels) in a cycle. The new option allows developers to filter on the label parameter

2. Bug fixes

Elixir

• [File] Ensure File.cp_r/3 reports non-existing destination properly (instead of source)

ExUnit

• [ExUnit] Fix formatter crash when diffing takes too long
• [ExUnit] Ensure parallel matches in assert propagate type information

Logger

• [Logger] Fix regression where formatter would crash when given chardata (the crash would happen when logging non-ASCII characters)

Mix

• [mix help] Ensure app:APP works when the project or its dependencies were not yet compiled
• [mix escript.build] Ensure the hex application can be included in escripts

v1.19.3

Compare Source

1. Enhancements

Elixir

• [Kernel] Support /E modifier for regular expressions in config files

Mix

• [mix compile] Allow forcing specific compilers, such as --force-elixir, --force-app, etc
• [mix help app:APP] Support showing helps for apps in Elixir and Erlang standard libraries

2. Bug fixes

ExUnit

• [ExUnit.Case] Fix crash when formatting errors caused by a linked/trapped exit during setup_all

Mix

• [mix compile.app] Ensure functions in the format &Mod.fun/arity can be written to .app files
• [mix compile.app] Ensure strings with Unicode characters can be written to .app files

v1.19.2

Compare Source

1. Enhancements

Elixir

• [Kernel] Measure and optimize writing of .beam files in the compiler
• [Kernel] Optimize rare scenarios where type checking took too long

Mix

• [mix compile] Add flag --no-check-cwd to skip compiler check to aid debugging

2. Bug fixes

Elixir

• [IO] Fix dialyzer warning on IO.inspect :label
• [Kernel] Ensure we warn on deprecated ~~~ unary operator

Logger

• [Logger] Reset ansi escapes before newlines in Logger

Mix

• [mix compile] Warn if elixirc_paths is not a list of string paths
• [mix compile] Address regression where umbrella children were compiled too early and without respecting compilation flags
• [mix deps.compile] Improve reliability of MIX_OS_DEPS_COMPILE_PARTITION_COUNT across mix escript.install, mix archive.install, and others

v1.19.1

Compare Source

1. Bug fixes

EEx

• [EEx] Address Dialyzer warnings when invoking EEx.compile_string

Elixir

• [Kernel] Optimize how types are computed for pretty printing
• [Kernel] Optimize how differences are computed in the type system
• [Macro] Do not escape options given to dbg/2
• [Protocol] Improve protocol violation warnings

Mix

• [mix compile] Do not attempt to touch deleted files when compilation fails and then resumed with missing files
• [mix deps.compile] Do not spawn partitions when all dependencies are local and already compiled

erlang/otp (erlang)

v27.3.4.6: OTP 27.3.4.6

Compare Source

Patch Package:           OTP 27.3.4.6
Git Tag:                 OTP-27.3.4.6
Date:                    2025-11-14
Trouble Report Id:       OTP-19814, OTP-19843
Seq num:                 PR-10353
System:                  OTP
Release:                 27
Application:             erts-15.2.7.4, kernel-10.2.7.3, wx-2.4.3.1
Predecessor:             OTP 27.3.4.5

Check out the git tag OTP-27.3.4.6, and build a full OTP system including documentation. Apply one or more applications from this build as patches to your installation using the 'otp_patch_apply' tool. For information on install requirements, see descriptions for each application version below.

erts-15.2.7.4

The erts-15.2.7.4 application can be applied independently of other applications on a full OTP 27 installation.

Improvements and New Features

• Option(s) to create gen_tcp and socket sockets with protocol IPPROTO_MPTCP has been implemented.

  See functions gen_tcp:listen/2, gen_tcp:connect/4 and the type socket:protocol/0.

  Own Id: OTP-19814

Full runtime dependencies of erts-15.2.7.4

kernel-9.0, sasl-3.3, stdlib-4.1

kernel-10.2.7.3

Note! The kernel-10.2.7.3 application cannot be applied independently of other applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- erts-15.2.5 (first satisfied in OTP 27.3.2)

Improvements and New Features

• Option(s) to create gen_tcp and socket sockets with protocol IPPROTO_MPTCP has been implemented.

  See functions gen_tcp:listen/2, gen_tcp:connect/4 and the type socket:protocol/0.

  Own Id: OTP-19814

Full runtime dependencies of kernel-10.2.7.3

crypto-5.0, erts-15.2.5, sasl-3.0, stdlib-6.0

wx-2.4.3.1

The wx-2.4.3.1 application can be applied independently of other applications on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Fixed reading out of array bounds and potential memory leaks.

