deps: bump the minor-and-patch group across 1 directory with 27 updates

[dependabot]

Bumps the minor-and-patch group with 25 updates in the / directory:

Package	From	To
@adcp/sdk	6.13.0	6.13.1
@anthropic-ai/sdk	0.91.1	0.95.1
@contentauth/c2pa-node	0.5.4	0.5.5
@google-cloud/kms	5.4.0	5.5.0
@opentelemetry/api-logs	0.215.0	0.217.0
@opentelemetry/exporter-logs-otlp-http	0.215.0	0.217.0
@opentelemetry/resources	2.7.0	2.7.1
@opentelemetry/sdk-logs	0.215.0	0.217.0
@slack/bolt	4.7.1	4.7.2
@slack/web-api	7.15.1	7.15.2
@workos-inc/node	9.1.1	9.2.0
@workos-inc/widgets	1.10.2	1.12.0
express-rate-limit	8.4.1	8.5.1
isomorphic-dompurify	3.10.0	3.12.0
jose	6.2.2	6.2.3
marked	18.0.2	18.0.3
posthog-node	5.30.4	5.33.4
resend	6.12.2	6.12.3
stripe	22.1.0	22.1.1
svix	1.92.2	1.93.0
yaml	2.8.3	2.8.4
zod	4.3.6	4.4.3
mintlify	4.2.531	4.2.555
msw	2.13.6	2.14.5
puppeteer	24.42.0	24.43.0

Updates @adcp/sdk from 6.13.0 to 6.13.1

Release notes

Sourced from @​adcp/sdk's releases.

@​adcp/sdk@​6.13.1

Patch Changes

• 5da91d1: Unwrap A2A failed-task DataPart so storyboard error_code validators read adcp_error.code from the artifact instead of falling back to Task.status.state. Per AdCP transport-errors §A2A Binding, failed tasks carry the same result.artifacts[].parts[].data envelope as completed tasks (with adcp_error keyed in the DataPart); the unwrapper now extracts that payload for any terminal state (completed, failed, rejected, canceled) and only rejects genuinely intermediate states (working, submitted, input-required, auth-required). Fixes spec-compliant A2A errors being mis-reported as Expected error code "<code>", got "Task failed". (#1571)

Changelog

Sourced from @​adcp/sdk's changelog.

6.13.1

Patch Changes

• 5da91d1: Unwrap A2A failed-task DataPart so storyboard error_code validators read adcp_error.code from the artifact instead of falling back to Task.status.state. Per AdCP transport-errors §A2A Binding, failed tasks carry the same result.artifacts[].parts[].data envelope as completed tasks (with adcp_error keyed in the DataPart); the unwrapper now extracts that payload for any terminal state (completed, failed, rejected, canceled) and only rejects genuinely intermediate states (working, submitted, input-required, auth-required). Fixes spec-compliant A2A errors being mis-reported as Expected error code "<code>", got "Task failed". (#1571)

Commits

• 98be989 chore: release package (#1573)
• 5da91d1 fix(unwrapper): extract DataPart from terminal A2A states (failed/rejected/ca...
• See full diff in compare view

Updates @anthropic-ai/sdk from 0.91.1 to 0.95.1

Release notes

Sourced from @​anthropic-ai/sdk's releases.

sdk: v0.95.1

0.95.1 (2026-05-07)

Full Changelog: sdk-v0.95.0...sdk-v0.95.1

Chores

• redact api-key headers in debug logs (fad8fee)

sdk: v0.95.0

0.95.0 (2026-05-06)

Full Changelog: sdk-v0.94.0...sdk-v0.95.0

Features

• api: add support for Managed Agents multiagents and outcomes, webhooks, vault validation (e0c0e9b)

Bug Fixes

• api: Adjust webhook configuration (deed3f6)

sdk: v0.94.0

0.94.0 (2026-05-05)