  Own Id: OTP-19843
  Related Id(s): PR-10353

Full runtime dependencies of wx-2.4.3.1

erts-12.0, kernel-8.0, stdlib-5.0

v27.3.4.5: OTP 27.3.4.5

Compare Source

Patch Package:           OTP 27.3.4.5
Git Tag:                 OTP-27.3.4.5
Date:                    2025-11-07
Trouble Report Id:       OTP-19828, OTP-19835, OTP-19839
Seq num:                 ERIERL-1273, PR-10242, PR-10333, PR-10350
System:                  OTP
Release:                 27
Application:             inets-9.3.2.2, ssh-5.2.11.4, ssl-11.2.12.4
Predecessor:             OTP 27.3.4.4

Check out the git tag OTP-27.3.4.5, and build a full OTP system including documentation. Apply one or more applications from this build as patches to your installation using the 'otp_patch_apply' tool. For information on install requirements, see descriptions for each application version below.

inets-9.3.2.2

The inets-9.3.2.2 application can be applied independently of other applications on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Fixed uri_string:uri_string() to string() type specs inside httpc.erl module.

  Own Id: OTP-19835
  Related Id(s): PR-10242

Full runtime dependencies of inets-9.3.2.2

erts-14.0, kernel-9.0, mnesia-4.12, public_key-1.13, runtime_tools-1.8.14, ssl-9.0, stdlib-5.0, stdlib-6.0

ssh-5.2.11.4

The ssh-5.2.11.4 application can be applied independently of other applications on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• With this change user space buffers are used to limit ssh hello message size instead of kernel buffers

  Own Id: OTP-19839
  Related Id(s): ERIERL-1273, PR-10350

Full runtime dependencies of ssh-5.2.11.4

crypto-5.0, erts-14.0, kernel-9.0, public_key-1.6.1, runtime_tools-1.15.1, stdlib-5.0, stdlib-6.0

ssl-11.2.12.4

Note! The ssl-11.2.12.4 application cannot be applied independently of other applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- public_key-1.16.4 (first satisfied in OTP 27.1.3)

Fixed Bugs and Malfunctions

• Correct documentation for fail_if_no_peer_cert option.

  Own Id: OTP-19828
  Related Id(s): PR-10333

Full runtime dependencies of ssl-11.2.12.4

crypto-5.0, erts-15.0, inets-5.10.7, kernel-9.0, public_key-1.16.4, runtime_tools-1.15.1, stdlib-6.0

Thanks to

Marcelino Alberdi Pereira

v27.3.4.4: OTP 27.3.4.4

Compare Source

Patch Package:           OTP 27.3.4.4
Git Tag:                 OTP-27.3.4.4
Date:                    2025-10-28
Trouble Report Id:       OTP-19768, OTP-19774, OTP-19790, OTP-19791,
                         OTP-19792, OTP-19799, OTP-19803, OTP-19806,
                         OTP-19813, OTP-19817, OTP-19818, OTP-19825
Seq num:                 ERERL-1261, GH-10119, GH-10150, GH-10191,
                         PR-10182, PR-10201, PR-10241, PR-10245,
                         PR-10249, PR-10257, PR-10274, PR-10284,
                         PR-10296, PR-9970
System:                  OTP
Release:                 27
Application:             diameter-2.4.1.1, erts-15.2.7.3,
                         ssl-11.2.12.3, syntax_tools-3.2.2.2,
                         xmerl-2.1.3.2
Predecessor:             OTP 27.3.4.3

Check out the git tag OTP-27.3.4.4, and build a full OTP system including documentation. Apply one or more applications from this build as patches to your installation using the 'otp_patch_apply' tool. For information on install requirements, see descriptions for each application version below.

diameter-2.4.1.1

The diameter-2.4.1.1 application can be applied independently of other applications on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Added documentation about 'proxy' and 'resend' options in diameter:handle_request/3

  Own Id: OTP-19768
  Related Id(s): GH-10150, PR-10182

Full runtime dependencies of diameter-2.4.1.1

erts-10.0, kernel-3.2, ssl-9.0, stdlib-5.0

erts-15.2.7.3

The erts-15.2.7.3 application can be applied independently of other applications on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Fixed the erl documentation of the default timewarp mode used.

  Own Id: OTP-19790
  Related Id(s): PR-9970

• The erlang:suspend_process() BIFs failed to suspend processes currently executing on dirty schedulers.

  Own Id: OTP-19799
  Related Id(s): PR-10241

• When multiple processes called the same fun whose defining module was not loaded, a badfun exception could sometimes occur in one of the calling processes. This would only happen with the JIT runtime system.

  Own Id: OTP-19803
  Related Id(s): PR-10257

Full runtime dependencies of erts-15.2.7.3

kernel-9.0, sasl-3.3, stdlib-4.1

ssl-11.2.12.3

Note! The ssl-11.2.12.3 application cannot be applied independently of other applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- public_key-1.16.4 (first satisfied in OTP 27.1.3)

Fixed Bugs and Malfunctions

• Fixed so that sending of application data will adhere to max_fragment_length. This was broken in OTP-27 release by an optimization.

  Own Id: OTP-19774
  Related Id(s): GH-10191, PR-10201

• Assert that hello extensions are unique and send an illegal parameter alert if they are not.

  Own Id: OTP-19791
  Related Id(s): PR-10245

• Avoid sending an internal message to the user process in conjunction with handling a key update.

  Own Id: OTP-19806
  Related Id(s): PR-10274

• Graceful error handling added in negative test scenario.

  Own Id: OTP-19813
  Related Id(s): PR-10284

• Handle duplicate change_cipher_spec message with an unexpected message alert instead of failing later in corrupted state.

  Own Id: OTP-19818
  Related Id(s): PR-10296

• Make sure TLS-1.3 protocol spec is followed, that is psk-hello extension is guaranteed to be included as the last extension in the list of client hello extensions and internal hello message truncation in handshake history is handled correctly, the previous handling could cause interoperability issues.

  Own Id: OTP-19825
  Related Id(s): PR-10296

Full runtime dependencies of ssl-11.2.12.3

crypto-5.0, erts-15.0, inets-5.10.7, kernel-9.0, public_key-1.16.4, runtime_tools-1.15.1, stdlib-6.0

syntax_tools-3.2.2.2

The syntax_tools-3.2.2.2 application can be applied independently of other applications on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• Annotate map comprehensions and generators

  Own Id: OTP-19817
  Related Id(s): GH-10119

Full runtime dependencies of syntax_tools-3.2.2.2

compiler-7.0, erts-9.0, kernel-5.0, stdlib-4.0

xmerl-2.1.3.2

The xmerl-2.1.3.2 application can be applied independently of other applications on a full OTP 27 installation.

Fixed Bugs and Malfunctions

• The XSD validation failed due to not handling the optional text blocks correctly in an XSD complex type with attribute mixed=true.

  Own Id: OTP-19792
  Related Id(s): PR-10249, ERERL-1261

Full runtime dependencies of xmerl-2.1.3.2

erts-6.0, kernel-8.4, stdlib-2.5

Thanks to

Daniel Gorin, Jean-Philippe Jodoin

elixir-cldr/cldr_dates_times (ex_cldr_dates_times)

v2.25.3

Compare Source

This is the changelog for Cldr_Dates_Times v2.25.3 released on January 14th, 2026. For older changelogs please consult the release tag on GitHub

Bug Fixes

• Fix doc errors in modules generated by Cldr.DateTime.Relative.Backend. Thanks to @​ArthurClemens for the report. Closes #​267.

v2.25.2

Compare Source

This is the changelog for Cldr_Dates_Times v2.25.2 released on January 3rd, 2026. For older changelogs please consult the release tag on GitHub

Deprecations

• Soft deprecate Cldr.DateTime.Format.common_date_time_format_names/1 in favour of common_date_time_format_ids/1 as part of the effort to make format terminology consistent and clearer.

Enhancements

• Enhance the documentation describing formats (format pattern, format skeleton, format ID, standard format). Thanks to @​tjchambers for the issue. Closes #​65.

• Revised the types associated with format definitions to be clearer and more specific and improve their documentation.

v2.25.1

Compare Source

This is the changelog for Cldr_Dates_Times v2.25.1 released on November 10th, 2025. For older changelogs please consult the release tag on GitHub

Bug Fixes

• Fix a Cldr.DateTime.Relative.to_string/3 regression when a backend is provided as the second argument. Thanks to @​madlep for the report. Closes #​64.

v2.25.0

Compare Source

This is the changelog for Cldr_Dates_Times v2.25.0 released on November 6th, 2025. For older changelogs please consult the release tag on GitHub

Breaking Changes

• Changes in the implemementation of time zone formatting may result in different (but semantically the same) strings for formats that include time zone information. See Bug Fixes below.