Full Changelog: sdk-v0.93.0...sdk-v0.94.0

Features

• client: allow targeting a workspace for OIDC federation token exchange (bde6620)

sdk: v0.93.0

0.93.0 (2026-05-04)

Full Changelog: sdk-v0.92.0...sdk-v0.93.0

Features

• client: add Workload Identity Federation, interactive OAuth, and auth profiles (d5d6abd)

sdk: v0.92.0

0.92.0 (2026-04-30)

Full Changelog: sdk-v0.91.1...sdk-v0.92.0

Features

• api: improve Managed Agents APIs (ca1bf4a)
• support setting headers via env (32f67d4)

... (truncated)

Changelog

Sourced from @​anthropic-ai/sdk's changelog.

0.95.1 (2026-05-07)

Full Changelog: sdk-v0.95.0...sdk-v0.95.1

Chores

• redact api-key headers in debug logs (fad8fee)

0.95.0 (2026-05-06)

Full Changelog: sdk-v0.94.0...sdk-v0.95.0

Features

• api: add support for Managed Agents multiagents and outcomes, webhooks, vault validation (e0c0e9b)

Bug Fixes

• api: Adjust webhook configuration (deed3f6)

0.94.0 (2026-05-05)

Full Changelog: sdk-v0.93.0...sdk-v0.94.0

Features

• client: allow targeting a workspace for OIDC federation token exchange (bde6620)

0.93.0 (2026-05-04)

Full Changelog: sdk-v0.92.0...sdk-v0.93.0

Features

• client: add Workload Identity Federation, interactive OAuth, and auth profiles (d5d6abd)

0.92.0 (2026-04-30)

Full Changelog: sdk-v0.91.1...sdk-v0.92.0

Features

• api: improve Managed Agents APIs (ca1bf4a)
• support setting headers via env (32f67d4)

Bug Fixes

• bedrock: throw APIError for error events delivered in chunk frames (#1021) (3ae887b)

... (truncated)

Commits

• e6f4239 chore: release main
• 6f06905 chore: redact api-key headers in debug logs
• 7693ec9 chore: release main (#1030)
• 9ddb1ad chore: release main
• 6d73820 feat(client): allow targeting a workspace for OIDC federation token exchange
• d6f562c chore: release main (#1025)
• d3aff28 chore: release main (#1017)
• 3ae887b fix(bedrock): throw APIError for error events delivered in chunk frames (#1021)
• See full diff in compare view

Updates @contentauth/c2pa-node from 0.5.4 to 0.5.5

Release notes

Sourced from @​contentauth/c2pa-node's releases.

v0.5.5

Patch Changes

• 1bdc7bf: Update trustmark model url
• f40b882: Fix x86 mac release. Allow custom index.node
• 4ed8b65: Add method for adding redactions to builder

Changelog

Sourced from @​contentauth/c2pa-node's changelog.

0.5.5

Patch Changes

• 1bdc7bf: Update trustmark model url
• f40b882: Fix x86 mac release. Allow custom index.node
• 4ed8b65: Add method for adding redactions to builder

Commits

• e51afaa chore: version packages (#56)
• 4ed8b65 feat: add redaction support. (#63)
• f40b882 fix: Fix x86 macos build and allow custom index.node (#62)
• 53bf419 Merge pull request #59 from contentauth/fix-doc-wf
• 5e627e6 docs: Add test-docs workflow for testing
• 20489ba docs: Update README with new info on doc wf
• 8b7dcc9 fix: Change doc publish workflow to be like c2pa-js
• 1bdc7bf chore: update model url (#55)
• 18cc82a docs: add docs on adding ingredient from archive (#54)
• See full diff in compare view

Updates @google-cloud/kms from 5.4.0 to 5.5.0

Changelog

Sourced from @​google-cloud/kms's changelog.

5.5.0 (2026-05-01)

Features

• [kms] support external-μ in the Digest (#8014) (048f3db)

Bug Fixes

• Change the copyright year for files in the packages folder (#8109) (c1a03fe)
• Do not publish the protos to npm (#8079) (816216b)
• Revert "fix: Do not publish the protos to npm" (#8096) (ac0fbb6)

Commits

• 4572246 chore: release main (#8148)
• 59f445d fix: sync legacy 0.1.0 snippet metadata versions across monorepo (#8144)
• 138f402 docs: [kms] Update the comment for duration value `unrefreshed_duration_until...
• c1a03fe fix: change the copyright year for files in the packages folder (#8109)
• a47507c chore: consolidate prettierignore and prettierrc files: autogen (#8082)
• ac0fbb6 fix: Revert "fix: Do not publish the protos to npm" (#8096)
• 816216b fix: Do not publish the protos to npm (#8079)
• 048f3db feat: [kms] support external-μ in the Digest (#8014)
• f8da6e1 chore: [Many APIs] migrate generator to google-cloud-node (#7987)
• 5d85291 chore: cleanup redundant .gitattributes files (#8007)
• Additional commits viewable in compare view

Updates @opentelemetry/api-logs from 0.215.0 to 0.217.0

Release notes

Sourced from @​opentelemetry/api-logs's releases.

experimental/v0.217.0

0.217.0

🚀 Features

• feat(otlp-transformer): replace protobufjs trace serialization with custom implementation #6625 @​pichlermarc
• feat(configuration): auto-generate TypeScript types from OTel declarative config JSON schema (stable v1.0.0) using json-schema-to-typescript and ajv #6533 @​MikeGoldsmith
• feat(configuration, sdk-node): startNodeSDK() code path now uses log_level configuration to setup a DiagConsoleLogger #6668 @​trentm
  • Note that allowed values for log_level in a configuration YAML file are not the same set as for OTEL_LOG_LEVEL. Use log_level: trace to see all logs (equivalent of OTEL_LOG_LEVEL=ALL). Use log_level: fatal to effectively disable the SDK's internal diagnostic logger (equivalent of OTEL_LOG_LEVEL=NONE).
  • If log_level is not specified, a diagnostic console logger at "info" level will be setup.
  • An invalid YAML config file will now result in a noop OTel SDK.

🐛 Bug Fixes

• fix(configuration): do not validate OTEL_CONFIG_FILE value before using it for file config #6643 @​trentm
• fix(configuration): improve how 'additionalProperties' in JSON schema is translated to TS types #6650 @​trentm
• fix(configuration): remove stripMinItems and preprocessNullArrays from validation/parsing #6657 @​trentm
• fix(configuration): improve handling of enums in generated types #6659 @​trentm
• fix(configuration): improve the technique for removing '| null' on types the JSON Schema #6662 @​trentm
• fix(sampler-jaeger-remote): add missing axios dep #6656 @​trentm
• fix(exporter-prometheus): handle malformed URLs in Prometheus exporter request handler #6674 @​homanp

experimental/v0.216.0

0.216.0

🚀 Features

• feat(sdk-node): wire attribute_keys from declarative configuration to ViewOptions.attributesProcessors #6427 @​ravitheja4531-cell
• feat(sdk-node): set TracerProvider in startNodeSDK() #6607 @​maryliag

🐛 Bug Fixes

• fix(instrumentation-xml-http-request): avoid unwrapping XMLHttpRequest API when disabling #6611 @​david-luna
• fix(instrumentation-fetch): tolerate non-writable globalThis.fetch and fix premature _isEnabled / _isFetchPatched flips in enable() @​brunorodmoreira
• fix(instrumentation-xhr): resolve relative URLs before matching ignoreUrls #6551 @​Maximiliano-Zeballos
• fix(sdk-node): fix setting of ViewOption#name from ConfigurationModel #6620 @​trentm
• fix(web-common): add limit for timeout #6601 @​maryliag
• fix(otlp-transformer): pin protobufjs@8.0.1 as protobufjs@8.0.3 is broken for browser use #6646