Bug Fixes

• Fixes the generation of time zone formats to be in accordance with CLDR Time Zone Names. This is particularly true of the following time zone formats:

  • Generic non-location format (eg "Pacific Time", "PT")
  • Generic partial location format (eg "Pacific Time (Canada)")
  • Generic location format (eg "France Time", "Adelaide Time")
  • Specific non-location format (eg "Pacific Standard Time", "PST")
  • Localized GMT format (eg "GMT+03:30", "Гринуич+03:30", "GMT+?")

• Fixes Cldr.DateTime.Relative.to_string/3 when the relative value is an integer of 2 or -2 and the locale provides a specific word for that value. For example, in English there are words for 1 day in advance or behind ("today" and "yesterday"). When specifing 2 days ago, English has no specific word so the result is "2 days ago". In German the result is "vorgestern". Similary for the English "in 2 days", the German result will be "übermorgen".

Enhancements

• Updates to CLDR 48 data.

• Adds Cldr.DateTime.Format.gmt_unknown_format/1 to return a string representing an unknown GMT offset.

• Adds style: :at to Cldr.DateTime.Relative.to_string/2. This allows formatting of string like "tomorrow at 3:30 PM". The default is style: :standard.

• Significant improvement in support of date time skeletons. Skeletons are a flexible way to express desired formatting in a locale-indepdendent way.

• Support is added for the "j", "J" and "C" input skeleton symbols which will be substituted with the locales preferred hour formats. These changes also improve implicit format generation derived from whatever date and time data is passed to the Cldr.Date.to_string/3, Cldr.Time.to_string/3, Cldr.DateTime.to_string/3 functions.

v2.24.2

Compare Source

This is the changelog for Cldr_Dates_Times v2.24.2 released on October 14th, 2025. For older changelogs please consult the release tag on GitHub

Bug Fixes

• Fix generated doc links in generated backend modules. Previously they used implicit links to the projects README file. Since they generate code, the implicit links end up referencing the users project README which is not the intention and which generates ex_doc warnings. Thanks to @​zorn for the report. Fixes #​63 for this library.

v2.24.1

Compare Source

This is the changelog for Cldr_Dates_Times v2.24.1 released on October 9th, 2025. For older changelogs please consult the release tag on GitHub

Bug Fixes

• Allow NaiveDatetime.t/0 types to be passed to Cldr.Interval.to_string/3. Previously there was no function clause that supported these types even though the formatting code does. Thanks to @​sysashi for the report. Partially fixes #​62. Full resolution requires fixing #​61 targetted for the end of October 2025.

elixir-lang/ex_doc (ex_doc)

v0.39.3

Compare Source

• Enhancements
  • Add the option to trim down the footer

v0.39.2

Compare Source

• Bug fixes
  • Do not strip hrefs on summaries
  • Show go to latest for prereleases
  • Prevent fake italic in autocomplete text
  • Rename "Search Hexdocs" link to "Go to package docs"

v0.39.1

Compare Source

• Bug fixes
  • Improve box-shadow around autocompletion
  • Trim search engine selector on small screens
  • Fix admonition titles on small screens

v0.39.0

Compare Source

• Enhancements
  • Allow custom search engines to be configured with support for https://hexdocs.pm
  • Improve admonition blocks so they better integrate with the page flow
  • Bug fixes
    • Add .cheatmd to EPUB to avoid broken links
  • Backwards incompatible changes
    • Validate :extras fields: if you were previously setting them to unexpected values, you may now get an exception
    • Setting exdoc:full-text-search-url metadata is no longer supported, using the new search engines configuration

elixir-gettext/gettext (gettext)

v1.0.2

Compare Source

• Only skip manifest removal on Elixir v1.19.3+

software-mansion/live-debugger (live_debugger)

v0.5.1

Compare Source

What's Changed

Bug fixes

• Bug: fix function name in async loading by @​kraleppa in #​877
• Bug: Modals should be closed on click away by @​hhubert6 in #​897
• Bug: fix navigation menu in old LiveView versions by @​kraleppa in #​899

Enhancements

• Enhancement: Sort children in TermNode by @​hhubert6 in #​896

Full Changelog: software-mansion/live-debugger@v0.5.0...v0.5.1

v0.5.0

Compare Source

What's Changed

Features

• Calculate assigns size by @​kraleppa in #​795
• Trace diffs sent to browser by @​kraleppa in #​801
• Add dead LiveViews section by @​hhubert6 in #​798
• Add resources page by @​kraleppa in #​820
• Add history of assigns by @​hhubert6 in #​845
• Async loading support by @​kraleppa in #​851
• Add streams section by @​srzeszut in #​817