🏠 Internal

• test(otlp-transformer): add metrics transform benchmark #6628 @​pichlermarc
• refactor(opentelemetry-exporter-prometheus): do not call enforcePrometheusNamingConvention() multiple times per metric #6636 @​cjihrig

Commits

• 74cde1b chore: prepare next release (#6675)
• e8f439a fix: handle malformed URLs in Prometheus exporter request handler (#6674)
• ab3a2e2 feat(sdk-node, configuration): diag log handling updates for startNodeSDK(), ...
• d5b7d1e fix(deps): update dependency axios to v1.15.2 [security] (#6670)
• c163618 chore(deps): update github/codeql-action digest to e46ed2c (#6661)
• ec2bfbe chore(configuration): move config generation scripts into the configuration p...
• acc9ecd chore(configuration): cosmetic changes to generated types.ts (#6663)
• 8f008ec chore: Move inactive members to emeritus (#6649)
• 435431e fix(configuration): improve the technique for removing '| null' on types due ...
• 4222024 fix(configuration): improve handling of enums in generated types (#6659)
• Additional commits viewable in compare view

Updates @opentelemetry/exporter-logs-otlp-http from 0.215.0 to 0.217.0

Release notes

Sourced from @​opentelemetry/exporter-logs-otlp-http's releases.

experimental/v0.217.0

0.217.0

🚀 Features

• feat(otlp-transformer): replace protobufjs trace serialization with custom implementation #6625 @​pichlermarc
• feat(configuration): auto-generate TypeScript types from OTel declarative config JSON schema (stable v1.0.0) using json-schema-to-typescript and ajv #6533 @​MikeGoldsmith
• feat(configuration, sdk-node): startNodeSDK() code path now uses log_level configuration to setup a DiagConsoleLogger #6668 @​trentm
  • Note that allowed values for log_level in a configuration YAML file are not the same set as for OTEL_LOG_LEVEL. Use log_level: trace to see all logs (equivalent of OTEL_LOG_LEVEL=ALL). Use log_level: fatal to effectively disable the SDK's internal diagnostic logger (equivalent of OTEL_LOG_LEVEL=NONE).
  • If log_level is not specified, a diagnostic console logger at "info" level will be setup.
  • An invalid YAML config file will now result in a noop OTel SDK.

🐛 Bug Fixes

• fix(configuration): do not validate OTEL_CONFIG_FILE value before using it for file config #6643 @​trentm
• fix(configuration): improve how 'additionalProperties' in JSON schema is translated to TS types #6650 @​trentm
• fix(configuration): remove stripMinItems and preprocessNullArrays from validation/parsing #6657 @​trentm
• fix(configuration): improve handling of enums in generated types #6659 @​trentm
• fix(configuration): improve the technique for removing '| null' on types the JSON Schema #6662 @​trentm
• fix(sampler-jaeger-remote): add missing axios dep #6656 @​trentm
• fix(exporter-prometheus): handle malformed URLs in Prometheus exporter request handler #6674 @​homanp

experimental/v0.216.0

0.216.0

🚀 Features

• feat(sdk-node): wire attribute_keys from declarative configuration to ViewOptions.attributesProcessors #6427 @​ravitheja4531-cell
• feat(sdk-node): set TracerProvider in startNodeSDK() #6607 @​maryliag

🐛 Bug Fixes

• fix(instrumentation-xml-http-request): avoid unwrapping XMLHttpRequest API when disabling #6611 @​david-luna
• fix(instrumentation-fetch): tolerate non-writable globalThis.fetch and fix premature _isEnabled / _isFetchPatched flips in enable() @​brunorodmoreira
• fix(instrumentation-xhr): resolve relative URLs before matching ignoreUrls #6551 @​Maximiliano-Zeballos
• fix(sdk-node): fix setting of ViewOption#name from ConfigurationModel #6620 @​trentm
• fix(web-common): add limit for timeout #6601 @​maryliag
• fix(otlp-transformer): pin protobufjs@8.0.1 as protobufjs@8.0.3 is broken for browser use #6646

🏠 Internal

• test(otlp-transformer): add metrics transform benchmark #6628 @​pichlermarc
• refactor(opentelemetry-exporter-prometheus): do not call enforcePrometheusNamingConvention() multiple times per metric #6636 @​cjihrig

Commits

• 74cde1b chore: prepare next release (#6675)
• e8f439a fix: handle malformed URLs in Prometheus exporter request handler (#6674)
• ab3a2e2 feat(sdk-node, configuration): diag log handling updates for startNodeSDK(), ...
• d5b7d1e fix(deps): update dependency axios to v1.15.2 [security] (#6670)
• c163618 chore(deps): update github/codeql-action digest to e46ed2c (#6661)
• ec2bfbe chore(configuration): move config generation scripts into the configuration p...
• acc9ecd chore(configuration): cosmetic changes to generated types.ts (#6663)
• 8f008ec chore: Move inactive members to emeritus (#6649)
• 435431e fix(configuration): improve the technique for removing '| null' on types due ...
• 4222024 fix(configuration): improve handling of enums in generated types (#6659)
• Additional commits viewable in compare view

Updates @opentelemetry/resources from 2.7.0 to 2.7.1

Release notes

Sourced from @​opentelemetry/resources's releases.

v2.7.1

2.7.1

🐛 Bug Fixes

• fix(core, api): defer trace state validation. Deprecate trace state implementation in api #6459 @​david-luna
  • important: this bug fix may be breaking for certain uses of TraceState
    • set now returns the same TraceState instance if key/value are invalid or makes the while trace state invalid.
    • unset now returns the same TraceState instance if key is not present.
    • best-effort parsing of invalid TraceStates has changed: when multiple keys with the same name are present, the most recent one will win.

🏠 Internal

• perf(sdk-trace-base): optimize TraceIdRatioBasedSampler performance #6284 @​AbhiPrasad
• perf(sdk-metrics): reduce loop overhead in sdk hot paths #6593 @​mcollina

Changelog

Sourced from @​opentelemetry/resources's changelog.

2.7.1

🐛 Bug Fixes

• fix(core, api): defer trace state validation. Deprecate trace state implementation in api #6459 @​david-luna
  • important: this bug fix may be breaking for certain uses of TraceState
    • set now returns the same TraceState instance if key/value are invalid or makes the while trace state invalid.
    • unset now returns the same TraceState instance if key is not present.
    • best-effort parsing of invalid TraceStates has changed: when multiple keys with the same name are present, the most recent one will win.

🏠 Internal

• perf(sdk-trace-base): optimize TraceIdRatioBasedSampler performance #6284 @​AbhiPrasad
• test: test Node.js 26 in CI #6671 @​cjihrig

Commits

• 2400d83 chore: prepare next release (#6647)
• f7a9b7c fix(otlp-transformer): pin protobufjs to 8.0.1 (#6646)
• cb38d7f test(otlp-transformer): add metrics transfrom benchmark (#6628)
• a28f12f fix(opentelemetry-core): defer tracestate vaidation (#6459)
• b27c514 refactor(opentelemetry-exporter-prometheus): do not call `enforcePrometheusNa...
• a2a8186 perf(sdk-trace-base): optimize TraceIdRatioBasedSampler hex parsing (#6284)
• 4c0f3f1 feat(sdk-node): set TracerProvider in startNodeSDK() (#6607)
• 417f2f1 fix(instr-xhr): do not unpatch XHR methods (#6611)
• 47ac523 Revert "chore: allow browser maintainers to approve changelog edits" (#6627)
• 86c621d fix(instrumentation-fetch): tolerate non-writable globalThis.fetch and fix pr...
• Additional commits viewable in compare view