Bug fixes

• Fix appearance buttons in settings are not synchronized across tabs by @​srzeszut in #​736
• Settings switch wrong state when clicking fast by @​hhubert6 in #​758
• Debugger LiveViews state saved among debugged LiveViews by @​hhubert6 in #​785
• change position of the searchbar in fullscreen assigns by @​srzeszut in #​796
• Fix search in assigns by @​hhubert6 in #​812
• Fix flaky e2e test by @​hhubert6 in #​819
• fix error alert in traces by @​kraleppa in #​852
• Fix sending events from browser by @​hhubert6 in #​853
• Fix assigns change pulse by @​hhubert6 in #​854
• fix sending obsolete event on clicking in LiveDebugger by @​kraleppa in #​863
• remove LiveDebugger warnings on production by @​kraleppa in #​862
• not displaying error in async jobs for dead LiveView by @​kraleppa in #​866

Enhancements

• Add option to disable debug button by @​hhubert6 in #​750
• Add setting for tracing enabled no start by @​hhubert6 in #​752
• Search in assigns by @​srzeszut in #​755
• Extend GarbageCollector by @​hhubert6 in #​766
• Add diffing functionality by @​GuzekAlan in #​761
• Improve Assigns section performance by @​GuzekAlan in #​799
• async calculation assigns sizes by @​kraleppa in #​810
• Add search for callback traces in node inspector by @​hhubert6 in #​814
• Remove Trace body from DOM on collapsible close by @​hhubert6 in #​818
• Add pulse on assign change by @​hhubert6 in #​822
• Add ability to track specific assigns by @​hhubert6 in #​824
• Update Active LiveViews page by @​hhubert6 in #​858
• added status dot for indicating that assigns are loading by @​kraleppa in #​864
• Add chevrons to sections in node inspector by @​hhubert6 in #​867

Other

• Refactor: Add garbage collection to settings and remove config from settings storage by @​srzeszut in #​734
• Refactor: unify traces on the UI by @​kraleppa in #​813
• Refactor: unify trace data structures by @​kraleppa in #​815
• Refactor: update tracing action buttons by @​srzeszut in #​844
• Refactor: Update layout of LiveDebugger by @​srzeszut in #​859
• Refactor: Change components to better match designs by @​hhubert6 in #​735
• Refactor: remove config flags by @​srzeszut in #​746
• Docs: Move config guide from README.md to HexDocs by @​hhubert6 in #​744
• Docs: Improved deprecation info for Process API by @​kraleppa in #​768
• Docs: add website urls by @​kraleppa in #​843
• Chore: bump elixir to 1.19 by @​kraleppa in #​811
• Chore: bump wallaby by @​kraleppa in #​821
• Tests: Remove live_debugger_refactor directory by @​hhubert6 in #​800
• Tests: Remove flaky case from e2e test by @​kraleppa in #​847
• Add EndlessCrashLoop LiveView to devApp by @​srzeszut in #​739

Full Changelog: software-mansion/live-debugger@v0.4.0...v0.5.0

v0.4.3

Compare Source

Bug fixes

• Fix highlighting with embedded LiveViews #​797

Enhancements

• Route to same page after redirect to new process #​803
• Add features page to docs #​829

v0.4.2

Compare Source

Bug fixes

• Fix crash when refreshing during callback execution in #​760
• Explicit formats in SocketDiscoveryController in #​754
• Fix positioning of return arrow in #​788
• Fix highlighting LiveViews in LiveComponents in #​725
• Add phoenix ~> 1.7 dep in #​791

nodejs/node (node)

v24.13.0: 2026-01-13, Version 24.13.0 'Krypton' (LTS), @​marco-ippolito

Compare Source

This is a security release.

Notable Changes

lib:

• (CVE-2025-59465) add TLSSocket default error handler (RafaelGSS) nodejs-private/node-private#797
• (CVE-2025-55132) disable futimes when permission model is enabled (RafaelGSS) [nodejs-private/node-private#748](https://redirect.github.c

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Container Scanning Status: ✅ Success

ghcr.io/pulibrary/dpul-collections:pr-821 (debian 13.3)
=======================================================
Total: 0 (HIGH: 0, CRITICAL: 0)

[eliotjordan]

Tested on staging.