Updates @opentelemetry/sdk-logs from 0.215.0 to 0.217.0

Release notes

Sourced from @​opentelemetry/sdk-logs's releases.

experimental/v0.217.0

0.217.0

🚀 Features

• feat(otlp-transformer): replace protobufjs trace serialization with custom implementation #6625 @​pichlermarc
• feat(configuration): auto-generate TypeScript types from OTel declarative config JSON schema (stable v1.0.0) using json-schema-to-typescript and ajv #6533 @​MikeGoldsmith
• feat(configuration, sdk-node): startNodeSDK() code path now uses log_level configuration to setup a DiagConsoleLogger #6668 @​trentm
  • Note that allowed values for log_level in a configuration YAML file are not the same set as for OTEL_LOG_LEVEL. Use log_level: trace to see all logs (equivalent of OTEL_LOG_LEVEL=ALL). Use log_level: fatal to effectively disable the SDK's internal diagnostic logger (equivalent of OTEL_LOG_LEVEL=NONE).
  • If log_level is not specified, a diagnostic console logger at "info" level will be setup.
  • An invalid YAML config file will now result in a noop OTel SDK.

🐛 Bug Fixes

• fix(configuration): do not validate OTEL_CONFIG_FILE value before using it for file config #6643 @​trentm
• fix(configuration): improve how 'additionalProperties' in JSON schema is translated to TS types #6650 @​trentm
• fix(configuration): remove stripMinItems and preprocessNullArrays from validation/parsing #6657 @​trentm
• fix(configuration): improve handling of enums in generated types #6659 @​trentm
• fix(configuration): improve the technique for removing '| null' on types the JSON Schema #6662 @​trentm
• fix(sampler-jaeger-remote): add missing axios dep #6656 @​trentm
• fix(exporter-prometheus): handle malformed URLs in Prometheus exporter request handler #6674 @​homanp

experimental/v0.216.0

0.216.0

🚀 Features

• feat(sdk-node): wire attribute_keys from declarative configuration to ViewOptions.attributesProcessors #6427 @​ravitheja4531-cell
• feat(sdk-node): set TracerProvider in startNodeSDK() #6607 @​maryliag

🐛 Bug Fixes

• fix(instrumentation-xml-http-request): avoid unwrapping XMLHttpRequest API when disabling #6611 @​david-luna
• fix(instrumentation-fetch): tolerate non-writable globalThis.fetch and fix premature _isEnabled / _isFetchPatched flips in enable() @​brunorodmoreira
• fix(instrumentation-xhr): resolve relative URLs before matching ignoreUrls #6551 @​Maximiliano-Zeballos
• fix(sdk-node): fix setting of ViewOption#name from ConfigurationModel #6620 @​trentm
• fix(web-common): add limit for timeout #6601 @​maryliag
• fix(otlp-transformer): pin protobufjs@8.0.1 as protobufjs@8.0.3 is broken for browser use #6646

🏠 Internal

• test(otlp-transformer): add metrics transform benchmark #6628 @​pichlermarc
• refactor(opentelemetry-exporter-prometheus): do not call enforcePrometheusNamingConvention() multiple times per metric #6636 @​cjihrig

Commits

• 74cde1b chore: prepare next release (#6675)
• e8f439a fix: handle malformed URLs in Prometheus exporter request handler (#6674)
• ab3a2e2 feat(sdk-node, configuration): diag log handling updates for startNodeSDK(), ...
• d5b7d1e fix(deps): update dependency axios to v1.15.2 [security] (#6670)
• c163618 chore(deps): update github/codeql-action digest to e46ed2c (#6661)
• ec2bfbe chore(configuration): move config generation scripts into the configuration p...
• acc9ecd chore(configuration): cosmetic changes to generated types.ts (#6663)
• 8f008ec chore: Move inactive members to emeritus (#6649)
• 435431e fix(configuration): improve the technique for removing '| null' on types due ...
• 4222024 fix(configuration): improve handling of enums in generated types (#6659)
• Additional commits viewable in compare view

Updates @slack/bolt from 4.7.1 to 4.7.2

Changelog

Sourced from @​slack/bolt's changelog.

4.7.2

Patch Changes

• 4545150: Require exact ssl_check=1 value to bypass signature verification, preventing truthy but incorrect values from skipping authentication checks.

Commits

• 81b2b3e chore: release (#2901)
• 4545150 fix: require exact ssl_check=1 value to bypass signature verification (#2899)
• 8318ca5 chore(deps): bump @​slack/socket-mode from 2.0.6 to 2.0.7 (#2900)
• e23efe8 fix: strip smuggled payload from ssl_check requests (#2898)
• ad576a1 ci: upload codecov coverage from Node.js 24.x (#2896)
• a5135ba ci: skip publish step if no release is needed (#2894)
• a24cf85 ci: auto-approve dependabot PRs for example project dependencies (#2893)
• e896807 chore(deps): update @​slack/bolt requirement from ^4.7.0 to ^4.7.1 in /example...
• 7432ca0 chore(deps): update @​slack/bolt requirement from ^4.7.0 to ^4.7.1 in /example...
• 7c61c15 chore(deps): update @​slack/bolt requirement from ^4.7.0 to ^4.7.1 in /example...
• Additional commits viewable in compare view

Updates @slack/web-api from 7.15.1 to 7.15.2

Release notes

Sourced from @​slack/web-api's releases.

@​slack/web-api@​7.15.2

Patch Changes

• 4b6fe3a: feat: add authorship arguments - icon_emoji, icon_url, and username - to the assistant.threads.setStatus and chat.startStream methods
• Updated dependencies [4f03ee8]
  • @​slack/types@​2.21.0

Commits

• fde2a7a chore: release (#2577)
• 4b6fe3a feat(web-api): add authorship arguments to assistant threads and chat stream ...
• f5696c3 cli-test(fix): wait for cli run start trace instead of activity output (#2355)
• 11dd0f5 feat(types): add Card, Carousel, and Alert block types (#2567)
• 4f03ee8 feat(types): add Card, Carousel, and Alert block types (#2567)
• a5a2954 chore(deps): bump slackapi/slack-github-action from 3.0.1 to 3.0.3 (#2574)
• 14f98c9 chore(deps): bump dependabot/fetch-metadata from 3.0.0 to 3.1.0 (#2575)
• b8b88cb chore(deps): bump uuid from 13.0.1 to 14.0.0 in /examples/openid-connect (#2576)
• ea8998b chore(deps): bump actions/setup-node from 6.3.0 to 6.4.0 (#2573)
• 4af912d ci: simplify test scripts and separate coverage from test runs (#2566)
• Additional commits viewable in compare view

Updates @workos-inc/node from 9.1.1 to 9.2.0

Release notes

Sourced from @​workos-inc/node's releases.

v9.2.0

9.2.0 (2026-05-04)

Features

• Add resource role assignments methods (#1580) (ec8dd0f)

---

This PR was generated with Release Please. See documentation.

Changelog

Sourced from @​workos-inc/node's changelog.

9.2.0 (2026-05-04)

Features

• Add resource role assignments methods (#1580) (ec8dd0f)

Commits

• fc3fab5 chore(main): release 9.2.0 (#1582)
• ec8dd0f feat: Add resource role assignments methods (#1580)
• c4793bc chore: Pin third-party GitHub Actions to full commit SHAs (#1575)
• See full diff in compare view

Updates @workos-inc/widgets from 1.10.2 to 1.12.0

Commits

• See full diff in compare view

Updates express-rate-limit from 8.4.1 to 8.5.1

Release notes

Sourced from express-rate-limit's releases.

v8.5.1

You can view the changelog here.

v8.5.0Description has been truncated